Security update for the Linux Kernel (important)

openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2022:2173-1 Rating: important References: 1177282 1199365 1200015 1200143 1200144 1200206 1200207 1200249 1200259 1200263 1200268 1200529 Cross-References: CVE-2020-26541 CVE-2022-1966 CVE-2022-1974...

PT-2025-25866

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A null pointer dereference can occur when attempting to access the gsm-receive function in gsmld receive buf. This happens because the gsmld receive buf function can be accessed without...

PT-2025-25861

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved. The issue is related to the dma-buf/dma-resv component, where a check was added to ensure that a new fence is really later than...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-2075)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-20228

In various functions of C2DmaBufAllocator.cpp, there is a possible memory corruption due to a use after free. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12...

EulerOS 2.0 SP9 : kernel (EulerOS-SA-2022-1779)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attack...

Out-of-bound Reads

linux kernel is vulnerable to out-of bound reads. The vulnerability exists in drivers/usb/gadget/legacy/inode.c due to mishandling in dev-buf release which allows an attacker to cause an application crash...

CVE-2021-0707

In dmabufrelease of dma-buf.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

GSD-2022-1000661 dma-buf: heaps: Fix potential spectre v1 gadget

dma-buf: heaps: Fix potential spectre v1 gadget This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.8 by commit...

GSD-2022-1000578 dma-buf: heaps: Fix potential spectre v1 gadget

dma-buf: heaps: Fix potential spectre v1 gadget This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.22 by commit...

GSD-2022-1000222 dma-buf: heaps: Fix potential spectre v1 gadget

dma-buf: heaps: Fix potential spectre v1 gadget This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.99 by commit...

CVE-2022-24958

drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev-buf release...

CVE-2022-24958

drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev-buf release...

CVE-2022-24958

drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev-buf release...

CVE-2022-24958

drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev-buf release...

Linux kernel 代码问题漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A code issue vulnerability exists in the Linux kernel that stems from an error in the handling of dev-buf in the product /usb/gadget/legacy/inode.c file. The following products...

Medium: kernel

Issue Overview: A flaw was found in the AMD Cryptographic Co-processor driver in the Linux kernel. An attacker, able to send invalid SHA type commands, could cause the system to crash. The highest threat from this vulnerability is to system availability. CVE-2019-18808 A flaw was found in the Lin...

CVE-2021-0955

In pfwritebuf of FuseDaemon.cpp, there is possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-19208576...

BlueZ Resource Management Error Vulnerability (CNVD-2021-92546)

BlueZ is a Bluetooth protocol stack written in C that is primarily used to provide support for the core Bluetooth layer and protocol. blueZ is vulnerable to a resource management error that stems from a vulnerability in the affected version of sdp's cstate alloc buf, which allocates memory that...

buf (>=0.1.0 <=0.2.1), i-o (>=0.1.0 <=0.4.1) +2 more potentially affected by CVE-2021-25907 via containers (>=0.1.1 <=0.8.5)

containers CARGO version =0.1.1, =0.1.0, =0.1.0, =0.13.0, =0.14.1 - lude =0.1.0 Source cves: CVE-2021-25907 Source advisory: OSV:GHSA-CV7X-6RC6-PQ5V...