Amazon Linux 2 : kernel, --advisory ALAS2-2022-1838 (ALAS-2022-1838)

The version of kernel installed on the remote host is prior to 4.14.291-218.527. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1838 advisory. In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Free the...

Amazon Linux 2 : kernel (ALASKERNEL-5.15-2022-007)

The version of kernel installed on the remote host is prior to 5.15.59-33.133. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2022-007 advisory. An out-of-bounds read flaw was found in the Linux kernel's TeleTYpe subsystem. The issue occurs in how a...

Amazon Linux 2 : kernel (ALASKERNEL-5.4-2022-035)

The version of kernel installed on the remote host is prior to 5.4.209-116.367. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2022-035 advisory. An out-of-bounds read flaw was found in the Linux kernel's TeleTYpe subsystem. The issue occurs in how a...

The vulnerability of the Linux operating system’s sound subsystem allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Linux operating system’s kernel audio subsystem is related to incorrect handling of parallel calls to the PCM hwparams function. Exploiting this vulnerability can allow an attacker to access confidential data, compromise its integrity, and cause service failures...

CVE-2022-3170

An out-of-bounds access issue was found in the Linux kernel sound subsystem. It could occur when the 'id-name' provided by the user did not end with '\0'. A privileged local user could pass a specially crafted name through ioctl interface and crash the system or potentially escalate their...

CVE-2022-3170

An out-of-bounds access issue was found in the Linux kernel sound subsystem. It could occur when the 'id-name' provided by the user did not end with '\0'. A privileged local user could pass a specially crafted name through ioctl interface and crash the system or potentially escalate their...

AZL-10924 CVE-2022-3170 affecting package kernel for versions less than 5.15.70.1-1

An out-of-bounds access issue was found in the Linux kernel sound subsystem. It could occur when the 'id-name' provided by the user did not end with '\0'. A privileged local user could pass a specially crafted name through ioctl interface and crash the system or potentially escalate their...

UBUNTU-CVE-2022-3170

An out-of-bounds access issue was found in the Linux kernel sound subsystem. It could occur when the 'id-name' provided by the user did not end with '\0'. A privileged local user could pass a specially crafted name through ioctl interface and crash the system or potentially escalate their...

CVE-2022-3170

An out-of-bounds access issue was found in the Linux kernel sound subsystem. It could occur when the 'id-name' provided by the user did not end with '\0'. A privileged local user could pass a specially crafted name through ioctl interface and crash the system or potentially escalate their...

CVE-2022-3170

CVE-2022-3170 affects the Linux kernel sound subsystem. The vulnerability is an out-of-bounds access that can occur when the user-provided id->name does not end with a NUL character, allowing a privileged local user to trigger a crash or potentially escalate privileges via an ioctl() path. The...

CVE-2022-3170

An out-of-bounds access issue was found in the Linux kernel sound subsystem. It could occur when the 'id-name' provided by the user did not end with '\0'. A privileged local user could pass a specially crafted name through ioctl interface and crash the system or potentially escalate their...

Linux kernel 缓冲区错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an out-of-bounds access issue found in the sound subsystem. This may occur when a user-supplied "id-name" do...

CVE-2022-3170

An out-of-bounds access issue was found in the Linux kernel sound subsystem. It could occur when the 'id-name' provided by the user did not end with '\0'. A privileged local user could pass a specially crafted name through ioctl interface and crash the system or potentially escalate their...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Free the adap structure only after we are done using it. This patch just moves the putdevice down a bit to avoid the use after free. wsa: added comment to the code, added Fixes...

CVE-2022-2905

An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpftailcall function with a key larger than the maxentries of the map. This flaw allows a local user to gain unauthorized access to data...

CVE-2022-2905

An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpftailcall function with a key larger than the maxentries of the map. This flaw allows a local user to gain unauthorized access to data...

Design/Logic Flaw

An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpftailcall function with a key larger than the maxentries of the map. This flaw allows a local user to gain unauthorized access to data...

UBUNTU-CVE-2022-2905

An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpftailcall function with a key larger than the maxentries of the map. This flaw allows a local user to gain unauthorized access to data...

CVE-2022-38701 IPC in communication subsystem has a heap overflow vulnerability. Local attackers can trigger a heap overflow and get network sensitive information.

OpenHarmony-v3.1.2 and prior versions have a heap overflow vulnerability. Local attackers can trigger a heap overflow and get network sensitive information...

CVE-2022-38064 windowmanager in window subsystem has a permission bypass vulnerability. Local attackers can bypass permission control and get sensitive information.

OpenHarmony-v3.1.2 and prior versions have a permission bypass vulnerability. Local attackers can bypass permission control and get sensitive information...