Lucene search
+L

41 matches found

OSV
OSV
added 2025/05/02 4:15 p.m.2 views

DEBIAN-CVE-2023-53059

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosecchardev: fix kernel data leak from ioctl It is possible to peep kernel page's data by providing larger insize in struct croseccommand1 when invoking EC host commands. Fix it by using zeroed memory. 1:...

7.1CVSS5.5AI score0.0017EPSS
Exploits0References1
OSV
OSV
added 2025/05/02 4:15 p.m.3 views

UBUNTU-CVE-2023-53059

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosecchardev: fix kernel data leak from ioctl It is possible to peep kernel page's data by providing larger insize in struct croseccommand1 when invoking EC host commands. Fix it by using zeroed memory. 1:...

7.1CVSS6AI score0.0017EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2024/11/12 9:11 a.m.3 views

kernel: platform/chrome: cros_ec_chardev: fix kernel data leak from ioctl

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosecchardev: fix kernel data leak from ioctl It is possible to peep kernel page's data by providing larger insize in struct croseccommand1 when invoking EC host commands. Fix it by using zeroed memory. 1:...

7.1CVSS6.3AI score0.0017EPSS
Exploits0References5
NVD
NVD
added 2024/06/20 12:15 p.m.33 views

CVE-2022-48759

In the Linux kernel, the following vulnerability has been resolved: rpmsg: char: Fix race between the release of rpmsgctrldev and cdev struct rpmsgctrldev contains a struct cdev. The current code frees the rpmsgctrldev struct in rpmsgctrldevreleasedevice, but the cdev is a managed object, therefo...

7CVSS0.00172EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 4:54 a.m.3 views

SUSE CVE-2016-9923

Quick Emulator Qemu built with the 'chardev' backend support is vulnerable to a use after free issue. It could occur while hotplug and unplugging the device in the guest. A guest user/process could use this flaw to crash a Qemu process on the host resulting in DoS...

5.5CVSS9.3AI score0.01214EPSS
Exploits0References6
OSV
OSV
added 2023/01/17 7:32 p.m.23 views

GSD-2023-1001587 chardev: fix error handling in cdev_device_add()

chardev: fix error handling in cdevdeviceadd This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.337 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2023/01/17 7:8 p.m.5 views

GSD-2023-1001382 chardev: fix error handling in cdev_device_add()

chardev: fix error handling in cdevdeviceadd This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.163 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2023/01/17 6:35 p.m.14 views

GSD-2023-1001067 chardev: fix error handling in cdev_device_add()

chardev: fix error handling in cdevdeviceadd This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.86 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2023/01/17 5:55 p.m.6 views

GSD-2023-1000654 chardev: fix error handling in cdev_device_add()

chardev: fix error handling in cdevdeviceadd This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...

7.2AI score
Exploits0
Oracle linux
Oracle linux
added 2022/11/01 12:0 a.m.45 views

Unbreakable Enterprise kernel security update

4.1.12-124.68.3 - Orabug: 34733462 Alok Tiwari 4.1.12-124.68.2 - ptp: fix the race between the release of ptpclock and cdev Vladis Dronov Orabug: 31350707 CVE-2020-10690 - ptp: Fix pass zero to ERRPTR in ptpclockregister YueHaibing Orabug: 31350707 - chardev: add helper function to register char...

7.8CVSS0.9AI score0.05542EPSS
Exploits2
Oracle linux
Oracle linux
added 2021/09/08 12:0 a.m.50 views

Unbreakable Enterprise kernel security update

4.1.12-124.54.6 - xen-netback: do not kfreeskb when irq is disabled Dongli Zhang Orabug: 33282046 4.1.12-124.54.5 - l2tp: fix race between l2tpsessiondelete and l2tptunnelcloseall Guillaume Nault Orabug: 33113975 CVE-2020-0429 - l2tp: ensure sessions are freed after their PPPOL2TP socket Guillaum...

9.8CVSS0.4AI score0.0075EPSS
Exploits3
RedHat Linux
RedHat Linux
added 2020/04/28 3:43 p.m.5 views

kernel: use-after-free in cdev_put() when a PTP device is removed while it's chardev is open

There is a use-after-free problem seen due to a race condition between the release of ptpclock and cdev while resource deallocation. When a high privileged process allocates a ptp device file like /dev/ptpX and voluntarily goes to sleep. During this time if the underlying device is removed, it ca...

6.5CVSS7.1AI score0.00359EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/04/28 3:41 p.m.12 views

kernel: use-after-free in cdev_put() when a PTP device is removed while it's chardev is open

There is a use-after-free problem seen due to a race condition between the release of ptpclock and cdev while resource deallocation. When a high privileged process allocates a ptp device file like /dev/ptpX and voluntarily goes to sleep. During this time if the underlying device is removed, it ca...

6.5CVSS7.1AI score0.00359EPSS
Exploits0References4
OSV
OSV
added 2016/12/23 10:59 p.m.3 views

UBUNTU-CVE-2016-9923

Quick Emulator Qemu built with the 'chardev' backend support is vulnerable to a use after free issue. It could occur while hotplug and unplugging the device in the guest. A guest user/process could use this flaw to crash a Qemu process on the host resulting in DoS...

6.5CVSS6.7AI score0.01214EPSS
Exploits0References3
OSV
OSV
added 2016/12/23 10:59 p.m.3 views

DEBIAN-CVE-2016-9923

Quick Emulator Qemu built with the 'chardev' backend support is vulnerable to a use after free issue. It could occur while hotplug and unplugging the device in the guest. A guest user/process could use this flaw to crash a Qemu process on the host resulting in DoS...

5.5CVSS6.8AI score0.01214EPSS
Exploits0References1
NVD
NVD
added 2016/12/23 10:59 p.m.16 views

CVE-2016-9923

Quick Emulator Qemu built with the 'chardev' backend support is vulnerable to a use after free issue. It could occur while hotplug and unplugging the device in the guest. A guest user/process could use this flaw to crash a Qemu process on the host resulting in DoS...

5.5CVSS5.8AI score0.01214EPSS
Exploits0References3
Prion
Prion
added 2016/12/23 10:59 p.m.15 views

Double free

Quick Emulator Qemu built with the 'chardev' backend support is vulnerable to a use after free issue. It could occur while hotplug and unplugging the device in the guest. A guest user/process could use this flaw to crash a Qemu process on the host resulting in DoS...

2.1CVSS6.9AI score0.01214EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2016/12/23 10:0 p.m.23 views

CVE-2016-9923

Quick Emulator Qemu built with the 'chardev' backend support is vulnerable to a use after free issue. It could occur while hotplug and unplugging the device in the guest. A guest user/process could use this flaw to crash a Qemu process on the host resulting in DoS...

5.5AI score0.01214EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2016/12/23 10:0 p.m.35 views

CVE-2016-9923

Quick Emulator Qemu built with the 'chardev' backend support is vulnerable to a use after free issue. It could occur while hotplug and unplugging the device in the guest. A guest user/process could use this flaw to crash a Qemu process on the host resulting in DoS...

5.5CVSS6.7AI score0.01214EPSS
Exploits0
CVE
CVE
added 2016/12/23 10:0 p.m.95 views

CVE-2016-9923

CVE-2016-9923 affects Quick Emulator (QEMU) with the 'chardev' backend; a use-after-free can occur during hotplug/unplug of a guest device, allowing a guest user/process to crash the QEMU host process and cause DoS. Public sources (NVD) describe the flaw in QEMU’s chardev path; related advisories...

5.5CVSS5.7AI score0.01214EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder