kernel: media: em28xx: initialize refcount before kref_get

A use-after-free flaw was found in the Linux kernel’s video4linux driver in how a user triggers the em28xxusbprobe for the Empia 28xx-based TV cards. This flaw allows a local user to crash or potentially escalate their privileges on the system...

OESA-2023-1087 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: A double-free memory flaw was found in the Linux kernel. The Intel GVT-g graphics driver triggers VGA card system resource overload, causing a fail in the intelgvtdmamapguestpage function. This issue could allow a local user to...

SUSE CVE-2008-3496

Buffer overflow in format descriptor parsing in the uvcparseformat function in drivers/media/video/uvc/uvcdriver.c in uvcvideo in the video4linux V4L implementation in the Linux kernel before 2.6.26.1 has unknown impact and attack vectors...

SUSE CVE-2016-4568

drivers/media/v4l2-core/videobuf2-v4l2.c in the Linux kernel before 4.5.3 allows local users to cause a denial of service kernel memory write operation or possibly have unspecified other impact via a crafted number of planes in a VIDIOCDQBUF ioctl call...

SUSE CVE-2022-3239

A flaw use after free in the Linux kernel video4linux driver was found in the way user triggers em28xxusbprobe for the Empia 28xx based TV cards. A local user could use this flaw to crash the system or potentially escalate their privileges on the system...

USN-5865-1 linux-azure-4.15 vulnerabilities

It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 V4L2 implementation in the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-20369 Pawan Kumar Gupta, Alyssa Milburn, Ami...

USN-5862-1 linux-snapdragon vulnerabilities

It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 V4L2 implementation in the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-20369 Pawan Kumar Gupta, Alyssa Milburn, Ami...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-1147)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.10.1 : kernel (EulerOS-SA-2023-1147)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Insufficient input validation in i40e driver for IntelR Ethernet 700 Series Controllers versions before 2.8.43 may allow an...

EulerOS 2.0 SP11 : kernel (EulerOS-SA-2023-1037)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsockconnect of the file...

USN-5774-1 linux-azure vulnerabilities

Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-427...

Ubuntu 18.04 LTS : Linux kernel (Azure) vulnerabilities (USN-5774-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5774-1 advisory. Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential...

USN-5758-1 linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities

Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-427...

USN-5757-1: Linux kernel vulnerabilities

Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-427...

USN-5757-1 linux, linux-aws, linux-dell300x, linux-gcp-4.15, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities

Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-427...

Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2022-9996)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9996 advisory. - media: em28xx: initialize refcount before krefget Dongliang Mu Orabug: 34619521 CVE-2022-3239 Tenable has extracted the preceding description block directly...

kernel: media: em28xx: initialize refcount before kref_get

A use-after-free flaw was found in the Linux kernel’s video4linux driver in how a user triggers the em28xxusbprobe for the Empia 28xx-based TV cards. This flaw allows a local user to crash or potentially escalate their privileges on the system...

kernel: media: em28xx: initialize refcount before kref_get

A use-after-free flaw was found in the Linux kernel’s video4linux driver in how a user triggers the em28xxusbprobe for the Empia 28xx-based TV cards. This flaw allows a local user to crash or potentially escalate their privileges on the system...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-2767)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES12 Security Update : kernel (SUSE-SU-2022:3779-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3779-1 advisory. - Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module/firmware loads to just...