Lucene search
K

192 matches found

BDU FSTEC
BDU FSTEC
added 2024/05/28 12:0 a.m.6 views

The vulnerability of the rds_recv_track_latency() function in the net/rds/af_rds.c module of the Linux operating system’s RDS (Reliable Datagram Sockets) kernel implementation allows a attacker to compromise the confidentiality and accessibility of protected information.

The vulnerability of the rdsrecvtracklatency function in the net/rds/afrds.c module of the Linux operating system’s RDS Reliable Datagram Sockets implementation is related to reading memory beyond the bounds of the allocated buffer. Exploiting this vulnerability could allow an attacker to...

9.4CVSS5.4AI score
Exploits0References18Affected Software1
SUSE CVE
SUSE CVE
added 2024/05/23 3:5 a.m.2 views

SUSE CVE-2021-47249

In the Linux kernel, the following vulnerability has been resolved: net: rds: fix memory leak in rdsrecvmsg Syzbot reported memory leak in rds. The problem was in unputted refcount in case of error. int rdsrecvmsgstruct socket sock, struct msghdr msg, sizet size, int msgflags ... if...

3.3CVSS6.7AI score0.00236EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2024/05/10 12:0 a.m.64 views

AIX (IJ50934)

The version of AIX installed on the remote host is prior to APAR IJ50934. It is, therefore, affected by a vulnerability as referenced in the IJ50934 advisory. - IBM AIX's Unix domain AIX 7.2, 7.3, VIOS 3.1, and VIOS 4.1 datagram socket implementation could potentially expose applications using Un...

8.1CVSS5.5AI score0.00146EPSS
Exploits0References3
OSV
OSV
added 2024/05/07 9:15 p.m.5 views

CVE-2024-27273

IBM AIX's Unix domain AIX 7.2, 7.3, VIOS 3.1, and VIOS 4.1 datagram socket implementation could potentially expose applications using Unix domain datagram sockets with SOPEERID operation and may lead to privilege escalation. IBM X-Force ID: 284903...

7.8CVSS5.8AI score0.00146EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/07 8:17 p.m.22 views

CVE-2024-27273 IBM AIX privilege escalation

IBM AIX's Unix domain AIX 7.2, 7.3, VIOS 3.1, and VIOS 4.1 datagram socket implementation could potentially expose applications using Unix domain datagram sockets with SOPEERID operation and may lead to privilege escalation. IBM X-Force ID: 284903...

8.1CVSS7.8AI score0.00146EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2024/04/19 2:18 a.m.6 views

SUSE CVE-2024-26865

In the Linux kernel, the following vulnerability has been resolved: rds: tcp: Fix use-after-free of net in reqsktimerhandler. syzkaller reported a warning of netns tracker 0 followed by KASAN splat 1 and another ref tracker warning 1. syzkaller could not find a repro, but in the log, the only...

7CVSS7.5AI score0.0023EPSS
Exploits0References9
OSV
OSV
added 2024/04/17 11:15 a.m.4 views

DEBIAN-CVE-2024-26865

In the Linux kernel, the following vulnerability has been resolved: rds: tcp: Fix use-after-free of net in reqsktimerhandler. syzkaller reported a warning of netns tracker 0 followed by KASAN splat 1 and another ref tracker warning 1. syzkaller could not find a repro, but in the log, the only...

7.8CVSS6AI score0.0023EPSS
Exploits0References1
OSV
OSV
added 2024/04/17 11:15 a.m.5 views

UBUNTU-CVE-2024-26865

In the Linux kernel, the following vulnerability has been resolved: rds: tcp: Fix use-after-free of net in reqsktimerhandler. syzkaller reported a warning of netns tracker 0 followed by KASAN splat 1 and another ref tracker warning 1. syzkaller could not find a repro, but in the log, the only...

7.8CVSS6.3AI score0.0023EPSS
Exploits0References13
SUSE CVE
SUSE CVE
added 2024/03/05 4:31 a.m.2 views

SUSE CVE-2023-52573

In the Linux kernel, the following vulnerability has been resolved: net: rds: Fix possible NULL-pointer dereference In rdsrdmacmeventhandlercmn check, if conn pointer exists before dereferencing it as rdmasetservicetype argument Found by Linux Verification Center linuxtesting.org with SVACE...

5.5CVSS6.1AI score0.00226EPSS
Exploits0References6
OSV
OSV
added 2024/01/23 9:15 a.m.13 views

AZL-33962 CVE-2024-23849 affecting package kernel for versions less than 5.15.153.1-1

In rdsrecvtracklatency in net/rds/afrds.c in the Linux kernel through 6.7.1, there is an off-by-one error for an RDSMSGRXDGRAMTRACEMAX comparison, resulting in out-of-bounds access...

5.5CVSS6.5AI score0.00309EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/01/22 12:0 a.m.6 views

PT-2024-3791 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a function in the Linux kernel's implementation of the Reliable Datagram Sockets RDS protocol. It involves reading memory beyond the allocated buffer, potential...

9.4CVSS6.4AI score
Exploits0References21
Ubuntu
Ubuntu
added 2023/06/01 9:41 p.m.78 views

USN-6134-1: Linux kernel (Intel IoTG) vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the...

8.1CVSS7.5AI score0.0788EPSS
Exploits18
Ubuntu
Ubuntu
added 2023/06/01 6:54 p.m.84 views

USN-6132-1: Linux kernel vulnerabilities

Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrar...

7.8CVSS7.3AI score0.16642EPSS
Exploits7
OSV
OSV
added 2023/05/30 1:55 p.m.7 views

USN-6118-1 linux-oracle, linux-oracle-5.4 vulnerabilities

Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service system crash. CVE-2022-3707 Jordy Zomer and Alexandra Sandulescu discover...

7.8CVSS7AI score0.00635EPSS
Exploits0References9
Ubuntu
Ubuntu
added 2023/05/30 1:55 p.m.80 views

USN-6118-1: Linux kernel (Oracle) vulnerabilities

Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service system crash. CVE-2022-3707 Jordy Zomer and Alexandra Sandulescu discover...

7.8CVSS7.1AI score0.00635EPSS
Exploits0
OSV
OSV
added 2023/05/25 3:13 p.m.19 views

USN-6109-1 linux-raspi, linux-raspi-5.4 vulnerabilities

Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service system crash. CVE-2022-3707 Jordy Zomer and Alexandra Sandulescu discover...

7.8CVSS7AI score0.00635EPSS
Exploits0References9
Ubuntu
Ubuntu
added 2023/05/25 3:13 p.m.76 views

USN-6109-1: Linux kernel (Raspberry Pi) vulnerabilities

Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service system crash. CVE-2022-3707 Jordy Zomer and Alexandra Sandulescu discover...

7.8CVSS7.1AI score0.00635EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/05/22 7:58 p.m.75 views

USN-6096-1: Linux kernel vulnerabilities

It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. CVE-2022-27672 Ziming Zhang discovered that the VMware Virtual GPU DR...

7.8CVSS7.4AI score0.71737EPSS
Exploits3
OpenVAS
OpenVAS
added 2023/05/19 12:0 a.m.27 views

Ubuntu: Security Advisory (USN-6090-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS6.9AI score0.00635EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2023/05/18 8:42 p.m.98 views

USN-6091-1: Linux kernel vulnerabilities

It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. CVE-2022-27672 Ziming Zhang discovered that the VMware Virtual GPU DR...

7.8CVSS7.4AI score0.71737EPSS
Exploits3
Rows per page
Query Builder