10827 matches found
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-1551)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2023-12196)
The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12196 advisory. - l2tp: Serialize access to skuserdata with skcallbacklock Jakub Sitnicki Orabug: 34951574 CVE-2022-4129 - wifi: rndiswlan: Prevent buffer overflo...
USN-5962-1 linux-intel-iotg vulnerabilities
It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...
UBUNTU-CVE-2023-28466
dotlsgetsockopt in net/tls/tlsmain.c in the Linux kernel through 6.2.6 lacks a locksock call, leading to a race condition with a resultant use-after-free or NULL pointer dereference...
kernel: stack overflow in do_proc_dointvec and proc_skip_spaces
A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system...
RHEL 8 : kpatch-patch (RHSA-2023:1251)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1251 advisory. This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel...
Ubuntu 22.10 : Linux kernel (KVM) vulnerabilities (USN-5950-1)
The remote Ubuntu 22.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5950-1 advisory. It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain...
The vulnerability of the KVM virtualization subsystem in AMD Secure Encrypted Virtualization (SEV) in the virt/kvm/kvm_main.c kernel of the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the KVM virtualization subsystem in AMD Secure Encrypted Virtualization SEV in the virt/kvm/kvmmain.c kernel of the Linux operating system is related to a breach of processor cache integrity. Exploiting this vulnerability could allow an attacker to trigger a service failure...
The vulnerability of the wireless communication subsystem in the Linux kernel’s net/mac802154/llsec.c module, which allows a hacker to cause a service failure.
The vulnerability in the wireless communication subsystem of the Linux kernel’s net/mac802154/llsec.c module relates to the assignment of a null pointer in the llseckeyalloc function during network connection termination. Exploiting this vulnerability could allow an attacker to cause a service...
USN-5951-1: Linux kernel (IBM) vulnerabilities
It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...
CVE-2023-23409
Client Server Run-Time Subsystem CSRSS Information Disclosure Vulnerability...
CVE-2023-23394
Client Server Run-Time Subsystem CSRSS Information Disclosure Vulnerability...
CVE-2023-23394
Client Server Run-Time Subsystem CSRSS Information Disclosure Vulnerability...
Information disclosure
Client Server Run-Time Subsystem CSRSS Information Disclosure Vulnerability...
Information disclosure
Client Server Run-Time Subsystem CSRSS Information Disclosure Vulnerability...
CVE-2023-23409 Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability
...
CVE-2023-23394 Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability
...
kernel: stack overflow in do_proc_dointvec and proc_skip_spaces
A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system...
kernel: stack overflow in do_proc_dointvec and proc_skip_spaces
A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system...
kernel: stack overflow in do_proc_dointvec and proc_skip_spaces
A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system...