Lucene search
K

2566 matches found

CVE
CVE
added 2023/07/04 4:46 a.m.113 views

CVE-2023-21672

CVE-2023-21672 is a memory corruption issue in Qualcomm Audio when concurrent tunnel playback or concurrent audio tunnel recording sessions occur. The vulnerability affects Qualcomm components (Audio) and has a high impact with local attack vector; CVSS details indicate high confidentiality, inte...

8.4CVSS8.1AI score0.00111EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/07/04 4:46 a.m.25 views

CVE-2023-21672 Use After Free in Audio

Memory corruption in Audio while running concurrent tunnel playback or during concurrent audio tunnel recording sessions...

8.4CVSS8.8AI score0.00111EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/07/04 12:0 a.m.5 views

Qualcomm Chipsets 资源管理错误漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from a memory corruption issue when running concurrent tunnel playback or concurrent audio tunnel recording...

8.4CVSS7.4AI score0.00111EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/07/04 12:0 a.m.5 views

PT-2023-18333 · Qualcomm · Snapdragon +51

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue involves memory corruption in the audio component when concurrent tunnel playback or audio tunnel recording sessions are running. This can...

8.4CVSS6.8AI score0.00111EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/06/30 12:0 a.m.5 views

The vulnerability of the dm1105_remove() function in the drivers/media/pci/dm1105/dm1105.c file of the TV Tuner driver on the DM1105 chip in the Linux operating system can be exploited by an attacker, thereby compromising the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the dm1105remove function in the drivers/media/pci/dm1105/dm1105.c file of the TV Tuner driver on the DM1105 chip in the Linux operating system is related to the reutilization of previously freed memory due to concurrent access to resources. Exploiting this vulnerability coul...

7CVSS6.4AI score0.00198EPSS
Exploits0References40Affected Software5
BDU FSTEC
BDU FSTEC
added 2023/06/26 12:0 a.m.7 views

The vulnerability of the ravbremove() function in the drivers/net/ethernet/renesas/ravb_main.c file of the network device driver for the Linux operating system’s kernels allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the ravbremove function in the drivers/net/ethernet/renesas/ravbmain.c file of the Renesas network device driver for the Linux operating system is related to the reutilization of previously freed memory due to concurrent access to resources. Exploiting this vulnerability coul...

7CVSS6.4AI score0.00189EPSS
Exploits0References15Affected Software4
RedHat Linux
RedHat Linux
added 2023/06/21 8:49 a.m.9 views

kernel: use-after-free vulnerability in the perf_group_detach function of the Linux Kernel Performance Events

The Linux kernel's Performance Events subsystem has a use-after-free flaw that occurs when a user triggers the perfgroupdetach and removeonexec functions simultaneously. This flaw allows a local user to crash or potentially escalate their privileges on the system...

7.8CVSS6.7AI score0.00253EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2023/06/16 12:0 a.m.5 views

The vulnerability of the r592remove() function in the drivers/memstick/host/r592.c kernel module of the Linux operating system allows an attacker to compromise the confidentiality and accessibility of protected information.

The vulnerability of the r592remove function in the drivers/memstick/host/r592.c kernel module of the Linux operating system is related to the use of previously freed memory due to concurrent access to resources race condition. Exploiting this vulnerability could allow an attacker to compromise t...

7.1CVSS6.4AI score0.00437EPSS
Exploits0References18Affected Software5
BDU FSTEC
BDU FSTEC
added 2023/06/05 12:0 a.m.4 views

The vulnerability of the f2fs_write_end_io() function in the fs/f2fs/data.c file of the Linux kernel’s file system f2fs allows a privileged attacker to cause a service failure.

The vulnerability of the f2fswriteendio function in the fs/f2fs/data.c file of the Linux operating system’s file system f2fs is related to the swapping of the zero pointer from a concurrent access resource in a race condition. Exploiting this vulnerability could allow an attacker to cause service...

4.7CVSS6.1AI score0.00195EPSS
Exploits0References14Affected Software5
OSV
OSV
added 2023/06/03 11:5 a.m.2 views

OESA-2023-1303 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: An issue was discovered in netfilter in the Linux kernel before 5.10. There can be a use-after-free in the packet processing context, because the per-CPU sequence count is mishandled during concurrent iptables rules replacement...

6.7CVSS5AI score0.00444EPSS
Exploits1References3
CNVD
CNVD
added 2023/05/30 12:0 a.m.40 views

Linux kernel resource management error vulnerability (CNVD-2023-48540)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from a resource management error vulnerability that stems from the incorrect handling of per-CPU sequence counts during concurrent iptables rule...

6.7CVSS6.4AI score0.00444EPSS
Exploits1References1
Prion
Prion
added 2023/05/21 11:15 p.m.30 views

Double free

An issue was discovered in netfilter in the Linux kernel before 5.10. There can be a use-after-free in the packet processing context, because the per-CPU sequence count is mishandled during concurrent iptables rules replacement. This could be exploited with the CAPNETADMIN capability in an...

4CVSS6.1AI score0.00444EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2023/05/21 11:15 p.m.3 views

UBUNTU-CVE-2020-36694

An issue was discovered in netfilter in the Linux kernel before 5.10. There can be a use-after-free in the packet processing context, because the per-CPU sequence count is mishandled during concurrent iptables rules replacement. This could be exploited with the CAPNETADMIN capability in an...

6.7CVSS6.7AI score0.00444EPSS
Exploits1References6
BDU FSTEC
BDU FSTEC
added 2023/05/17 12:0 a.m.8 views

The vulnerability of the Qualcomm Technologies EMAC Gigabit Ethernet Controller kernel in the Linux operating system, located in the emacremove() function, allows a attacker to compromise the confidentiality, integrity, and accessibility of data.

The vulnerability of the Qualcomm Technologies EMAC Gigabit Ethernet Controller driver for the Linux operating system is related to concurrent access to resources due to incorrect synchronization in the emacremove function within the drivers/net/ethernet/qualcomm/emac/emac.c module. Exploiting th...

6.4CVSS6.8AI score
Exploits0References12Affected Software3
RedHat Linux
RedHat Linux
added 2023/05/16 8:56 a.m.4 views

kernel: dm integrity: Fix UAF in dm_integrity_dtr()

A use-after-free vulnerability was found in the Linux kernel's device mapper integrity subsystem. When dmresume and dmdestroy execute concurrently, a timer may fire and access freed memory because dmintegritydtr did not properly cancel the timer before freeing resources. The fix adds an additiona...

5.8AI score0.00176EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/05/16 8:56 a.m.8 views

kernel: drm/i915/reset: Fix error_state_read ptr + offset use

In the Linux kernel, the following vulnerability has been resolved: drm/i915/reset: Fix errorstateread ptr + offset use Fix our pointer offset usage in errorstateread when there is no i915gpucoredump but buf offset is non-zero. This fixes a kernel page fault can happen when multiple tests are...

5.5CVSS6.3AI score0.00259EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/05/16 8:56 a.m.6 views

kernel: dm thin: Fix UAF in run_timer_softirq()

In the Linux kernel, the following vulnerability has been resolved: dm thin: Fix UAF in runtimersoftirq When dmresume and dmdestroy are concurrent, it will lead to UAF, as follows: BUG: KASAN: use-after-free in runtimers+0x173/0x710 Write of size 8 at addr ffff88816d9490f0 by task swapper/0/0 Cal...

6.6AI score0.00229EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/05/16 8:56 a.m.3 views

kernel: dm cache: Fix UAF in destroy()

In the Linux kernel, the following vulnerability has been resolved: dm cache: Fix UAF in destroy Dmcache also has the same UAF problem when dmresume and dmdestroy are concurrent. Therefore, cancelling timer again in destroy...

7.8CVSS6.7AI score0.00157EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/05/16 12:0 a.m.3 views

PT-2023-24110 · Jenkins · Jenkins Pipeline: Job Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Pipeline: Job Plugin versions 1292.v27d8cc3e2602 and earlier Description: The Jenkins Pipeline: Job Plugin does not escape the display name of the build that caused an earlier build to be aborted, resulting in a stored cross-site...

7.5CVSS5.4AI score0.00586EPSS
Exploits0References7
Veracode
Veracode
added 2023/05/15 6:0 a.m.21 views

Race Condition

org.opensearch.plugin:opensearch-security is vulnerable to a Race Condition. Improper access authorization can occur from exceedingly rare race condition in the application which results in the failure to apply the fine-grained access control rules to queries. When the query cache eviction occurs...

5.9CVSS6.8AI score0.0046EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder