PT-2022-7360

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A double-free flaw was found in the Linux kernel’s NTFS3 subsystem. This issue occurs when a user triggers remount and umount simultaneously, allowing a local user to crash or potentiall...

Authentication flaw

Improper authentication in subsystem for IntelR AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow a privileged user to potentially enable escalation of privilege via local access...

Moderate: Red Hat Security Advisory: Logging Subsystem 5.5.4 - Red Hat OpenShift security update

Logging Subsystem 5.5.4 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the Referenc...

CVE-2022-41113

Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability...

CVE-2022-41113

Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability...

CVE-2022-38014

Windows Subsystem for Linux WSL2 Kernel Elevation of Privilege Vulnerability...

CVE-2022-38014

Windows Subsystem for Linux WSL2 Kernel Elevation of Privilege Vulnerability...

CVE-2022-38014

Windows Subsystem for Linux WSL2 Kernel Elevation of Privilege Vulnerability...

Privilege escalation

Windows Subsystem for Linux WSL2 Kernel Elevation of Privilege Vulnerability...

CVE-2022-41113

Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability...

CVE-2022-38014 Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability

...

CVE-2022-41113 Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability

...

CVE-2022-41113

CVE-2022-41113 is a Windows Win32 Kernel Subsystem elevation-of-privilege vulnerability. Connected docs corroborate exploitation in the Win32 Kernel area (item: Win32 Kernel Subsystem). Public exploits exist per Attackerkb listing. Microsoft advisories point to security updates addressing Windows...

The vulnerability of the Client Server Run-Time Subsystem (CSRSS) in the Windows operating system, which allows a hacker to increase their privileges within the system

The vulnerability of the Client Server Run-Time Subsystem CSRSS in the Windows operating system is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to increase their privileges within the system...

CVE-2022-41113 Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability

...

CVE-2022-38014

CVE-2022-38014 affects Windows Subsystem for Linux (WSL2) kernel components. The CVSSv3 metrics in the initial record indicate a Local, Privilege-Required (Low), No User Interaction, with Confidentiality, Integrity, and Availability impacts all High, resulting in a base score of 7.0 (HIGH). The v...

kernel: scsi: lpfc: Fix possible memory leak when failing to issue CMF WQE

A flaw was found in the lpfc module in the Linux kernel. A missing release of allocated memory when an error occurs will cause a memory leak, potentially impacting system performance and resulting in a denial of service...

kernel: ALSA: pcm: Fix potential AB/BA lock with buffer_mutex and mmap_lock

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix potential AB/BA lock with buffermutex and mmaplock syzbot caught a potential deadlock between the PCM runtime-buffermutex and the mm-mmaplock. It was brought by the recent fix to cover the racy read/write and other...

kernel: ASoC: ops: Reject out of bounds values in snd_soc_put_volsw()

A vulnerability was found in the Linux kernel's ASoC operations within the soc-ops.c file, where the function sndsocputvolsw fails to validate the range of values being set, results in out-of-bounds values to be accepted,...

kernel: race condition in snd_pcm_hw_free leading to use-after-free

A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hwparams. The hwfree ioctls or similar race condition happens inside ALSA PCM for other ioctls. This flaw allows a local user to crash or potentially escalate their privileges ...