kernel: drm: Fix potential null-ptr-deref due to drmm_mode_config_init()

In the Linux kernel, the following vulnerability has been resolved: drm: Fix potential null-ptr-deref due to drmmmodeconfiginit drmmmodeconfiginit will call drmmodecreatestandardproperties and won't check the ret value. When drmmodecreatestandardproperties failed due to alloc, property will be a...

kernel: usb: xhci-mtk: fix leakage of shared hcd when fail to set wakeup irq

In the Linux kernel, the following vulnerability has been resolved: usb: xhci-mtk: fix leakage of shared hcd when fail to set wakeup irq Can not set the @sharedhcd to NULL before decrease the usage count by usbputhcd, this will cause the shared hcd not released...

kernel: drm: Fix potential null-ptr-deref in drm_vblank_destroy_worker()

A flaw was found in the DRM subsystem in the Linux kernel. A NULL pointer dereference can be triggered due to a missing check, causing a system crash and resulting in a denial of service...

kernel: Linux kernel: Memory leak in RDMA/irdma subsystem leads to Denial of Service

A flaw was found in the Linux kernel's RDMA/irdma subsystem. When the irdma module is unloaded, certain memory objects PBLEs are not properly released, leading to a memory leak. A local attacker could repeatedly trigger this condition, causing system memory to be exhausted and resulting in a Deni...

kernel: net/mlx5e: Fix deadlock in tc route query code

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix deadlock in tc route query code Cited commit causes ABBA deadlock0 when peer flows are created while holding the devcom rw semaphore. Due to peer flows offload implementation the lock is taken much higher up the ca...

kernel: USB: fix memory leak with using debugfs_lookup()

In the Linux kernel, the following vulnerability has been resolved: USB: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instead which...

kernel: net: fix NULL pointer in skb_segment_list

A flaw was found in the Linux kernel's net subsystem. A NULL pointer dereference can be triggered when a specific sequence of network events occurs due to an improper check, resulting in a denial of service...

kernel: xfrm: NULL pointer dereference in xfrm_update_ae_params()

A flaw was found in the Linux kernel’s IP framework for transforming packets XFRM subsystem. This issue may allow a malicious user with CAPNETADMIN privileges to directly dereference a NULL pointer in xfrmupdateaeparams, leading to a possible kernel crash and denial of service...

kernel: use after free flaw in l2cap_conn_del in net/bluetooth/l2cap_core.c

A vulnerability was found in the Linux Kernel in the l2capconndel in net/bluetooth/l2capcore.c function in the Bluetooth component. This issue leads to a use-after-free problem...

kernel: memory leak in ttusb_dec_exit_dvb() in media/usb/ttusb-dec/ttusb_dec.c

A memory leak issue was found in the Linux kernel media subsystem in the TTUSB DEC driver. It could occur in the ttusbdecexitdvb function because of the lack of a dvbfrontenddetach call. A local user could trigger this flaw by repeatedly plugging and unplugging the device, potentially causing a...

kernel: xfrm: NULL pointer dereference in xfrm_update_ae_params()

A flaw was found in the Linux kernel’s IP framework for transforming packets XFRM subsystem. This issue may allow a malicious user with CAPNETADMIN privileges to directly dereference a NULL pointer in xfrmupdateaeparams, leading to a possible kernel crash and denial of service...

PT-2023-7188 · Microsoft · Local Security Authority Subsystem Service +1

Name of the Vulnerable Software and Affected Versions: Microsoft Local Security Authority Subsystem Service affected versions not specified Description: The issue is related to a lack of protection for service data in the Microsoft Local Security Authority LSA service in Microsoft Windows operati...

SUSE-SU-2023:4071-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-39194: Fixed a flaw in the processing of state filters which could allow a local attackers to disclose sensitive information. bsc1215861 - CVE-2023-3919...

The vulnerability of the KEYS subsystem in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the KEYS subsystem in the Linux operating system is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker to cause service failures...

OESA-2023-1799 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: An issue was discovered in the USB subsystem in the Linux kernel through 6.4.2. There is an out-of-bounds and crash in readdescriptors in drivers/usb/core/sysfs.c.CVE-2023-37453 An issue was discovered in the Linux kernel before...

OESA-2023-1798 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: An issue was discovered in the USB subsystem in the Linux kernel through 6.4.2. There is an out-of-bounds and crash in readdescriptors in drivers/usb/core/sysfs.c.CVE-2023-37453 An issue was discovered in the Linux kernel before...

USN-6462-2: Linux kernel (IoT) vulnerabilities

Seth Jenkins discovered that the Linux kernel did not properly perform address randomization for a per-cpu memory management structure. A local attacker could use this to expose sensitive information kernel memory or in conjunction with another kernel vulnerability. CVE-2023-0597 Yu Hao and Weite...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-3217)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 22.04 LTS : Linux kernel (GKE) vulnerabilities (USN-6465-3)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6465-3 advisory. Yu Hao and Weiteng Chen discovered that the Bluetooth HCI UART driver in the Linux kernel contained a race condition, leading to a null pointer dereferen...

Ubuntu 20.04 LTS : Linux kernel (IoT) vulnerabilities (USN-6462-2)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6462-2 advisory. Seth Jenkins discovered that the Linux kernel did not properly perform address randomization for a per-cpu memory management structure. A local attacker...