5 matches found
USN-6072-1 linux-oem-6.0 vulnerabilities
It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the...
USN-6027-1 linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gke, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerabilities
It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-1281 Jiasheng Jiang discovered that the HSA...
Important: kernel-livepatch-5.10.165-143.735
Issue Overview: The upstream bug report describes this issue as follows: A flaw found in the Linux Kernel in RDS Reliable Datagram Sockets protocol. The rdsrmzerocopycallback uses listentry on the head of a list causing a type confusion. Local user can trigger this with rdsmessageput. Type...
Important: kernel
Issue Overview: A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM L0 advertising eIBRS support to L1. An attacker at L...
DEBIAN-CVE-2023-26545
In the Linux kernel before 6.1.13, there is a double free in net/mpls/afmpls.c upon an allocation failure for registering the sysctl table under a new location during the renaming of a device...