Microsoft Client Server Run-time Subsystem (CSRSS) 安全漏洞

The Microsoft Client Server Run-time Subsystem is a client/server run-time subsystem from Microsoft Corporation in the United States that manifests itself as the csrss.exe process. It is a component of the Windows NT family of operating systems, appearing in Windows NT 3.1 and subsequent systems,...

KLA48553 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, obtain sensitive information, spoof user interface, cause denial of service, bypass security restrictions. Below is a complete list of...

Microsoft Client Server Run-time Subsystem (CSRSS) 安全漏洞

The Microsoft Client Server Run-time Subsystem is a client/server run-time subsystem from Microsoft Corporation in the United States that manifests itself as the csrss.exe process. It is a component of the Windows NT family of operating systems, appearing in Windows NT 3.1 and subsequent systems,...

CVE-2023-22301

The kernel subsystem hmdfs within OpenHarmony-v3.1.5 and prior versions has an arbitrary memory accessing vulnerability which network attackers can launch a remote attack to obtain kernel memory data of the target system...

CVE-2023-22436

The kernel subsystem function checkpermissionforsettokenid within OpenHarmony-v3.1.5 and prior versions has an UAF vulnerability which local attackers can exploit this vulnerability to escalate the privilege to root...

CVE-2023-24465

Communication Wi-Fi subsystem within OpenHarmony-v3.1.4 and prior versions, OpenHarmony-v3.0.7 and prior versions has a null pointer reference vulnerability which local attackers can exploit this vulnerability to cause the current application to crash...

Memory corruption

The kernel subsystem hmdfs within OpenHarmony-v3.1.5 and prior versions has an arbitrary memory accessing vulnerability which network attackers can launch a remote attack to obtain kernel memory data of the target system...

Privilege escalation

The kernel subsystem function checkpermissionforsettokenid within OpenHarmony-v3.1.5 and prior versions has an UAF vulnerability which local attackers can exploit this vulnerability to escalate the privilege to root...

CVE-2023-24465

CVE-2023-24465 affects the OpenHarmony Wi‑Fi subsystem in OpenHarmony v3.1.4 and earlier (and v3.0.7 and earlier). The vulnerability is a null pointer dereference in the Communication Wi‑Fi subsystem, exploitable by local attackers to crash the current application (local impact). The issue is tie...

CVE-2023-22301 The kernel subsystem hmdfs has a arbitrary memory accessing vulnerability.

The kernel subsystem hmdfs within OpenHarmony-v3.1.5 and prior versions has an arbitrary memory accessing vulnerability which network attackers can launch a remote attack to obtain kernel memory data of the target system...

CVE-2023-22301 The kernel subsystem hmdfs has a arbitrary memory accessing vulnerability.

The kernel subsystem hmdfs within OpenHarmony-v3.1.5 and prior versions has an arbitrary memory accessing vulnerability which network attackers can launch a remote attack to obtain kernel memory data of the target system...

OpenHarmony 代码问题漏洞

OpenHarmony is a kind of Hongmeng operating system open source project of China OpenAtom Foundation OpenAtom Foundation Foundation. A security vulnerability exists in OpenHarmony-v3.1.4 version and earlier, OpenHarmony-v3.0.7 version and earlier, which stems from a null pointer reference...

PT-2023-19623 · Unknown · Openharmony

Name of the Vulnerable Software and Affected Versions: OpenHarmony versions prior to 3.1.4 OpenHarmony versions prior to 3.0.7 Description: The Communication Wi-Fi subsystem has a null pointer reference issue that can be exploited by local attackers to cause the current application to crash...

CentOS 7 : kernel (RHSA-2023:1091)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1091 advisory. - mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anonvma double reuse. CVE-2022-42703 - A stack overflow flaw was fou...

RHEL 8 : kernel (RHSA-2023:1109)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1109 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: stack overflow in doprocdointvec and...

Ubuntu 22.04 LTS : Linux kernel (GKE) vulnerabilities (USN-5938-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5938-1 advisory. It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain...

EulerOS 2.0 SP5 : kernel (EulerOS-SA-2023-1507)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A use-after-free flaw was found in fs/ext4/namei.c:dxinsertblock in the Linux kernels filesystem sub-component. This flaw allows a local attacker...

USN-5939-1: Linux kernel (GCP) vulnerabilities

It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...

USN-5938-1: Linux kernel (GKE) vulnerabilities

It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...

Moderate: Red Hat Security Advisory: Logging Subsystem 5.4.12 - Red Hat OpenShift

Logging Subsystem 5.4.12 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...