10827 matches found
USN-5938-1: Linux kernel (GKE) vulnerabilities
It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...
Moderate: Red Hat Security Advisory: Logging Subsystem 5.4.12 - Red Hat OpenShift
Logging Subsystem 5.4.12 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...
Moderate: Red Hat Security Advisory: Logging Subsystem 5.5.8 - Red Hat OpenShift
Logging Subsystem 5.5.8 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the Referenc...
Moderate: Red Hat Security Advisory: Logging Subsystem 5.6.3 - Red Hat OpenShift
Logging Subsystem 5.6.3 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the Referenc...
SUSE SLES15 Security Update : kernel RT (Live Patch 1 for SLE 15 SP4) (SUSE-SU-2023:0635-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2023:0635-1 advisory. This update for the Linux Kernel 5.14.21-150400155 fixes one issue. The following security issue was fixed: - CVE-2023-0179: Fixed incorrect arithmetic...
Ubuntu: Security Advisory (USN-5935-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-609-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP9 : kernel (EulerOS-SA-2023-1444)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A use-after-free flaw was found in fs/ext4/namei.c:dxinsertblock in the Linux kernel's filesystem sub- component. This flaw allows a local...
kernel: stack overflow in do_proc_dointvec and proc_skip_spaces
A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system...
kernel: stack overflow in do_proc_dointvec and proc_skip_spaces
A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system...
USN-5929-1: Linux kernel (Raspberry Pi) vulnerabilities
It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...
kernel: stack overflow in do_proc_dointvec and proc_skip_spaces
A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system...
kernel: stack overflow in do_proc_dointvec and proc_skip_spaces
A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system...
CVE-2023-1249
A use-after-free flaw was found in the Linux kernel’s core dump subsystem. This flaw allows a local user to crash the system. Only if patch 390031c94211 "coredump: Use the vma snapshot in fillfilesnote" not applied yet, then kernel could be affected...
kernel: stack overflow in do_proc_dointvec and proc_skip_spaces
A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system...
kernel: stack overflow in do_proc_dointvec and proc_skip_spaces
A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system...
USN-5927-1: Linux kernel (Azure) vulnerabilities
It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...
The vulnerability of the inode_cgwbMove_to_attached() function in the fs/fs-writeback.c component of Linux operating systems allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the inodecgwbmovetoattached function in the fs/fs-writeback.c component of Linux operating systems is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the...
PT-2023-35493 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.14.306 Description: The issue is related to the usb bulk msg function in the Linux Kernel's USB subsystem. It involves passing act len in the error path, which may have potential security implications. The...
USN-5925-1: Linux kernel vulnerabilities
It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...