15 matches found
GSD-2022-1005549 btrfs: replace BTRFS_MAX_EXTENT_SIZE with fs_info->max_extent_size
btrfs: replace BTRFSMAXEXTENTSIZE with fsinfo-maxextentsize This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.64 by commit...
Talos vulnerable dependency due to race condition in Linux kernel's IP framework XFRM
Impact A race condition was found in the Linux kernel's IP framework for transforming packets XFRM subsystem when multiple calls to xfrmprobealgs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing ...
PT-2022-33695 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.64 Description: The issue is related to the removal of vmemmap pages from kmemleak in put page bootmem. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel...
PT-2022-33714 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.64 Description: The issue is related to the prohibition of usage of non-balanced queue id in the ice xsk component. The actual impact and attack plausibility have not yet been proven. Recommendations: For...
PT-2022-33713 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.64 Description: The issue is related to use-after-free bugs caused by pn532 cmd timeout in the pn533 NFC component. The actual impact and attack plausibility have not yet been proven. Recommendations: For...
PT-2022-33684 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.64 Description: The issue is related to an overflow while configuring a loop. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to v5.15.6...
PT-2022-33704 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.64 Description: A data-race issue exists around netdev budget. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to v5.15.64, update to...
PT-2022-33724 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.64 Description: The issue is related to a null pointer dereference in the xfrm policy metadata dst-dev xmit. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux...
PT-2022-33705 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.64 Description: The issue concerns a data-race around sysctl max skb frags. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to v5.15.64,...
PT-2022-33687 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v5.15.42 through v5.15.63 Description: The issue is related to the Arm Cortex-A76 and concerns the match list for erratum 1286807. The actual impact and attack plausibility have not yet been proven. Recommendations: For...
PT-2022-33702 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.64 Description: The issue concerns a data-race around sysctl fb tunnels only for init net. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions pri...
PT-2022-33682 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.64 Description: A potential security issue exists due to improper reversion of changes when the vc resize function fails. The actual impact and attack plausibility have not yet been proven. Recommendations...
PT-2022-33693 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.64 Description: The issue is related to a double free of GS and RI CBs on fork failure. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior ...
PT-2022-33657 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v5.15.64 through v5.15.65 Description: The issue is related to a null-ptr dereference in the alloc-vma vm mm. It was introduced in version v5.15.64 and fixed in version v5.15.66. The actual impact and attack plausibility...
PT-2022-33710 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.64 Description: The issue concerns data-races around weight p and dev weight rtx bias. It was introduced in version v4.11 and fixed in version v5.15.64. The actual impact and attack plausibility have not y...