CVE-2022-20235

The PowerVR GPU kernel driver maintains an "Information Page" used by its cache subsystem. This page can only be written by the GPU driver itself, but prior to DDK 1.18 however, a user-space program could write arbitrary data to the page, leading to memory corruption issues.Product:...

Memory corruption

The PowerVR GPU kernel driver maintains an "Information Page" used by its cache subsystem. This page can only be written by the GPU driver itself, but prior to DDK 1.18 however, a user-space program could write arbitrary data to the page, leading to memory corruption issues.Product:...

Ubuntu: Security Advisory (USN-5829-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the ALSA:pcm component (the audio subsystem of the Linux operating system), which allows a hacker to cause a service failure and gain unauthorized access to protected information.

The vulnerability of the ALSA:pcm component the audio subsystem of the Linux operating system is related to a synchronization violation in sndctlelemreaduser. Exploiting this vulnerability can allow an attacker to cause service failures and gain unauthorized access to protected information...

kernel: tcp: fix page frag corruption on page fault

A vulnerability was found in the Linux kernel's TCP subsystem in the tcpsendmsglocked function, which can lead to page fragment corruption during a page fault, which occurs when a TCP stream experiences nested access to the task page fragment due to a page fault while handling memory-mapped...

CVE-2022-20235

The PowerVR GPU kernel driver maintains an "Information Page" used by its cache subsystem. This page can only be written by the GPU driver itself, but prior to DDK 1.18 however, a user-space program could write arbitrary data to the page, leading to memory corruption issues.Product:...

CVE-2022-20235

The PowerVR GPU kernel driver maintains an "Information Page" used by its cache subsystem. This page can only be written by the GPU driver itself, but prior to DDK 1.18 however, a user-space program could write arbitrary data to the page, leading to memory corruption issues.Product:...

PT-2023-1959

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.2 Description A flaw was found in the Linux kernel's OverlayFS subsystem, allowing unauthorized access to the execution of the setuid file with capabilities. This uid mapping bug enables a local user to escalat...

Amazon Linux 2 : kernel (ALASKERNEL-5.10-2023-025)

The version of kernel installed on the remote host is prior to 5.10.162-141.675. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2023-025 advisory. A vulnerability classified as problematic has been found in Linux Kernel. This affects the function...

CVE-2023-0266

A use-after-free flaw was found in sndctlelemread in sound/core/control.c in Advanced Linux Sound Architecture ALSA subsystem in the Linux kernel. In this flaw a normal privileged, local attacker may impact the system due to a locking issue in the compat path, leading to a kernel information leak...

Exploit for Integer Overflow or Wraparound in Linux Linux_Kernel

Needle CVE-2023-0179 exploit This repository contains the e...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-5814-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5814-1 advisory. Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use...

USN-5815-1 linux-bluefield vulnerabilities

It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-20421 David Leadbeater...

Moderate: Red Hat Security Advisory: Red Hat OpenShift (Logging Subsystem) security update

An update for Logging Subsystem 5.6.0 is now available for Red Hat OpenShift Container Platform. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Ubuntu: Security Advisory (USN-5808-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2025-52948

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s drm/msm/dpu subsystem where unallocated resources can be returned. Specifically, if a topology requests resources not created by the system, the dpu r...

Null pointer dereference

In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service system crash via a crafted traffic control configuration that is set up with "tc qdisc" and "tc class" commands. This affects qdiscgraft in...

PT-2023-33377 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.226 Description: A potential issue exists where a null check is missing before removing sysfs attributes in the coretemp component of the hwmon subsystem. The actual impact and attack plausibility have not...

PT-2023-33526 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.18 Description: The issue concerns the remoteproc subsystem, specifically the imx dsp rproc module, where a lack of mutex protection for the workqueue could potentially lead to security vulnerabilities. The...

PT-2023-33155 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.12 Description: The issue is related to a null pointer check in the coretemp component of the hwmon subsystem. It was introduced in version v3.0 and fixed in version v6.0.12. The actual impact and attack...