PT-2023-33277 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.160 Description: The issue is related to the pinctrl subsystem in the Linux Kernel, specifically with the mediatek driver. It involves starting up with IRQs disabled. The actual impact and potential for...

PT-2023-33372 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 5.4.178 through 5.4.225 Description: The issue concerns a bounds check for sx controls in the ASoC: ops component. It was introduced in version v5.4.178 and fixed in version v5.4.226. The actual impact and attack...

PT-2023-33305 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.159 Description: A potential security issue has been identified in the Linux Kernel, related to the ASoC: soc-pcm component. The issue involves a lack of NULL check in BE reparenting. The actual impact and...

PT-2023-33341 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.228 Description: The issue is related to the pinctrl subsystem in the Linux Kernel, specifically with the mediatek driver. It involves starting up with IRQs disabled. The actual impact and potential for...

PT-2023-33286 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.159 Description: The issue concerns a bounds check in the nfc target arrays within the nci component of the NFC subsystem. It was introduced in version v3.4 and fixed in version v5.10.159. The actual impac...

Ubuntu 20.04 LTS : Linux kernel (OEM) vulnerabilities (USN-5809-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5809-1 advisory. Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause...

Linux kernel 代码问题漏洞

Linux kernel, the kernel used by the Linux Foundation's open source operating system Linux, is vulnerable to a denial-of-service attack in versions of Linux kernel prior to 6.1.6. In affected versions of the Linux kernel, a NULL pointer dereference error in the flow control subsystem allows an...

CVE-2022-47929

In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service system crash via a crafted traffic control configuration that is set up with "tc qdisc" and "tc class" commands. This affects qdiscgraft in...

CVE-2022-47929

CVE-2022-47929 is a Linux kernel vulnerability: a NULL pointer dereference in the traffic control subsystem (affecting qdisc_graft in net/sched/sch_api.c) that allows an unprivileged user to trigger a denial of service (system crash) via crafted tc qdisc/class configurations. Exploitation is loca...

USN-5804-2: Linux kernel vulnerabilities

It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Tamás Koczka discovered that th...

USN-5804-1 linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-5.4, linux-hwe, linux-ibm, linux-kvm, linux-oracle, linux-oracle-5.4, vulnerabilities

It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Tamás Koczka discovered that th...

kernel security and bug fix update

4.18.0-425.10.1.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system.

...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-1147)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2023-12017)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12017 advisory. - proc: procskipspaces shouldn't think it is working on C strings Linus Torvalds Orabug: 34882775 CVE-2022-4378 - proc: avoid integer type confusi...

Ubuntu 22.10 : Linux kernel (IBM) vulnerabilities (USN-5793-4)

The remote Ubuntu 22.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5793-4 advisory. It was discovered that the iouring subsystem in the Linux kernel did not properly perform reference counting in some situations, leading to a use- after-free...

Ubuntu 22.10 : Linux kernel vulnerabilities (USN-5793-3)

The remote Ubuntu 22.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5793-3 advisory. It was discovered that the iouring subsystem in the Linux kernel did not properly perform reference counting in some situations, leading to a use- after-free...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel (Azure) vulnerabilities (USN-5791-3)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5791-3 advisory. It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free...

CVE-2023-21680

Windows Win32k Elevation of Privilege Vulnerability...

USN-5793-3: Linux kernel vulnerabilities

It was discovered that the iouring subsystem in the Linux kernel did not properly perform reference counting in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-3910 ...