Ubuntu 22.04 LTS : Linux kernel (Azure CVM) vulnerabilities (USN-5752-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5752-1 advisory. David Bouman and Billy Jheng Bing Jhong discovered that a race condition existed in the iouring subsystem in the Linux kernel, leading to a use- after-fr...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-5728-2)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5728-2 advisory. Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading t...

CVE-2022-43945

The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call RPC into a single array of pages. A client can force the send...

Ubuntu 20.04 LTS : Linux kernel (Azure CVM) vulnerabilities (USN-5706-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5706-1 advisory. It was discovered that the BPF verifier in the Linux kernel did not properly handle internal data structures. A local attacker could use this to expose...

Ubuntu 22.10 : Linux kernel vulnerabilities (USN-5700-1)

The remote Ubuntu 22.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5700-1 advisory. David Bouman and Billy Jheng Bing Jhong discovered that a race condition existed in the iouring subsystem in the Linux kernel, leading to a use- after-free...

USN-5692-1 linux, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gke-5.15, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-oem-5.14, linux-oracle, linux-raspi vulnerabilities

David Bouman and Billy Jheng Bing Jhong discovered that a race condition existed in the iouring subsystem in the Linux kernel, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-2602...

Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-5693-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5693-1 advisory. David Bouman and Billy Jheng Bing Jhong discovered that a race condition existed in the iouring subsystem in the Linux kernel, leading to a use- after-fr...

[ASA-202210-2] linux: multiple issues

Arch Linux Security Advisory ASA-202210-2 ========================================= Severity: Critical Date : 2022-10-14 CVE-ID : CVE-2022-41674 CVE-2022-42719 CVE-2022-42720 CVE-2022-42721 CVE-2022-42722 Package : linux Type : multiple issues Remote : Yes Link :...

EulerOS 2.0 SP8 : kernel (EulerOS-SA-2022-2466)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A race condition in the Linux kernel before 5.6.2 between the VTDISALLOCATE ioctl and closing/opening of ttys could lead to a use-after-free...

Ubuntu 20.04 LTS : Linux kernel (GKE) vulnerabilities (USN-5654-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5654-1 advisory. It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of-...

USN-5650-1 linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities

It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-33655 It was...

Ubuntu 16.04 ESM : Linux kernel vulnerabilities (USN-5650-1)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5650-1 advisory. It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of-...

Ubuntu 22.04 LTS : Linux kernel (GKE) vulnerabilities (USN-5635-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5635-1 advisory. It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of-...

USN-5633-1 linux-gcp, linux-gke, linux-raspi vulnerabilities

It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-33655 Duoming...

Ubuntu 18.04 LTS : Linux kernel (Raspberry Pi) vulnerabilities (USN-5630-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5630-1 advisory. It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of-...

Ubuntu 16.04 ESM / 18.04 LTS : Linux kernel vulnerabilities (USN-5621-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5621-1 advisory. It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an...

USN-5592-1 linux-aws, linux-azure, linux-bluefield, linux-gcp, linux-gcp-5.4, linux-gke, linux-gkeop, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4 vulnerabilities

Asaf Modelevsky discovered that the IntelR 10GbE PCI Express ixgbe Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. CVE-2021-33061 It was discovered that the virtual terminal driver in the...

Exploit for Use After Free in Linux Linux_Kernel

2022-LPE-UAF Security researchers discovered 3 vulnerabiliti...

USN-5560-1 linux, linux-aws, linux-azure-4.15, linux-dell300x, linux-gcp-4.15, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities

Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

USN-5557-1 linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities

Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...