83 matches found
CVE-2024-26597
In the Linux kernel, the following vulnerability has been resolved: net: qualcomm: rmnet: fix global oob in rmnetpolicy The variable rmnetlinkops assign a bigger maxtype which leads to a global out-of-bounds read when parsing the netlink attributes. See bug trace below:...
Linux Kernel Security Vulnerability
The Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux Kernel that stems from the rmnetlinkops variable being assigned a larger maxtype, which can lead to a global out-of-bounds read when parsing netlink...
Kernel: the nfta_inner_num and nfta_expr_name netlink attributes accessed without checking its presence in nft_inner.c
...
CVE-2023-5972 Kernel: the nfta_inner_num and nfta_expr_name netlink attributes accessed without checking its presence in nft_inner.c
A null pointer dereference flaw was found in the nftinner.c functionality of netfilter in the Linux kernel. This issue could allow a local user to crash the system or escalate their privileges on the system...
Linux kernel out-of-bounds read vulnerability (CNVD-2023-70078)
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to cause a 4-byte out-of-bounds read of XFRMAMTIMERTHRESH when parsing...
CVE-2023-3773
A flaw was found in the Linux kernel’s IP framework for transforming packets XFRM subsystem. This issue may allow a malicious user with CAPNETADMIN privileges to cause a 4 byte out-of-bounds read of XFRMAMTIMERTHRESH when parsing netlink attributes, leading to potential leakage of sensitive heap...
UBUNTU-CVE-2023-3773
A flaw was found in the Linux kernel’s IP framework for transforming packets XFRM subsystem. This issue may allow a malicious user with CAPNETADMIN privileges to cause a 4 byte out-of-bounds read of XFRMAMTIMERTHRESH when parsing netlink attributes, leading to potential leakage of sensitive heap...
CVE-2023-3773
A flaw was found in the Linux kernel’s IP framework for transforming packets XFRM subsystem. This issue may allow a malicious user with CAPNETADMIN privileges to cause a 4 byte out-of-bounds read of XFRMAMTIMERTHRESH when parsing netlink attributes, leading to potential leakage of sensitive heap...
Out-of-bounds
A flaw was found in the Linux kernel’s IP framework for transforming packets XFRM subsystem. This issue may allow a malicious user with CAPNETADMIN privileges to cause a 4 byte out-of-bounds read of XFRMAMTIMERTHRESH when parsing netlink attributes, leading to potential leakage of sensitive heap...
CVE-2023-3773
A flaw was found in the Linux kernel’s IP framework for transforming packets XFRM subsystem. This issue may allow a malicious user with CAPNETADMIN privileges to cause a 4 byte out-of-bounds read of XFRMAMTIMERTHRESH when parsing netlink attributes, leading to potential leakage of sensitive heap...
PT-2023-3971
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw was found in the Linux kernel's IP framework for transforming packets XFRM subsystem. This issue may allow a malicious user with CAP NET ADMIN privileges to cause a 4 byte...
OracleVM 3.4 : Unbreakable / etc (OVMSA-2019-0007) (Spectre)
The remote OracleVM system is missing necessary patches to address critical security updates : - x86/bugs: Fix the AMD SSBD usage of the SPECCTRL MSR Tom Lendacky Orabug: 28870524 CVE-2018-3639 - x86/bugs: Add AMD's SPECCTRL MSR usage Konrad Rzeszutek Wilk Orabug: 28870524 CVE-2018-3639 -...
Unbreakable Enterprise kernel security update
4.1.12-124.25.1 - x86/bugs: Fix the AMD SSBD usage of the SPECCTRL MSR Tom Lendacky Orabug: 28870524 CVE-2018-3639 - x86/bugs: Add AMD's SPECCTRL MSR usage Konrad Rzeszutek Wilk Orabug: 28870524 CVE-2018-3639 - x86/cpufeatures: rename X86FEATUREAMDSSBD to X86FEATURELSCFGSSBD Mihai Carabas Orabug:...
CVE-2017-9694
While parsing Netlink attributes in QCAWLANVENDORATTREXTSCANBSSIDHOTLISTPARAMSLOSTAPSAMPLESIZE in qcacld 2.0 before 2017-05-16, a buffer overread could occur...
Buffer overflow
While parsing Netlink attributes in QCAWLANVENDORATTREXTSCANBSSIDHOTLISTPARAMSLOSTAPSAMPLESIZE in qcacld 2.0 before 2017-05-16, a buffer overread could occur...
CVE-2017-9694
While parsing Netlink attributes in QCAWLANVENDORATTREXTSCANBSSIDHOTLISTPARAMSLOSTAPSAMPLESIZE in qcacld 2.0 before 2017-05-16, a buffer overread could occur...
CVE-2017-9717
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while parsing Netlink attributes, a buffer overread can occur...
CVE-2017-9717
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while parsing Netlink attributes, a buffer overread can occur...
Buffer overflow
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while parsing Netlink attributes, a buffer overread can occur...
CVE-2017-9717
CVE-2017-9717 affects Android for MSM, Firefox OS for MSM, and QRD Android builds based on CAF Linux kernel, where Netlink attribute parsing can trigger a buffer overread in WLAN-related code. The vulnerability is described across multiple sources as a buffer overread that may impact confidential...