Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redosRedosROS-20240830-01
HistoryAug 30, 2024 - 12:00 a.m.

ROS-20240830-01

2024-08-3000:00:00
redos.red-soft.ru
5
linux kernel
vulnerability
denial of service
information security
component
exploitation
confidentiality
integrity
availability
memory release
incorrect locking
null pointer
race condition
slab boundaries
permissions
driver attempt
integer overflow
interlocking
usage error
invalid pointer

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

6.6

Confidence

High

JSON

Vulnerability of the rndis_set_response() function in the rndis component of the Linux kernel is related to the
β€œBufOffset + 8” operation, which can cause an integer overflow. Exploitation of the vulnerability
could allow an attacker to cause a denial of service

A vulnerability in the drm/vrr component of the Linux operating system kernel is related to a driver attempt to call the
drm core set prop() function without a connection. Exploitation of the vulnerability could allow an attacker to cause a
denial of service

Vulnerability of ice_update_vsi_tx_ring_stats() function in ice component of Linux operating system kernel
is related to dereferencing a NULL pointer in a procedure that updates Tx statistics. Exploitation of the
of the vulnerability could allow an attacker to cause a denial of service

Vulnerability in the net/packet component of the Linux kernel is related to access outside of the
slab boundaries in packet_recvmsg(). Exploitation of the vulnerability could allow an attacker to affect the
confidentiality, integrity and availability of protected information

A vulnerability in the ice component of the Linux operating system kernel is related to the appearance of a race condition that
can lead to interlocking when an interface leaves the LAG and immediately re-enters the LAG.
Exploitation of the vulnerability could allow an attacker to cause a denial of service

A vulnerability in the tracing/osnoise component of the Linux operating system kernel is related to improper handling of
permissions. Exploitation of the vulnerability could allow an attacker to affect the confidentiality, integrity
and availability of protected information

Vulnerability in the gadget component of the Linux operating system kernel is related to a usage error after a
memory release due to failure to install udc→dev.driver. Exploitation of the vulnerability could allow an attacker to
cause a denial of service

A vulnerability in the mpt3sas component of the Linux operating system kernel is related to the release of an invalid
pointer or reference. Exploitation of the vulnerability could allow an attacker to cause a denial of service

A vulnerability in the vmscan component of the Linux operating system kernel is related to incorrect locking.
Exploitation of the vulnerability could allow an attacker to cause a denial of service

OSVersionArchitecturePackageVersionFilename
redos7.3x86_64kernel-lt<Β 6.1.94-1UNKNOWN

Related

osv 9
debiancve 9
ubuntucve 9
vulnrichment 9
redhatcve 9
cvelist 9
nvd 9
cbl_mariner 1
nessus 12
cve 9
openvas 4
osv
osv
CVE-2022-48835
2024-07-16 13:15:00
CVE-2022-48848
2024-07-16 13:15:00
CVE-2022-48838
2024-07-16 13:15:00
debiancve
debiancve
CVE-2022-48837
2024-07-16 13:15:11
CVE-2022-48848
2024-07-16 13:15:12
CVE-2022-48800
2024-07-16 12:15:04
ubuntucve
ubuntucve
CVE-2022-48837
2024-07-16 00:00:00
CVE-2022-48848
2024-07-16 00:00:00
CVE-2022-48835
2024-07-16 00:00:00
vulnrichment
vulnrichment
CVE-2022-48837 usb: gadget: rndis: prevent integer overflow in rndis_set_response()
2024-07-16 12:25:09
CVE-2022-48848 tracing/osnoise: Do not unregister events twice
2024-07-16 12:25:16
CVE-2022-48835 scsi: mpt3sas: Page fault in reply q processing
2024-07-16 12:25:07
redhatcve
redhatcve
CVE-2022-48839
2024-07-16 20:57:03
CVE-2022-48848
2024-07-16 20:24:36
CVE-2022-48800
2024-07-16 23:25:03
cvelist
cvelist
CVE-2022-48848 tracing/osnoise: Do not unregister events twice
2024-07-16 12:25:16
CVE-2022-48835 scsi: mpt3sas: Page fault in reply q processing
2024-07-16 12:25:07
CVE-2022-48800 mm: vmscan: remove deadlock due to throttling failing to make progress
2024-07-16 11:43:53
nvd
nvd
CVE-2022-48800
2024-07-16 12:15:04
CVE-2022-48837
2024-07-16 13:15:11
CVE-2022-48848
2024-07-16 13:15:12
cbl_mariner
cbl_mariner
CVE-2022-48841 affecting package kernel for versions less than 5.15.164.1-1
2024-08-20 21:54:44
nessus
nessus
CBL Mariner 2.0 Security Update: kernel (CVE-2022-48841)
2024-08-11 00:00:00
Amazon Linux 2 : kernel (ALASKERNEL-5.10-2022-013)
2022-05-02 00:00:00
Amazon Linux 2 : kernel (ALASKERNEL-5.4-2022-024)
2022-05-02 00:00:00
cve
cve
CVE-2022-48848
2024-07-16 13:15:12
CVE-2022-48841
2024-07-16 13:15:11
CVE-2022-48800
2024-07-16 12:15:04
openvas
openvas
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:2947-1)
2024-08-20 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-2394)
2024-09-12 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:2901-1)
2024-08-15 00:00:00

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

6.6

Confidence

High

JSON
Related for ROS-20240830-01
osv9debiancve9ubuntucve9vulnrichment9redhatcve9cvelist9nvd9cbl_mariner1nessus12cve9openvas4