3436 matches found
GSD-2022-1001269 f2fs: fix missing free nid in f2fs_handle_failed_inode
f2fs: fix missing free nid in f2fshandlefailedinode This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.2 by commit...
GSD-2022-1001119 ubifs: Fix deadlock in concurrent rename whiteout and inode writeback
ubifs: Fix deadlock in concurrent rename whiteout and inode writeback This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.2 by commit...
GSD-2022-1001040 ceph: fix inode reference leakage in ceph_get_snapdir()
ceph: fix inode reference leakage in cephgetsnapdir This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.3 by commit...
USN-5302-1: Linux kernel (OEM) vulnerabilities
Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the Linux kernel did not properly restrict access to the cgroups v1 releaseagent feature. A local attacker could use this to gain administrative privileges. CVE-2022-0492 Brendan Dolan-Gavitt discovered that the Marvell WiFi-Ex...
drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev->buf release.
...
The vulnerability in the `drivers/usb/gadget/legacy/inode.c` component of Linux kernel allows a hacker to cause a service failure.
The vulnerability in the drivers/usb/gadget/legacy/inode.c component of Linux operating systems is related to the use of memory after it has been freed. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability in the `drivers/usb/gadget/legacy/inode.c` component of Linux kernel allows a hacker to cause a service failure.
The vulnerability in the drivers/usb/gadget/legacy/inode.c component of Linux operating systems is related to a memory release error. Exploiting this vulnerability can allow an attacker to cause a service failure...
DEBIAN-CVE-2022-24958
drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev-buf release...
CVE-2022-24958
drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev-buf release...
AZL-8525 CVE-2022-24958 affecting package kernel for versions less than 5.15.32.1-2
drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev-buf release...
UBUNTU-CVE-2022-24958
drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev-buf release...
Linux kernel 代码问题漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A code issue vulnerability exists in the Linux kernel that stems from an error in the handling of dev-buf in the product /usb/gadget/legacy/inode.c file. The following products...
Vulnerabilities that aren’t. ETag headers
This time were looking at the ETag Entity Tag header. I take some of the blame for this one as I first added a dissector of the header to Nikto’s headers plugin back in 2008, then other scanners added it. What Is It? The header is a simplistic method of helping the user-agent identify whether it...
The vulnerability of the `ntfs inode_real_open` function in the NTFS file system driver for the FUSE NTFS-3G module, related to writing beyond the buffer boundary, allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of the ntfs inoderealopen function in the NTFS file system driver for the FUSE NTFS-3G module is related to writing beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to access confidential data, compromise its integrity, and cause service failures...
The vulnerability of the ntfs inode_lookup_by_name function in the NTFS file system driver for the FUSE NTFS-3G module, related to buffer overflow attacks, allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of the ntfs inodelookupbyname function in the NTFS file system driver for the FUSE NTFS-3G module is related to buffer overflow attacks. Exploiting this vulnerability can allow attackers to access confidential data, compromise its integrity, and cause service failures through th...
The vulnerability of the ntfs inode_lookup_by_name function in the NTFS file system driver for the FUSE NTFS-3G module relates to writing beyond the buffer boundaries in memory. This allows an attacker to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of the ntfs inodelookupbyname function in the NTFS file system driver for the FUSE NTFS-3G module is related to the lack of length checking for attributes. Exploiting this vulnerability can allow attackers to access confidential data, compromise its integrity, and cause service...
kernel: fuse: fuse_do_getattr() calls make_bad_inode() in inappropriate situations
A denial of service flaw was found in fusedogetattr in fs/fuse/dir.c in the kernel side of the FUSE filesystem in the Linux kernel. A local user could use this flaw to crash the system...
CVE-2021-45469
In f2fssetxattr in fs/f2fs/xattr.c in the Linux kernel through 5.15.11, there is an out-of-bounds memory access when an inode has an invalid last xattr entry...
CVE-2021-45469
In f2fssetxattr in fs/f2fs/xattr.c in the Linux kernel through 5.15.11, there is an out-of-bounds memory access when an inode has an invalid last xattr entry...
A crafted NTFS image can trigger an out-of-bounds access caused by an unsanitized attribute length in ntfs_inode_lookup_by_name in NTFS-3G < 2021.8.22.
...