CVE-2023-20687

In display drm, there is a possible double free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07570772; Issue ID: ALPS07570772...

CVE-2023-20679

In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588413; Issue ID: ALPS07588453...

USN-6001-1 linux-aws vulnerabilities

Xuewei Feng, Chuanpu Fu, Qi Li, Kun Sun, and Ke Xu discovered that the TCP implementation in the Linux kernel did not properly handle IPID assignment. A remote attacker could use this to cause a denial of service connection termination or inject forged data. CVE-2020-36516 Ke Sun, Alyssa Milburn,...

Oracle Linux 8 : kernel (ELSA-2023-1566)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-1566 advisory. - ovl: fail on invalid uid/gid mapping at copy up Miklos Szeredi 2165341 2165342 CVE-2023-0386 - ALSA: pcm: Move rwsem lock inside sndctlelemread to...

Ubuntu: Security Advisory (USN-6001-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

kernel: stack overflow in do_proc_dointvec and proc_skip_spaces

A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system...

RHEL 8 : kernel (RHSA-2023:1554)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1554 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: ALSA: pcm: Move rwsem lock inside...

kernel: stack overflow in do_proc_dointvec and proc_skip_spaces

A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system...

A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses and potentially allow Local Privilege Escalation to the root user via arbitrary code execution.

...

ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF

A use-after-free flaw was found in sndctlelemread in sound/core/control.c in Advanced Linux Sound Architecture ALSA subsystem in the Linux kernel. In this flaw a normal privileged, local attacker may impact the system due to a locking issue in the compat path, leading to a kernel information leak...

RHEL 8 : kernel-rt (RHSA-2023:1584)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1584 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

USN-5991-1: Linux kernel (GCP) vulnerabilities

It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service memory exhaustion. CVE-2021-3669 It was discovered that a use-after-free vulnerability existed in the SGI GRU...

USN-5991-1 linux-gcp-4.15 vulnerabilities

It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service memory exhaustion. CVE-2021-3669 It was discovered that a use-after-free vulnerability existed in the SGI GRU...

CVE-2022-42432

A flaw was found in the nftosfeval function in the netfilter subsystem of the Linux kernel. This issue results from the lack of proper initialization of memory prior to accessing it, and could allow a local privileged user to leak stale kernel stack data to userspace...

PT-2023-2068

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to a deadlock flaw in the Linux kernel's BPF subsystem, which can be exploited by a local user to potentially crash the system. Additionally, there is a problem with...

PT-2023-3340 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: A flaw was found in the cpufreq subsystem of the Linux Kernel, specifically in the drivers/cpufreq/qcom-cpufreq-hw.c file. This issue is related to the qcom cpufreq hw cpu exit functio...

UBUNTU-CVE-2023-1652

A use-after-free flaw was found in nfsd4sscsetupdul in fs/nfsd/nfs4proc.c in the NFS filesystem in the Linux Kernel. This issue could allow a local attacker to crash the system or it may lead to a kernel information leak problem...

Moderate: Red Hat Security Advisory: Logging Subsystem for Red Hat OpenShift - 5.5.9 security update

An update is now available for Logging Subsystem for Red Hat OpenShift - 5.5.9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-5984-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5984-1 advisory. It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use...

CBL Mariner 2.0 Security Update: kernel (CVE-2022-3303)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-3303 advisory. - A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to...