10792 matches found
UBUNTU-CVE-2024-40916
In the Linux kernel, the following vulnerability has been resolved: drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found When reading EDID fails and driver reports no modes available, the DRM core adds an artificial 1024x786 mode to the connector. Unfortunately some variant...
CVE-2024-40975
CVE-2024-40975 affects the Linux kernel in platform/x86/x86-android-tablets code. The issue arises when a device is unregistered while consumers still hold references, with the regulator subsystem given as a concrete example. If a regulator is unregistered prematurely, a WARN() can be triggered (...
CVE-2024-40975 platform/x86: x86-android-tablets: Unregister devices in reverse order
In the Linux kernel, the following vulnerability has been resolved: platform/x86: x86-android-tablets: Unregister devices in reverse order Not all subsystems support a device getting removed while there are still consumers of the device with a reference to the device. One example of this is the...
CVE-2024-40975 platform/x86: x86-android-tablets: Unregister devices in reverse order
In the Linux kernel, the following vulnerability has been resolved: platform/x86: x86-android-tablets: Unregister devices in reverse order Not all subsystems support a device getting removed while there are still consumers of the device with a reference to the device. One example of this is the...
CVE-2024-40975 platform/x86: x86-android-tablets: Unregister devices in reverse order
In the Linux kernel, the following vulnerability has been resolved: platform/x86: x86-android-tablets: Unregister devices in reverse order Not all subsystems support a device getting removed while there are still consumers of the device with a reference to the device. One example of this is the...
CVE-2024-40975
In the Linux kernel, the following vulnerability has been resolved: platform/x86: x86-android-tablets: Unregister devices in reverse order Not all subsystems support a device getting removed while there are still consumers of the device with a reference to the device. One example of this is the...
USN-6895-1: Linux kernel vulnerabilities
It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the HugeTLB file syst...
CVE-2024-38664
...
Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-6896-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6896-1 advisory. It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free...
USN-6893-1 linux, linux-azure, linux-gcp, linux-ibm, linux-intel, linux-lowlatency, linux-oem-6.8, linux-raspi vulnerabilities
It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A privileged local attacker could use this to cause a denial of service. CVE-2024-24857, CVE-2024-24858, CVE-2024-24859 Several security issues we...
USN-6893-1: Linux kernel vulnerabilities
It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A privileged local attacker could use this to cause a denial of service. CVE-2024-24857, CVE-2024-24858, CVE-2024-24859 Several security issues we...
CVE-2024-38433 Nuvoton - CWE-305: Authentication Bypass by Primary Weakness
Nuvoton - CWE-305: Authentication Bypass by Primary Weakness An attacker with write access to the SPI-Flash on an NPCM7xx BMC subsystem that uses the Nuvoton BootBlock reference code can modify the u-boot image header on flash parsed by the BootBlock which could lead to arbitrary code execution...
Ubuntu: Security Advisory (USN-6866-3)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 20.04 LTS : Linux kernel (IBM) vulnerabilities (USN-6892-1)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6892-1 advisory. It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An...
Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6893-1)
"The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6893-1 advisory. It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A...
USN-6866-3: Linux kernel (Azure) vulnerabilities
It was discovered that the ext4 file system implementation in the Linux kernel did not properly validate data state on write operations. An attacker could use this to construct a malicious ext4 file system image that, when mounted, could cause a denial of service system crash. CVE-2021-33631 It w...
USN-6892-1: Linux kernel (IBM) vulnerabilities
It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the Atheros 802.11ac...
kernel: Bluetooth: Avoid potential use-after-free in hci_error_reset
A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in how it handles hardware failure when it occurs. This flaw allows a local user to potentially crash the system...
kernel: netfilter: use-after-free in nft_trans_gc_catchall_sync leads to privilege escalation
A use-after-free flaw was found in the netfilter subsystem of the Linux kernel. If the catchall element is garbage-collected when the pipapo set is removed, the element can be deactivated twice. This can cause a use-after-free issue on an NFTCHAIN object or NFTOBJECT object, allowing a local...
Security Bulletin: TSSC/IMC is vulnerable to arbitrary code execution due to Linux Kernel
Summary TSSC/IMC is vulnerable to aritrary code excecution due to kernel. A patch has been provided that updates the kernel library. CVE-2022-42896, CVE-2023-1281, CVE-2023-1829, CVE-2023-2124, CVE-2023-2194, CVE-2023-2235. Vulnerability Details CVEID:CVE-2022-42896 DESCRIPTION: Linux Kernel coul...