Lucene search
+L

346 matches found

redhat
redhat
added 2023/11/07 9:3 a.m.3 views

kernel: net/sched: flower: fix filter idr initialization

A flaw was found in the Linux kernel’s networking traffic control flower classifier. The initialization of the filter IDR was moved too early in the flchange path, allowing concurrent access by multiple users while the structure was still in an inconsistent state. Under certain conditions, this...

5.8AI score0.00155EPSS
Exploits0References5
bdu_fstec
bdu_fstec
added 2023/10/09 12:0 a.m.7 views

The vulnerability of the pfn_swap_entry_to_page() function in the include/linux/swapops.h module of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the pfnswapentrytopage function in the include/linux/swapops.h module of the Linux kernel is related to concurrent access to resources race condition. Exploiting this vulnerability could allow a attacker to cause a service failure...

4.7CVSS6.2AI score0.00179EPSS
Exploits0References6Affected Software1
bdu_fstec
bdu_fstec
added 2023/09/29 12:0 a.m.11 views

The vulnerability of the __ip_set_put_netlink() function in the net/netfilter/ipset/ip_set_core.c module of the netfilter kernel of the Linux operating system allows a hacker to induce a service failure.

The vulnerability of the ipsetputnetlink function in the net/netfilter/ipset/ipsetcore.c module of the netfilter component of the Linux operating system is related to concurrent access to resources race condition. Exploiting this vulnerability could allow a attacker to cause service interruptions...

4.7CVSS6.4AI score0.00275EPSS
Exploits1References14Affected Software4
bdu_fstec
bdu_fstec
added 2023/08/01 12:0 a.m.4 views

The vulnerability of the idt77252_exit() function in the drivers/atm/idt77252.c file of the ATM network driver for the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the idt77252exit function in the drivers/atm/idt77252.c file of the ATM network driver for the Linux operating system is related to the reutilization of previously freed memory due to concurrent access to resources. Exploiting this vulnerability could allow an attacker to...

7CVSS6.6AI score0.00405EPSS
Exploits1References27Affected Software3
bdu_fstec
bdu_fstec
added 2023/07/21 12:0 a.m.6 views

The vulnerability of the nft_chain_lookup_byid() function in the net/netfilter/nf_tables_api.c module of the Linux kernel’s netfilter packet filtering subsystem allows a attacker to escalate their privileges and compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the nftchainlookupbyid function in the net/netfilter/nftablesapi.c module of the Linux kernel’s packet filtering subsystem is related to the reutilization of previously freed memory due to concurrent access to resources. Exploiting this vulnerability could allow an attacker t...

7.8CVSS6.5AI score0.0205EPSS
Exploits0References15Affected Software5
bdu_fstec
bdu_fstec
added 2023/06/30 12:0 a.m.6 views

The vulnerability of the dm1105_remove() function in the drivers/media/pci/dm1105/dm1105.c file of the TV Tuner driver on the DM1105 chip in the Linux operating system can be exploited by an attacker, thereby compromising the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the dm1105remove function in the drivers/media/pci/dm1105/dm1105.c file of the TV Tuner driver on the DM1105 chip in the Linux operating system is related to the reutilization of previously freed memory due to concurrent access to resources. Exploiting this vulnerability coul...

7CVSS6.4AI score0.00198EPSS
Exploits0References40Affected Software5
bdu_fstec
bdu_fstec
added 2023/06/26 12:0 a.m.10 views

The vulnerability of the ravbremove() function in the drivers/net/ethernet/renesas/ravb_main.c file of the network device driver for the Linux operating system’s kernels allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the ravbremove function in the drivers/net/ethernet/renesas/ravbmain.c file of the Renesas network device driver for the Linux operating system is related to the reutilization of previously freed memory due to concurrent access to resources. Exploiting this vulnerability coul...

7CVSS6.4AI score0.00189EPSS
Exploits0References15Affected Software4
bdu_fstec
bdu_fstec
added 2023/06/16 12:0 a.m.5 views

The vulnerability of the r592remove() function in the drivers/memstick/host/r592.c kernel module of the Linux operating system allows an attacker to compromise the confidentiality and accessibility of protected information.

The vulnerability of the r592remove function in the drivers/memstick/host/r592.c kernel module of the Linux operating system is related to the use of previously freed memory due to concurrent access to resources race condition. Exploiting this vulnerability could allow an attacker to compromise t...

7.1CVSS6.4AI score0.00437EPSS
Exploits0References18Affected Software5
bdu_fstec
bdu_fstec
added 2023/06/05 12:0 a.m.7 views

The vulnerability of the f2fs_write_end_io() function in the fs/f2fs/data.c file of the Linux kernel’s file system f2fs allows a privileged attacker to cause a service failure.

The vulnerability of the f2fswriteendio function in the fs/f2fs/data.c file of the Linux operating system’s file system f2fs is related to the swapping of the zero pointer from a concurrent access resource in a race condition. Exploiting this vulnerability could allow an attacker to cause service...

4.7CVSS6.1AI score0.00197EPSS
Exploits0References14Affected Software5
bdu_fstec
bdu_fstec
added 2023/05/17 12:0 a.m.10 views

The vulnerability of the Qualcomm Technologies EMAC Gigabit Ethernet Controller kernel in the Linux operating system, located in the emacremove() function, allows a attacker to compromise the confidentiality, integrity, and accessibility of data.

The vulnerability of the Qualcomm Technologies EMAC Gigabit Ethernet Controller driver for the Linux operating system is related to concurrent access to resources due to incorrect synchronization in the emacremove function within the drivers/net/ethernet/qualcomm/emac/emac.c module. Exploiting th...

6.4CVSS6.8AI score
Exploits0References12Affected Software3
ptsecurity
ptsecurity
added 2023/05/09 12:0 a.m.7 views

PT-2025-8513 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A data-race issue exists around sysctl fib multipath use neigh. The value of sysctl fib multipath use neigh can be changed concurrently while it is being read, which requires the use o...

8.8CVSS6.8AI score0.03763EPSS
Exploits13References285
susecve
susecve
added 2023/02/15 4:27 a.m.5 views

SUSE CVE-2018-10902

It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc double free in sndrawmidiinputparams and sndrawmidioutputstatus which are part of sndrawmidiioctl handler in rawmidi.c file. A malicious local attacker could possibly use this f...

7CVSS7.6AI score0.00523EPSS
Exploits0References30
susecve
susecve
added 2023/02/15 4:22 a.m.4 views

SUSE CVE-2018-19364

hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to for example a use-after-free outcome...

5.3CVSS6.9AI score0.0053EPSS
Exploits0References14
susecve
susecve
added 2023/02/15 3:51 a.m.4 views

SUSE CVE-2020-35513

A flaw incorrect umask during file or directory modification in the Linux kernel NFS network file system functionality was found in the way user create and delete object using NFSv4.2 or newer if both simultaneously accessing the NFS by the other process that is not using new NFSv4.2. A user with...

4.4CVSS6.1AI score0.01347EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2023/02/08 12:0 a.m.8 views

PT-2023-16492 · Answerdev · Answer

Name of the Vulnerable Software and Affected Versions: answerdev/answer versions prior to 1.0.4 Description: The issue is related to a Race Condition, which occurs due to concurrent execution using a shared resource with improper synchronization. This problem is identified in the GitHub repositor...

8.1CVSS8.3AI score0.0069EPSS
Exploits1References10
redhat
redhat
added 2022/10/04 3:53 p.m.7 views

wildfly: Wildfly management of EJB Session context returns wrong caller principal with Elytron Security enabled

A flaw was found in Wildfly, where it returns an incorrect caller principal under certain heavily concurrent situations when Elytron Security is used. This flaw allows an attacker to gain improper access to information they should not have...

5.3CVSS5.8AI score0.00842EPSS
Exploits0References4
redhat
redhat
added 2022/10/04 3:35 p.m.13 views

wildfly: Wildfly management of EJB Session context returns wrong caller principal with Elytron Security enabled

A flaw was found in Wildfly, where it returns an incorrect caller principal under certain heavily concurrent situations when Elytron Security is used. This flaw allows an attacker to gain improper access to information they should not have...

5.3CVSS5.8AI score0.00842EPSS
Exploits0References4
cnnvd
cnnvd
added 2022/07/12 12:0 a.m.6 views

October CMS 竞争条件问题漏洞

October CMS is an open source content management system CMS based on PHP and Laravel web application framework. October CMS suffers from a Competing Conditions Issue vulnerability. The vulnerability stems from improper handling of concurrent access when concurrent code requires mutually exclusive...

8.1CVSS6.1AI score0.01358EPSS
Exploits0References4
cnvd
cnvd
added 2022/07/08 12:0 a.m.33 views

Multiple MediaTek Chips Competitive Condition Vulnerabilities

MediaTek Inc. is the world's fourth largest fab-based semiconductor company and a leader in the markets of mobile terminals, smart home applications, wireless connectivity and Internet of Things IoT products, with approximately 1.5 billion units of end products with built-in MediaTek chips hittin...

6.4CVSS6.4AI score0.00085EPSS
Exploits0References1
cnnvd
cnnvd
added 2022/07/06 12:0 a.m.7 views

MediaTek 芯片竞争条件问题漏洞

MediaTek Inc. is the world's fourth largest fab-based semiconductor company and a leader in the markets of mobile terminals, smart home applications, wireless connectivity and Internet of Things IoT products, with approximately 1.5 billion units of end products with built-in MediaTek chips hittin...

6.4CVSS5.8AI score0.00085EPSS
Exploits0References3
Rows per page
Query Builder