Lucene search
K

100 matches found

OSV
OSV
added 2022/09/17 1:6 a.m.7 views

GSD-2022-1006205 ALSA: timer: Use deferred fasync helper

ALSA: timer: Use deferred fasync helper This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.291 by commit...

7.3AI score
Exploits0
Positive Technologies
Positive Technologies
added 2022/09/17 12:0 a.m.4 views

PT-2022-34018 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.138 Description: The issue is related to the ALSA timer and the use of a deferred fasync helper. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versio...

7.2AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/09/17 12:0 a.m.3 views

PT-2022-34206 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.211 Description: The issue is related to the ALSA timer and the use of a deferred fasync helper. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel version...

7.2AI score
Exploits0References1
OSV
OSV
added 2022/09/16 11:59 p.m.11 views

GSD-2022-1005468 ALSA: timer: Use deferred fasync helper

ALSA: timer: Use deferred fasync helper This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.63 by commit...

7.3AI score
Exploits0
Positive Technologies
Positive Technologies
added 2022/09/16 12:0 a.m.3 views

PT-2022-33726 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.63 Description: The issue is related to the ALSA timer and the use of a deferred fasync helper. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel version...

7.2AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/09/16 12:0 a.m.5 views

PT-2022-33330 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.4 Description: The issue is related to the ALSA timer and the use of a deferred fasync helper. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions...

7.2AI score
Exploits0References1
Cloud Foundry
Cloud Foundry
added 2020/02/05 12:0 a.m.94 views

USN-4227-1: Linux kernel vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Description It was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service system crash or...

10CVSS8.8AI score0.16908EPSS
Exploits1Affected Software1
Ubuntu
Ubuntu
added 2020/01/07 8:52 p.m.189 views

USN-4227-2: Linux kernel (Azure) vulnerabilities

USN-4227-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux kernel for Microsoft Azure Cloud systems for Ubuntu 14.04 ESM. It was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex Driver for the...

10CVSS7.3AI score0.16908EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2020/01/07 12:0 a.m.119 views

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-4227-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4227-1 advisory. It was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex Driver for the Linux kernel. A physically proximate attack...

10CVSS7.5AI score0.16908EPSS
Exploits1References15
Tenable Nessus
Tenable Nessus
added 2018/07/12 12:0 a.m.63 views

OracleVM 3.3 : Unbreakable / etc (OVMSA-2018-0237)

The remote OracleVM system is missing necessary patches to address critical security updates : - dm: fix race between dmgetfromkobject and dmdestroy Hou Tao CVE-2017-18203 - drm: udl: Properly check framebuffer mmap offsets Greg Kroah-Hartman Orabug: 27986407 CVE-2018-8781 - kernel/exit.c: avoid...

7.8CVSS7.2AI score0.04252EPSS
Exploits18References23
Tenable Nessus
Tenable Nessus
added 2017/12/11 12:0 a.m.98 views

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2017-3658)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3658 advisory. - ping: implement proper locking Eric Dumazet Orabug: 26540288 CVE-2017-2671 - mm: Tighten x86 /dev/mem with zeroing reads Kees Cook Orabug: 266759...

8.8CVSS7.5AI score0.17827EPSS
Exploits53References4
Tenable Nessus
Tenable Nessus
added 2017/12/11 12:0 a.m.70 views

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3657)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3657 advisory. - mm: Tighten x86 /dev/mem with zeroing reads Kees Cook Orabug: 26675925 CVE-2017-7889 - more biomapuseriov leak fixes Al Viro Orabug: 27069042...

8.8CVSS7.5AI score0.16181EPSS
Exploits32References3
Oracle linux
Oracle linux
added 2017/12/07 12:0 a.m.85 views

Unbreakable Enterprise kernel security update

kernel-uek 3.8.13-118.20.1 - tty: Fix race in ptywrite leading to NULL deref Todd Vierling Orabug: 25392692 - ocfs2/dlm: ignore cleaning the migration mle that is inuse xuejiufei Orabug: 26479780 - KEYS: fix dereferencing NULL payload with nonzero length Eric Biggers Orabug: 26592025 - oracleasm:...

8.8CVSS8.6AI score0.16181EPSS
Exploits32
Tenable Nessus
Tenable Nessus
added 2017/12/01 12:0 a.m.53 views

Oracle Linux 7 : kernel (ELSA-2017-3315)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2017-3315 advisory. - sound alsa: timer: Use common error handling code in alsatimerinit Jaroslav Kysela 1465998 1465999 CVE-2017-1000380 - sound alsa: timer: Adjust a condition...

5.5CVSS6.6AI score0.00721EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2017/12/01 12:0 a.m.49 views

RHEL 7 : kernel (RHSA-2017:3315)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2017:3315 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. These updated kernel packages include several security issues a...

5.5CVSS6.2AI score0.00721EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2017/11/30 3:18 p.m.5 views

kernel: information leak due to a data race in ALSA timer

It was found that the timer functionality in the Linux kernel ALSA subsystem is prone to a race condition between read and ioctl system call handlers, resulting in an uninitialized memory disclosure to user space. A local user could use this flaw to read information belonging to other users...

5.5CVSS7.1AI score0.00721EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2017/11/30 1:14 p.m.7 views

kernel: information leak due to a data race in ALSA timer

It was found that the timer functionality in the Linux kernel ALSA subsystem is prone to a race condition between read and ioctl system call handlers, resulting in an uninitialized memory disclosure to user space. A local user could use this flaw to read information belonging to other users...

5.5CVSS7.1AI score0.00721EPSS
Exploits0References4
Cvelist
Cvelist
added 2017/06/17 6:0 p.m.21 views

CVE-2017-1000380

sound/core/timer.c in the Linux kernel before 4.11.5 is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed when a read and an ioctl happen at the same ti...

6AI score0.00721EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2016/11/22 12:0 a.m.45 views

OracleVM 3.3 : Unbreakable / etc (OVMSA-2016-0163)

The remote OracleVM system is missing necessary patches to address critical security updates : - aacraid: Check size values after double-fetch from user Dave Carroll Orabug: 25060050 CVE-2016-6480 CVE-2016-6480 - IB/srpt: Simplify srpthandletskmgmt Bart Van Assche Orabug: 25060011 CVE-2016-6327 -...

7.8CVSS6.5AI score0.01213EPSS
Exploits6References10
Tenable Nessus
Tenable Nessus
added 2016/11/22 12:0 a.m.121 views

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2016-3644)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-3644 advisory. - acpi: Disable ACPI table override if securelevel is set Linn Crosetto Orabug: 25058966 CVE-2016-3699 - aacraid: Check size values after...

7.8CVSS6.6AI score0.01393EPSS
Exploits9References11
Rows per page
Query Builder