Lucene search

K
redosRedosROS-20240821-02
HistoryAug 21, 2024 - 12:00 a.m.

ROS-20240821-02

2024-08-2100:00:00
redos.red-soft.ru
9
linux
kernel
vulnerability
memory
disclosure
denial of service
resource handling
remote access
unprotected access
information protection
amd
cryptographic coprocessor
usb
file system
nfs
multipath protocol
i2c bus
hid device
alsa
sound subsystem

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

9.4

Confidence

High

Vulnerability of the seg6_init() function in the net/ipv6/seg6.c module of the IPv6 protocol implementation of the Linux kernel is related to the reuse of previously freed memory.
Linux kernel is related to the reuse of previously freed memory. Exploitation of the vulnerability
could allow an attacker to cause a denial of service

A vulnerability in the __ip6_tnl_rcv() function in the net/ipv6/ip6_tunnel.c module of the IPv6 protocol implementation of the Linux operating system kernel is related to the use of uninitialized memory.
of Linux operating system is related to the use of uninitialized memory. Exploitation of the vulnerability
could allow a remote attacker to disclose protected information or cause a denial of service.
denial of service

Vulnerability of __sev_platform_shutdown_locked() function in drivers/crypto/ccp/sev-dev.c module of driver
AMD cryptographic coprocessor driver of Linux kernel is related to dereferencing of null pointer.
pointer. Exploitation of the vulnerability could allow an attacker to cause a denial of service

Vulnerability of i2c_hid_of_probe() function in drivers/hid/i2c-hid/i2c-hid-of.c module of HID device driver
of I2C bus of Linux kernel is related to null pointer dereferencing. Exploitation
of the vulnerability could allow an attacker to cause a denial of service

Vulnerability in the mptcp_sk_clone_init() function in the net/mptcp/protocol.c module of the Multipath protocol implementation
TCP (MPTCP) of the Linux operating system kernel is related to repeated memory freeing. Exploitation
the vulnerability could allow an attacker to cause a denial of service

A vulnerability in the print_absolute_relocs() function in the arch/x86/tools/relocs.c module of the arch/x86/tools/relocs.c module of the Linux operating system kernel is related to information disclosure.
Linux is related to information disclosure. Exploitation of the vulnerability could allow an attacker to gain
access to protected information

Vulnerability of aoecmd_cfg_pkts() function in aoe component of Linux operating system kernel is related to
incorrectly updating refcnt on struct net_device, and using memory after release,
could cause a race condition between struct and skbtxq. Exploitation of the vulnerability could allow an
An attacker to cause a denial of service

A vulnerability in the run_spu_dma() function in the sound/sh/aica.c module of the sound subsystem (ALSA) module of the kernel of the Linux operating system
Linux kernel is related to memory usage after release due to competitive access to a resource
(race condition). Exploitation of the vulnerability could allow an attacker to cause a denial of service

A vulnerability in the check_for_locks() function in the fs/nfsd/nfs4state.c module of the NFS file system server of the NFS kernel of the
of Linux operating system is related to incorrect serialization check. Exploitation of the vulnerability could
allow an attacker acting remotely to cause a denial of service

Vulnerability of cdns3_gadget_giveback() function in drivers/usb/cdns3/cdns3-gadget.c module of USB driver
Cadence of the Linux operating system kernel is related to the re-release of allocated memory.
Exploitation of the vulnerability could allow an attacker to impact the confidentiality,
integrity and availability of protected information

Vulnerability of the create_snapshot() function in the fs/btrfs/ioctl.c module of the btrfs file system of the Linux kernel is related to the lack of integrity check.
Linux kernel file system btrfs is related to the lack of integrity check after disk deletion. Exploitation of the vulnerability
could allow an attacker to cause a denial of service

A vulnerability in the kfd_svm.c component of the Linux operating system kernel exists due to insufficient validation of the
of input data. Exploitation of the vulnerability could allow an attacker to gain unauthorized access to protected information or cause a denial of service.
protected information or cause a denial of service

Vulnerability of stack_map_alloc() function in kernel/bpf/stackmap.c module of BPF subsystem of Linux kernel on 32-bit architectures.
Linux kernel on 32-bit architectures is related to integer overflow. Exploitation of the vulnerability
could allow an attacker to affect the confidentiality, integrity, and availability of protected information
of protected information

Vulnerability of htab_map_alloc() function in kernel/bpf/hashtab.c module of BPF subsystem of Linux kernel on 32-bit architectures is related to integer overflow.
of Linux kernel on 32-bit architectures is related to integer overflow. Exploitation of the vulnerability
could allow an attacker to affect the confidentiality, integrity, and availability of protected information
of protected information

Vulnerability in the gtp_init() function in the drivers/net/gtp.c module of the Linux kernel that could allow an attacker to cause a denial of service.
an attacker to cause a denial of service

Vulnerability of dev_map_init_map() function in kernel/bpf/devmap.c module of BPF subsystem of Linux kernel, which allows an attacker to cause a denial of service.
Linux operating system kernel BPF subsystem is related to integer overflow. Exploitation of the vulnerability could allow an attacker to
affect confidentiality, integrity and availability of protected information

Vulnerability of the ksmbd_nl_policy() function in the fs/smb/server/transport_ipc.c module of the SMB (Server Message Block) network protocol implementation.
SMB (Server Message Block) protocol of in-core CIFS/SMB3 ksmbd server of the kernel of the Linux operating system is related to memory reading for the memory of the internal CIFS/SMB3 server.
Linux kernel ksmbd server is related to memory reading outside the allocated buffer. Exploitation of the vulnerability could
allow an attacker to affect the confidentiality, integrity, and availability of protected information
information

Vulnerability of ip6_tnl_parse_tlv_enc_lim() function in net/ipv6/ip6_tunnel.c module of IPv6 protocol implementation in Linux kernel is related to the use of uninitialized memory outside the allocated buffer.
kernel of Linux operating system is related to the use of uninitialized memory. Exploitation
of the vulnerability could allow an attacker acting remotely to affect confidentiality,
integrity and availability of protected information

Vulnerability of the nf_tables_unbind_set() function in the net/netfilter/nf_tables_api.c module of the netfilter component of the Linux operating system kernel is related to the competitive nature of the nf_tables_unbind_set() function.
of the Linux kernel is related to competitive access to a resource (race condition).
Exploitation of the vulnerability could allow an attacker to cause a denial of service

A firmware vulnerability in Intel, AMD, ARM and IBM processors is related to the occurrence of race conditions in the
speculative race conditions that can lead to accessing already freed memory regions in case of incorrect prediction of the race condition.
memory, in case the processor incorrectly predicts a branching in the code. Exploitation of the vulnerability
allows an attacker to access protected memory from a program that does not have the appropriate
privileges, by creating conditions for incorrect prediction of execution branches

Vulnerability of __smc_diag_dump() function in net/smc/smc_diag.c module of the SMC protocol implementation of the kernel of the
of Linux operating system is related to pointer dereferencing errors. Exploitation of the vulnerability could
allow an attacker to cause a denial of service

Vulnerability of the can_map_frag() function in the net/ipv4/tcp.c module of the IPv4 protocol implementation of the Linux kernel is related to the lack of necessary checks for pointer dereferencing.
Linux kernel IPv4 protocol implementation is related to the lack of necessary data correctness checks. Exploitation of the vulnerability
could allow an attacker acting remotely to cause a denial of service

Vulnerability of the unix_state_double_lock() function in the net/unix/af_unix.c module of the AF_UNIX sockets implementation of the AF_UNIX kernel of the Linux operating system is related to the violation of the mechanism of the unix_state_double_lock() function.
of Linux operating system is related to synchronization mechanism violation. Exploitation of the vulnerability could
allow an attacker to cause a denial of service

A vulnerability in the sock_orphan() function of the Linux operating system kernel exists due to insufficient validation of the
of input data. Exploitation of the vulnerability could allow an attacker to impact the
confidentiality, integrity and availability of protected information

Vulnerability of the sr9800_bind() function in the drivers/net/usb/sr9800.c module of the Linux kernel of the operating system kernel
is related to the lack of verification of the function’s return code. Exploitation of the vulnerability could allow an attacker to
cause a denial of service

Vulnerability of the reqsk_queue_alloc() function in the net/core/request_sock.c module of the TCP protocol implementation kernel of the
of the Linux operating system is related to the flaws of the serialization mechanism leading to competitive
access to a resource (race condition). Exploitation of the vulnerability could allow an intruder acting
remotely, to affect confidentiality, integrity and availability of protected information

A vulnerability in the ext4_move_extents() function in the fs/ext4/move_extent.c module of the ext4 file system module of the ext4 kernel of the
of Linux operating system is related to repeated release of allocated memory. Exploitation of the vulnerability
could allow an attacker to cause a denial of service

Vulnerability of the ipv6_mc_down() function in the net/ipv6/mcast.c module of the IPv6 protocol implementation of the Linux operating system kernel is related to competitive access to the IPv6 protocol.
Linux kernel IPv6 protocol implementation is related to competitive access to a resource (race condition). Exploitation of the vulnerability could
allow a remote attacker to affect the confidentiality, integrity and availability of protected information.
availability of protected information

Vulnerability of the gtp_init() function in the drivers/net/gtp.c module of the GPRS protocol implementation of the kernel of the Linux operating system
Linux kernel protocol implementation is related to the reuse of previously freed memory. Exploitation of the vulnerability
could allow an attacker to cause a denial of service

Vulnerability of cdns3_gadget_ep_disable() function in drivers/usb/cdns3/cdns3-gadget.c module of USB driver
Cadence of the Linux operating system kernel is related to the reuse of previously freed memory.
Exploitation of the vulnerability could allow an attacker to affect the confidentiality and availability of protected information.
availability of protected information

Vulnerability of the llc_conn_handler() function in the net/llc/llc_conn.c module of the LLC protocol implementation of the kernel of the
of the Linux operating system is related to the use of uninitialized memory. Exploitation of the vulnerability
could allow an attacker to cause a denial of service

A vulnerability in the netfilter component of the Linux kernel is related to memory usage after its
release in the nft_verdict_init() function in the net/netfilter/nf_tables_api.c module. Exploitation
of the vulnerability could allow an attacker to affect the confidentiality, integrity and availability of protected information.
availability of protected information

Vulnerability in wilc_netdev_cleanup() in drivers/net/wireless/microchip/wilc1000/netdev.c module
of the Atmel WILC1000 driver in the Linux kernel is related to the reuse of previously freed memory.
of previously freed memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service

Vulnerability in iwl_dbg_tlv_override_trig_node() in module
drivers/net/wireless/intel/iwlwifi/iwl-dbg-tlv.c of Intel iwlwifi wireless adapter driver
of the Linux operating system kernel is associated with writes outside the allocated buffer. Exploitation
of the vulnerability could allow an attacker to affect the confidentiality, integrity and availability of protected information.
availability of protected information

Vulnerability of __prep_cap() function in fs/ceph/caps.c module of ceph file system of Linux kernel is related to reuse of previously freed buffer.
Linux kernel is related to the reuse of previously freed memory due to competitive access to the resource (race condition).
resource (race condition). Exploitation of the vulnerability could allow an intruder to impact the
confidentiality and availability of protected information

Vulnerability in the hugetlbfs_parse_param() function in the fs/hugetlbfs/inode.c module of the memory management system
HugeTLB of the Linux operating system kernel is related to null pointer dereferencing. Exploitation
the vulnerability could allow an attacker to cause a denial of service

A vulnerability in the qcom_rng_read() function of the qcom-rng.c component of the qcom-rng.c kernel of the Linux operating system is related to
execution of a loop with an inaccessible exit condition. Exploitation of the vulnerability could allow an attacker to
cause a denial of service

Vulnerability of rds_recv_track_latency() function in net/rds/af_rds.c module of RDS protocol implementation (Reliable
Datagram Sockets) protocol implementation of the Linux kernel is related to memory reading outside the allocated
buffer. Exploitation of the vulnerability could allow an attacker to affect confidentiality and availability of protected information.
availability of protected information

Vulnerability of hci_error_reset() function in net/bluetooth/hci_core.c module of Linux kernel is related to reuse of previously freed buffer.
is related to the reuse of previously freed memory. Exploitation of the vulnerability could allow
an intruder to affect confidentiality, integrity and availability of protected information

Vulnerability of the llc_ui_sendmsg() function in the net/llc/af_llc.c module of the LLC2 protocol implementation kernel of the
of Linux operating system is related to the use of incorrect data. Exploitation of the vulnerability could
allow an attacker to cause a denial of service

Vulnerability of dwc3_gadget_suspend() function in drivers/usb/dwc3/gadget.c module of USB driver DesignWare kernel of the
of Linux operating system is related to null pointer dereferencing. Exploitation of the vulnerability could
allow an attacker to cause a denial of service

OSVersionArchitecturePackageVersionFilename
redos7.3x86_64kernel-lt< 6.1.94-1UNKNOWN

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

9.4

Confidence

High