4358 matches found
GSD-2022-1001190 net: dsa: fix panic on shutdown if multi-chip tree failed to probe
net: dsa: fix panic on shutdown if multi-chip tree failed to probe This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.2 by commit...
CVE-2022-26507
A heap-based buffer overflow exists in XML Decompression DecodeTreeBlock in AT&T Labs Xmill 0.7. A crafted input file can lead to remote code execution. This is not the same as any of: CVE-2021-21810, CVE-2021-21811, CVE-2021-21812, CVE-2021-21815, CVE-2021-21825, CVE-2021-21826, CVE-2021-21828,...
CVE-2022-26507
A heap-based buffer overflow exists in XML Decompression DecodeTreeBlock in AT&T Labs Xmill 0.7. A crafted input file can lead to remote code execution. This is not the same as any of: CVE-2021-21810, CVE-2021-21811, CVE-2021-21812, CVE-2021-21815, CVE-2021-21825, CVE-2021-21826, CVE-2021-21828,...
A vulnerability was found in btrfs_alloc_tree_b in fs/btrfs/extent-tree.c in the Linux kernel due to an improper lock operation in btrfs. In this flaw a user with a local privilege may cause a denial of service (DOS) due to a deadlock problem.
...
The vulnerability in the fs/quota/quota_tree.c component of Linux operating systems allows a hacker to trigger a service failure.
The vulnerability of the fs/quota/quotatree.c component in Linux operating systems is related to the use of memory after it is freed during the checking of the block number in the fs/quota/quotatree.c file. Exploiting this vulnerability can allow an attacker to cause a service failure...
In the Linux kernel before 5.15.3 fs/quota/quota_tree.c does not validate the block number in the quota tree (on disk). This can for example lead to a kernel/locking/rwsem.c use-after-free if there is a corrupted quota file.
...
DEBIAN-CVE-2021-4149
A vulnerability was found in btrfsalloctreeb in fs/btrfs/extent-tree.c in the Linux kernel due to an improper lock operation in btrfs. In this flaw, a user with a local privilege may cause a denial of service DOS due to a deadlock problem...
UBUNTU-CVE-2021-4149
A vulnerability was found in btrfsalloctreeb in fs/btrfs/extent-tree.c in the Linux kernel due to an improper lock operation in btrfs. In this flaw, a user with a local privilege may cause a denial of service DOS due to a deadlock problem...
CVE-2021-4149
A vulnerability was found in btrfsalloctreeb in fs/btrfs/extent-tree.c in the Linux kernel due to an improper lock operation in btrfs. In this flaw, a user with a local privilege may cause a denial of service DOS due to a deadlock problem...
PT-2022-17319 · Tcpprep +2 · Tcpprep +2
Name of the Vulnerable Software and Affected Versions: tcpprep version 4.4.1 Description: The issue is related to a reachable assertion in the packet2tree function at tree.c in tcpprep. This assertion is assertl2len 0, indicating a potential problem when the l2len variable is not greater than 0...
CVE-2021-45868
In the Linux kernel before 5.15.3, fs/quota/quotatree.c does not validate the block number in the quota tree on disk. This can, for example, lead to a kernel/locking/rwsem.c use-after-free if there is a corrupted quota file...
DEBIAN-CVE-2021-45868
In the Linux kernel before 5.15.3, fs/quota/quotatree.c does not validate the block number in the quota tree on disk. This can, for example, lead to a kernel/locking/rwsem.c use-after-free if there is a corrupted quota file...
UBUNTU-CVE-2021-45868
In the Linux kernel before 5.15.3, fs/quota/quotatree.c does not validate the block number in the quota tree on disk. This can, for example, lead to a kernel/locking/rwsem.c use-after-free if there is a corrupted quota file...
CVE-2021-45868
In the Linux kernel before 5.15.3, fs/quota/quotatree.c does not validate the block number in the quota tree on disk. This can, for example, lead to a kernel/locking/rwsem.c use-after-free if there is a corrupted quota file...
CVE-2021-45868
In the Linux kernel before 5.15.3, fs/quota/quotatree.c does not validate the block number in the quota tree on disk. This can, for example, lead to a kernel/locking/rwsem.c use-after-free if there is a corrupted quota file...
CVE-2021-45888
An issue was discovered in PONTON X/P Messenger before 3.11.2. The navigation tree that is shown on the left side of every page of the web application is vulnerable to XSS: it allows injection of JavaScript into its nodes. Creating such nodes is only possible for users who have the role...
CVE-2021-45888
An issue was discovered in PONTON X/P Messenger before 3.11.2. The navigation tree that is shown on the left side of every page of the web application is vulnerable to XSS: it allows injection of JavaScript into its nodes. Creating such nodes is only possible for users who have the role...
Design/Logic Flaw
An issue was discovered in PONTON X/P Messenger before 3.11.2. The navigation tree that is shown on the left side of every page of the web application is vulnerable to XSS: it allows injection of JavaScript into its nodes. Creating such nodes is only possible for users who have the role...
Important: Red Hat Security Advisory: kernel-rt security and bug fix update
An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
RLSA-2022:0819 Important: kernel-rt security and bug fix update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: improper initialization of the "flags" member of the new pipebuffer CVE-2022-0847 kernel: Use After Free in unixgc which could...