Design/Logic Flaw

There are use-after-free vulnerabilities caused by timer handler in net/rose/rosetimer.c of linux that allow attackers to crash linux kernel without any privileges...

CVE-2022-2318

There are use-after-free vulnerabilities caused by timer handler in net/rose/rosetimer.c of linux that allow attackers to crash linux kernel without any privileges...

CVE-2022-30591

quic-go through 0.27.0 allows remote attackers to cause a denial of service CPU consumption via a Slowloris variant in which incomplete QUIC or HTTP/3 requests are sent. This occurs because mtudiscoverer.go misparses the MTU Discovery service and consequently overflows the probe timer. NOTE: the...

CVE-2022-30591

quic-go through 0.27.0 allows remote attackers to cause a denial of service CPU consumption via a Slowloris variant in which incomplete QUIC or HTTP/3 requests are sent. This occurs because mtudiscoverer.go misparses the MTU Discovery service and consequently overflows the probe timer. NOTE: the...

DEBIAN-CVE-2022-30591

quic-go through 0.27.0 allows remote attackers to cause a denial of service CPU consumption via a Slowloris variant in which incomplete QUIC or HTTP/3 requests are sent. This occurs because mtudiscoverer.go misparses the MTU Discovery service and consequently overflows the probe timer. NOTE: the...

CVE-2022-30591

quic-go through 0.27.0 allows remote attackers to cause a denial of service CPU consumption via a Slowloris variant in which incomplete QUIC or HTTP/3 requests are sent. This occurs because mtudiscoverer.go misparses the MTU Discovery service and consequently overflows the probe timer. NOTE: the...

CVE-2022-30591

quic-go through 0.27.0 allows remote attackers to cause a denial of service CPU consumption via a Slowloris variant in which incomplete QUIC or HTTP/3 requests are sent. This occurs because mtudiscoverer.go misparses the MTU Discovery service and consequently overflows the probe timer. NOTE: the...

CVE-2022-2318

There are use-after-free vulnerabilities caused by timer handler in net/rose/rosetimer.c of linux that allow attackers to crash linux kernel without any privileges...

Linux kernel 资源管理错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which originates from a use-after-free timer handler in net/rose/rosetimer.c. An attacker who exploits this vulnerability...

CVE-2022-2318

CVE-2022-2318 is a use-after-free vulnerability in the Linux kernel's Rose (net/rose/rose_timer.c) timer handler that can cause denial of service (crash) with local privileges. Connected advisories confirm the vulnerability affects Linux kernel releases and note fixed versions: Debian security ad...

CVE-2022-2318

There are use-after-free vulnerabilities caused by timer handler in net/rose/rosetimer.c of linux that allow attackers to crash linux kernel without any privileges...

CVE-2022-2318

There are use-after-free vulnerabilities caused by timer handler in net/rose/rosetimer.c of linux that allow attackers to crash linux kernel without any privileges...

PT-2022-5551 · Linux +5 · Linux +5

Name of the Vulnerable Software and Affected Versions: linux affected versions not specified Description: The issue is related to use-after-free vulnerabilities caused by a timer handler in the net/rose/rose timer.c component of the Linux kernel. This allows attackers to crash the Linux kernel...

CVE-2020-36526

A vulnerability classified as problematic was found in Countdown Timer. This vulnerability affects unknown code of the component Macro Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used...

CVE-2020-36526

A vulnerability classified as problematic was found in Countdown Timer. This vulnerability affects unknown code of the component Macro Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used...

Cross site scripting

A vulnerability classified as problematic was found in Countdown Timer. This vulnerability affects unknown code of the component Macro Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used...

Countdown Timer 跨站脚本漏洞

Countdown Timer is a countdown timer widget for Confluence. A security vulnerability exists in Countdown Timer version 1.7.0, which can be exploited by an attacker to remotely launch a cross-site scripting attack...

CVE-2020-36526

CVE-2020-36526 affects Countdown Timer (widget for Confluence) via the Macro Handler, enabling remote cross-site scripting. Connected sources identify a concrete instance: Countdown Timer version 1.7.0 is vulnerable; exploitation is remote and user interaction is required per the CVE description ...

kernel security and bug fix update

3.10.0-1160.66.1.OL7 - Update Oracle Linux certificates Ilya Okomin - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and shim-x64 = 15-2.0.9 - Update oraclekernel-sig-key...

GSD-2022-1002071 tipc: fix the timer expires after interval 100ms

tipc: fix the timer expires after interval 100ms This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.110 by commit...