CVE-2023-21151

CVE-2023-21151 affects the Google BMS kernel module in the Android kernel (Pixel devices). The issue is a heap buffer overflow that can cause an out-of-bounds write, enabling local escalation of privileges to System level. Exploitation requires local access; user interaction is not needed. Public...

SUSE CVE-2023-3022

A flaw was found in the IPv6 module of the Linux kernel. The arg.result was not used consistently in fib6rulelookup, sometimes holding rt6info and other times fib6info. This was not accounted for in other parts of the code where rt6info was expected unconditionally, potentially leading to a kerne...

PUB-A-265149414

In the Google BMS kernel module, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

The vulnerability of the rcu_barrier() function in the ksmbd module of Linux operating systems allows a hacker to elevate their privileges and execute arbitrary code.

The vulnerability of the rcubarrier function in the ksmbd module of Linux kernels is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to enhance their privileges and execute arbitrary code...

CVE-2023-33288

A use-after-free flaw was found in bq24190remove in drivers/power/supply/bq24190charger.c in the power subsystem in the Linux Kernel. This flaw allows a local attacker to crash the system due to a race problem. Mitigation In order to mitigate this issue it is possible to prevent the affected code...

kernel: remote DoS in TIPC kernel module

A remote denial of service vulnerability was found in the Linux kernel’s TIPC kernel module. The while loop in tipclinkxmit hits an unknown state while attempting to parse SKBs, which are not in the queue. Sending two small UDP packets to a system with a UDP bearer results in the CPU utilization...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

CVE-2023-28410

A flaw was found in the Linux kernel i915 graphics driver that improperly restricts operations within the bounds of a memory buffer. This issue could allow a local user to crash the system or potentially escalate their privileges on the system. Mitigation Preventing loading the i915 kernel module...

kernel: RDMA/rxe: Fix BUG: KASAN: null-ptr-deref in rxe_qp_do_cleanup

A flaw was found in the rdmarxe module in the Linux kernel. A NULL pointer dereference can be triggered when an error occurs due to an improper check, resulting in a denial of service...

Moderate: Red Hat Security Advisory: device-mapper-multipath security and bug fix update

An update for device-mapper-multipath is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Moderate: device-mapper-multipath security and bug fix update

The device-mapper-multipath packages provide tools that use the device-mapper multipath kernel module to manage multipath devices. Security Fixes: device-mapper-multipath: multipathd: insecure handling of files in /dev/shm leading to symlink attack CVE-2022-41973 For more details about the securi...

ALSA-2023:2948 Moderate: device-mapper-multipath security and bug fix update

The device-mapper-multipath packages provide tools that use the device-mapper multipath kernel module to manage multipath devices. Security Fixes: device-mapper-multipath: multipathd: insecure handling of files in /dev/shm leading to symlink attack CVE-2022-41973 For more details about the securi...

Moderate: Red Hat Security Advisory: device-mapper-multipath security and bug fix update

An update for device-mapper-multipath is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

kernel: nvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags

A flaw was found in the nvme module in the Linux kernel. A NULL pointer dereference can be triggered due to improper error management when the blkmqinitqueue function fails to set up the queue, resulting in a denial of service...

kernel: Linux kernel ALSA mts64 module: Denial of Service via null pointer dereference

A flaw was found in the Linux kernel's ALSA Advanced Linux Sound Architecture mts64 module. A local user can trigger a null pointer dereference in the sndmts64interrupt function by repeatedly loading and unloading the snd-mts64 module. This can lead to a kernel panic, resulting in a Denial of...

kernel: RDMA/qedr: Fix potential memory leak in __qedr_alloc_mr()

A flaw was found in the qedr module in the Linux kernel. A missing release of allocated memory when an error occurs will cause a memory leak, potentially impacting system performance and resulting in a denial of service...

ALSA-2023:2459 Moderate: device-mapper-multipath security and bug fix update

The device-mapper-multipath packages provide tools that use the device-mapper multipath kernel module to manage multipath devices. Security Fixes: device-mapper-multipath: multipathd: insecure handling of files in /dev/shm leading to symlink attack CVE-2022-41973 For more details about the securi...

EulerOS 2.0 SP10 : kernel (EulerOS-SA-2023-1824)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack...

RXSA-2023:1566 Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: stack overflow in doprocdointvec and procskipspaces CVE-2022-4378 ALSA: pcm: Move rwsem lock inside sndctlelemread to prevent UAF CVE-2023-0266 kernel: FUSE filesystem low-privileged user...

SUSE CVE-2015-2308

Eval injection vulnerability in the HttpCache class in HttpKernel in Symfony 2.x before 2.3.27, 2.4.x and 2.5.x before 2.5.11, and 2.6.x before 2.6.6 allows remote attackers to execute arbitrary PHP code via a language="php" attribute of a SCRIPT element...