139 matches found
CVE-2023-1998 affecting package kernel for versions less than 5.15.111.1-1
CVE-2023-1998 affecting package kernel for versions less than 5.15.111.1-1. A patched version of the package is available...
SUSE SLES15: cluster-md-kmp-rt / dlm-kmp-rt / gfs2-kmp-rt / kernel-devel-rt / etc (SUSE-SU-2023:2231-1)
The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2231-1 advisory. The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security and bugfixes. The following security bugs were...
SUSE SLED12: cluster-md-kmp-default / dlm-kmp-default / gfs2-kmp-default / etc (SUSE-SU-2023:2163-1)
The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2163-1 advisory. The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following...
SUSE: Security Advisory (SUSE-SU-2023:2162-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2023:2147-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-2124: Fixed an out of bound access in the XFS subsystem that could have lead to denial-of-service or potentially privilege escalation bsc1210498. -...
SUSE-SU-2023:2141-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP4 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-2235: A use-after-free vulnerability in the Performance Events system can be exploited to achieve local privilege escalation bsc1210986. -...
CVE-2023-1998 Spectre v2 SMT mitigations problem in Linux kernel
The Linux kernel allows userspace processes to enable mitigations by calling prctl with PRSETSPECULATIONCTRL which disables the speculation feature as well as by using seccomp. We had noticed that on VMs of at least one major cloud provider, the kernel still left the victim process exposed to...
CVE-2023-1998 Spectre v2 SMT mitigations problem in Linux kernel
The Linux kernel allows userspace processes to enable mitigations by calling prctl with PRSETSPECULATIONCTRL which disables the speculation feature as well as by using seccomp. We had noticed that on VMs of at least one major cloud provider, the kernel still left the victim process exposed to...
Linux Kernel 6.2 - Userspace Processes To Enable Mitigation
Exploit Title: Linux Kernel 6.2 - Userspace Processes To Enable Mitigation Exploit Author: nu11secur1ty CVE ID: CVE-2023-1998 Description Summary The Linux kernel allows userspace processes to enable mitigations by calling prctl with PRSETSPECULATIONCTRL which disables the speculation feature as...
CVE-2023-1998
creationtimestamp| type| source ---|---|--- 2023-04-13 15:42:30+00:00| published-proof-of-concept| https://t.me/crackcodes/3217 2023-04-13 18:02:40+00:00| published-proof-of-concept| Telegram/nOV8ZEE9XYwGsit57jb8YQy3NY154LLs4S99UuDLS8Of 2023-04-13 22:37:28+00:00| published-proof-of-concept|...
Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2023-138)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-138 advisory. In the Linux kernel, the following vulnerability has been resolved: drm: Fix potential null-ptr-deref due to drmmmodeconfiginit CVE-2022-50556 A double-free vulnerability was found in the...
Amazon Linux 2 : libsndfile (ALAS-2023-1998)
The version of libsndfile installed on the remote host is prior to 1.0.25-12. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-1998 advisory. An out-of-bounds read flaw was found in libsndfile's FLAC codec functionality. An attacker who is able to submit a specially...
SUSE CVE-2013-1998
Multiple buffer overflows in X.org libXi 1.7.1 and earlier allow X servers to cause a denial of service crash and possibly execute arbitrary code via crafted length or index values to the 1 XGetDeviceButtonMapping, 2 XIPassiveGrabDevice, and 3 XQueryDeviceState functions...
Moderate: Red Hat Security Advisory: kernel-rt security and bug fix update
An update for kernel-rt is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
Moderate: kernel-rt security and bug fix update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: off-path attacker may inject data or terminate victim's TCP session CVE-2020-36516 use-after-free vulnerability in function scosocksendmsg...
Moderate: kernel security, bug fix, and enhancement update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: off-path attacker may inject data or terminate victim's TCP session CVE-2020-36516 use-after-free vulnerability in function scosocksendmsg CVE-2021-3640 smb2ioctlqueryinfo NULL pointer dereferenc...
CVE-2022-1998 affecting package kernel 5.10.117.1-2
CVE-2022-1998 affecting package kernel 5.10.117.1-2. A patched version of the package is available...
CVE-2022-1998 affecting package kernel for versions less than 5.15.48.1-2
CVE-2022-1998 affecting package kernel for versions less than 5.15.48.1-2. A patched version of the package is available...
CVE-2022-1998
creationtimestamp| type| source ---|---|--- 2022-06-09 18:33:22+00:00| seen| https://t.me/cibsecurity/44098...
CVE-2022-1998
The CVE-2022-1998 entry concerns a use-after-free in the Linux kernel's File System notify path, specifically in the way a user-triggered copy_info_records_to_user() call may fail in copy_event_to_user(). The issue could allow a local attacker to crash the system and potentially escalate privileg...