31 matches found
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
A memory write vulnerability that is outside the bounds of the system’s protection was discovered in the Linux kernel’s Kid-friendly Wired Controller driver. This vulnerability allows a local user to crash the system or potentially escalate their privileges. The issue lies in the bigbenprobe...
Linux Distros Unpatched Vulnerability : CVE-2022-3577
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds memory write flaw was found in the Linux kernel's Kid-friendly Wired Controller driver. This flaw allows a local user to crash or potentially...
Linux Distros Unpatched Vulnerability : CVE-2023-25012
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Linux kernel through 6.1.9 has a Use-After-Free in bigbenremove in drivers/hid/hid-bigbenff.c via a crafted USB device because the LED controllers remain...
USN-6223-1: Linux kernel (Azure CVM) vulnerabilities
It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service system crash. CVE-2023-1076 It was discovered that the Real-Time Scheduling Class implementation in the Linux kernel contained a type...
USN-6223-1 linux-azure-fde vulnerabilities
It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service system crash. CVE-2023-1076 It was discovered that the Real-Time Scheduling Class implementation in the Linux kernel contained a type...
USN-6207-1: Linux kernel (Intel IoTG) vulnerabilities
It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service system crash. CVE-2023-1076 It was discovered that the Real-Time Scheduling Class implementation in the Linux kernel contained a type...
USN-6207-1 linux-intel-iotg vulnerabilities
It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service system crash. CVE-2023-1076 It was discovered that the Real-Time Scheduling Class implementation in the Linux kernel contained a type...
USN-6185-1: Linux kernel vulnerabilities
It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service system crash. CVE-2023-1076 It was discovered that the Real-Time Scheduling Class implementation in the Linux kernel contained a type...
USN-6185-1 linux-aws, linux-azure, linux-bluefield, linux-gcp, linux-gke, linux-gkeop, linux-ibm, linux-kvm, linux-oracle, linux-raspi vulnerabilities
It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service system crash. CVE-2023-1076 It was discovered that the Real-Time Scheduling Class implementation in the Linux kernel contained a type...
Ubuntu: Security Advisory (USN-6171-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6171-1: Linux kernel vulnerabilities
William Zhao discovered that the Traffic Control TC subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service kernel deadlock. CVE-2022-4269 It was discovered that the TUN/TAP driver in t...
USN-6033-1: Linux kernel (OEM) vulnerabilities
It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the...
Out-of-bounds Write
chromium is vulnerable to Out of Bounds Write. The flaw allows a local user to crash or potentially escalate their privileges on the system. The vulnerability exists in bigbenprobe of drivers/hid/hid-bigbenff.c due to incorrect assumption - bigben devices all have inputs...
CVE-2023-25012
A use-after-free flaw was found in the Linux kernel. This issue may be triggered in the bigbensetled function when plugging in a malicious USB device that advertises itself as a bigben device. This flaw allows a local user with physical access to cause a denial of service...
SUSE CVE-2023-25012
The Linux kernel through 6.1.9 has a Use-After-Free in bigbenremove in drivers/hid/hid-bigbenff.c via a crafted USB device because the LED controllers remain registered for too long...
The Linux kernel through 6.1.9 has a Use-After-Free in bigben_remove in drivers/hid/hid-bigbenff.c via a crafted USB device because the LED controllers remain registered for too long.
...
AZL-13291 CVE-2023-25012 affecting package kernel for versions less than 5.15.107.1-2
The Linux kernel through 6.1.9 has a Use-After-Free in bigbenremove in drivers/hid/hid-bigbenff.c via a crafted USB device because the LED controllers remain registered for too long...
DEBIAN-CVE-2023-25012
The Linux kernel through 6.1.9 has a Use-After-Free in bigbenremove in drivers/hid/hid-bigbenff.c via a crafted USB device because the LED controllers remain registered for too long...
UBUNTU-CVE-2023-25012
The Linux kernel through 6.1.9 has a Use-After-Free in bigbenremove in drivers/hid/hid-bigbenff.c via a crafted USB device because the LED controllers remain registered for too long...
bigben-interactive.de Cross Site Scripting vulnerability OBB-3168092
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...