RedosROS-20240909-03ROS-20240909-03
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
Vulnerability of the optee_register_device() function in the drivers/tee/optee/device.c module of the Trusted
Execution Environment (TEE) module of the Linux kernel is related to incorrect processing of the return code.
return code. Exploitation of the vulnerability could allow an attacker to cause a denial of service
Vulnerability of ip_tunnel_rcv() function in net/ipv4/ip_tunnel.c module of IPv4 protocol implementation of Linux kernel is related to incorrect processing of return code.
of the Linux operating system is related to incorrect processing of the network packet header. Exploitation
exploitation of the vulnerability may allow an intruder to affect confidentiality, integrity and availability of protected information.
availability of protected information
Vulnerability of sparx5_del_mact_entry() function in module
drivers/net/ethernet/microchip/sparx5/sparx5_mactable.c of the sparx5 driver of the Linux kernel
is related to the reuse of previously freed memory. Exploitation of the vulnerability could allow
an attacker to cause a denial of service
Vulnerability in bnx2x_set_fw_mac_addr() function in drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.h module
of the Broadcom NetXtremeII 10Gb driver of the Linux operating system kernel is related to the reuse of the
of previously freed memory due to competitive access to the resource (race condition). Exploitation of the
of the vulnerability could allow an attacker to cause a denial of service
A vulnerability in the mtk_spi_interrupt() function in the drivers/spi/spi-mt65xx.c module of the Mediatek SPI driver of the kernel of the
of Linux operating system is related to null pointer dereferencing. Exploitation of the vulnerability could
allow an attacker to cause a denial of service
A vulnerability in the sev_mem_enc_register_region() function in the arch/x86/kvm/svm/sev.c module of the KVM component of the KVM kernel of the
of Linux operating system is related to reuse of previously freed memory. Exploitation
of the vulnerability could allow an attacker to cause a denial of service
Related
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High