10817 matches found
Fedora 37 : kernel (2023-50bd7c9c12)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-50bd7c9c12 advisory. The 6.5.6 stable kernel update contains a number of important fixes across the tree. Tenable has extracted the preceding description block directly...
Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2023-12858)
The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12858 advisory. - netfilter: ipset: add the missing IPSETHASHWITHNET0 macro for ipsethashnetportnet.c Kyle Zeng Orabug: 35824286 CVE-2023-42753 - rds: Fix lack of...
CVE-2023-39192
A flaw was found in the Netfilter subsystem in the Linux kernel. The xtu32 module did not validate the fields in the xtu32 structure. This flaw allows a local privileged attacker to trigger an out-of-bounds read by setting the size fields with a value beyond the array boundaries, leading to a cra...
CVE-2023-39189
A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnlosfaddcallback function did not validate the user mode controlled optnum field. This flaw allows a local privileged CAPNETADMIN attacker to trigger an out-of-bounds read, leading to a crash or information disclosure...
AZL-31270 CVE-2023-39193 affecting package kernel for versions less than 5.15.135.1-2
A flaw was found in the Netfilter subsystem in the Linux kernel. The sctpmtcheck did not validate the flagcount field. This flaw allows a local privileged CAPNETADMIN attacker to trigger an out-of-bounds read, leading to a crash or information disclosure...
DEBIAN-CVE-2023-39193
A flaw was found in the Netfilter subsystem in the Linux kernel. The sctpmtcheck did not validate the flagcount field. This flaw allows a local privileged CAPNETADMIN attacker to trigger an out-of-bounds read, leading to a crash or information disclosure...
CVE-2023-39194
A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a local privileged CAPNETADMIN attacker to trigger an out-of-bounds read, potentially leadi...
DEBIAN-CVE-2023-39192
A flaw was found in the Netfilter subsystem in the Linux kernel. The xtu32 module did not validate the fields in the xtu32 structure. This flaw allows a local privileged attacker to trigger an out-of-bounds read by setting the size fields with a value beyond the array boundaries, leading to a cra...
CVE-2023-39193
A flaw was found in the Netfilter subsystem in the Linux kernel. The sctpmtcheck did not validate the flagcount field. This flaw allows a local privileged CAPNETADMIN attacker to trigger an out-of-bounds read, leading to a crash or information disclosure...
AZL-31266 CVE-2023-39192 affecting package kernel for versions less than 5.15.135.1-2
A flaw was found in the Netfilter subsystem in the Linux kernel. The xtu32 module did not validate the fields in the xtu32 structure. This flaw allows a local privileged attacker to trigger an out-of-bounds read by setting the size fields with a value beyond the array boundaries, leading to a cra...
Information disclosure
A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a local privileged CAPNETADMIN attacker to trigger an out-of-bounds read, potentially leadi...
CVE-2023-39189
A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnlosfaddcallback function did not validate the user mode controlled optnum field. This flaw allows a local privileged CAPNETADMIN attacker to trigger an out-of-bounds read, leading to a crash or information disclosure...
CVE-2023-39194
A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a local privileged CAPNETADMIN attacker to trigger an out-of-bounds read, potentially leadi...
CVE-2023-39192
A flaw was found in the Netfilter subsystem in the Linux kernel. The xtu32 module did not validate the fields in the xtu32 structure. This flaw allows a local privileged attacker to trigger an out-of-bounds read by setting the size fields with a value beyond the array boundaries, leading to a cra...
Information disclosure
A flaw was found in the Netfilter subsystem in the Linux kernel. The xtu32 module did not validate the fields in the xtu32 structure. This flaw allows a local privileged attacker to trigger an out-of-bounds read by setting the size fields with a value beyond the array boundaries, leading to a cra...
Information disclosure
A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnlosfaddcallback function did not validate the user mode controlled optnum field. This flaw allows a local privileged CAPNETADMIN attacker to trigger an out-of-bounds read, leading to a crash or information disclosure...
UBUNTU-CVE-2023-39194
A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a local privileged CAPNETADMIN attacker to trigger an out-of-bounds read, potentially leadi...
UBUNTU-CVE-2023-39192
A flaw was found in the Netfilter subsystem in the Linux kernel. The xtu32 module did not validate the fields in the xtu32 structure. This flaw allows a local privileged attacker to trigger an out-of-bounds read by setting the size fields with a value beyond the array boundaries, leading to a cra...
CVE-2023-39193
A flaw was found in the Netfilter subsystem in the Linux kernel. The sctpmtcheck did not validate the flagcount field. This flaw allows a local privileged CAPNETADMIN attacker to trigger an out-of-bounds read, leading to a crash or information disclosure...
CVE-2023-39194
CVE-2023-39194 – The Apollo/CVE entry documents a flaw in the Linux kernel XFRM subsystem: during processing of state filters, an out-of-bounds read past the end of an allocated buffer can be triggered by a local attacker with CAP_NET_ADMIN privileges, potentially leading to information disclosur...