82 matches found
SUSE CVE-2023-3212
A NULL pointer dereference issue was found in the gfs2 file system in the Linux kernel. It occurs on corrupt gfs2 file systems when the evict code tries to reference the journal descriptor structure after it has been freed and set to NULL. A privileged local user could use this flaw to cause a...
SUSE CVE-2023-2860
An out-of-bounds read vulnerability was found in the SR-IPv6 implementation in the Linux kernel. The flaw exists within the processing of seg6 attributes. The issue results from the improper validation of user-supplied data, which can result in a read past the end of an allocated buffer. This fla...
A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw could allow a privileged local user to cause a system crash or other undefined behaviors.
...
AZL-26689 CVE-2023-2513 affecting package kernel for versions less than 5.15.112.1-1
A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw could allow a privileged local user to cause a system crash or other undefined behaviors...
UBUNTU-CVE-2023-2513
A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw could allow a privileged local user to cause a system crash or other undefined behaviors...
SUSE CVE-2023-2513
A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw could allow a privileged local user to cause a system crash or other undefined behaviors...
CBL Mariner 2.0 Security Update: kernel (CVE-2022-3170)
The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-3170 advisory. - An out-of-bounds access issue was found in the Linux kernel sound subsystem. It could occur when the 'id-name...
SUSE CVE-2016-9922
The cirrusdocopy function in hw/display/cirrusvga.c in QEMU aka Quick Emulator, when cirrus graphics mode is VGA, allows local guest OS privileged users to cause a denial of service divide-by-zero error and QEMU process crash via vectors involving blit pitch values...
SUSE CVE-2022-21136
Improper input validation for some IntelR XeonR Processors may allow a privileged user to potentially enable denial of service via local access...
AIX (IJ42677)
The version of AIX installed on the remote host is prior to APAR IJ42677. It is, therefore, affected by a vulnerability as referenced in the IJ42677 advisory. - IBM AIX 7.1, 7.2, 7.3 and VIOS , 3.1 could allow a non-privileged local user to exploit a vulnerability in X11 to cause a buffer overflo...
CVE-2022-43848
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX perfstat kernel extension to cause a denial of service. IBM X-Force ID: 239169...
CVE-2022-43381 IBM AIX denial of service
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1could allow a non-privileged local user to exploit a vulnerability in the AIX SMB client to cause a denial of service. IBM X-Force ID: 238639...
CVE-2022-31239
Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, and 9.3.0.6, contain sensitive data in log files vulnerability. A privileged local user may potentially exploit this vulnerability, leading to disclosure of this sensitive data...
Command injection
Dell PowerScale OneFS, versions 8.2.2-9.3.0, contain an OS command injection vulnerability. A privileged local malicious user could potentially exploit this vulnerability, leading to a full system compromise. This impacts compliance mode clusters...
Race condition
A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTLDSPSYNC ioctl. A privileged local user root or member of the audio group could use this flaw to crash the system, resulting in a denial...
CVE-2022-28709
Improper access control in the firmware for some IntelR E810 Ethernet Controllers before version 1.6.1.9 may allow a privileged user to potentially enable denial of service via local access...
CVE-2022-31599
NVIDIA DGX A100 contains a vulnerability in SBIOS in the Ofbd, where a local user with elevated privileges can cause access to an uninitialized pointer, which may lead to code execution, escalation of privileges, denial of service, and information disclosure. The scope of impact can extend to oth...
A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable faulting memory page. A privileged local user could use this flaw to crash the system or escalate their privileges on the system.
...
AIX : Multiple Vulnerabilities (IJ37501)
The version of AIX installed on the remote host is prior to APAR IJ37501. It is, therefore, affected by multiple vulnerabilities as referenced in the IJ37501 advisory. - IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to cau...
CVE-2021-4090
An out-of-bounds OOB memory write flaw was found in the NFSD in the Linux kernel. Missing sanity may lead to a write beyond bmvalbmlen-1 in nfsd4decodebitmap4 in fs/nfsd/nfs4xdr.c. In this flaw, a local attacker with user privilege may gain access to out-of-bounds memory, leading to a system...