Lucene search
+L

174 matches found

OSV
OSV
added 2022/07/31 2:6 p.m.12 views

GSD-2022-1004403 cipso: Fix data-races around sysctl.

cipso: Fix data-races around sysctl. This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.56 by commit 07b0caf8aeb9b82e6ecc6c292a3e47c7fcdb1148...

7.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/05/09 12:0 a.m.297 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : kernel Multiple Vulnerabilities (NS-SA-2022-0040)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has kernel packages installed that are affected by multiple vulnerabilities: - An issue was discovered in the Linux kernel before 4.14.11. A double free may be caused by the function allocatetracebuffer in the file...

8.1CVSS7.3AI score0.09729EPSS
Exploits8References17
Amazon
Amazon
added 2022/01/28 12:0 a.m.16 views

Important: kernel

Issue Overview: In the Linux kernel 5.3.10, there is a use-after-free read in the perftracelockacquire function related to include/trace/events/lock.h. CVE-2019-19769 A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem. This flaw occurs while importing the Commercial...

7.1CVSS6.3AI score0.03097EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2021/11/09 6:6 p.m.6 views

kernel: use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c

A flaw use-after-free in the Linux kernel CIPSO network packet labeling protocol functionality was found in the way user open local network connection with the usage of the security labeling that is IP option number 134. A local user could use this flaw to crash the system or possibly escalate...

7.8CVSS6.7AI score0.00566EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2021/11/09 5:26 p.m.5 views

kernel: use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c

A flaw use-after-free in the Linux kernel CIPSO network packet labeling protocol functionality was found in the way user open local network connection with the usage of the security labeling that is IP option number 134. A local user could use this flaw to crash the system or possibly escalate...

7.8CVSS6.7AI score0.00566EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2021/09/30 12:0 a.m.7 views

The vulnerability of the cipso_v4_genopt function (net/ipv4/cipso_ipv4.c) in the Linux operating system allows a hacker to execute arbitrary code.

The vulnerability of the cipsov4genopt function net/ipv4/cipsoipv4.c in the Linux kernel is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

7.8CVSS7AI score0.00566EPSS
Exploits1References26Affected Software6
RedHat Linux
RedHat Linux
added 2021/07/21 1:17 a.m.2 views

kernel: use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c

A flaw use-after-free in the Linux kernel CIPSO network packet labeling protocol functionality was found in the way user open local network connection with the usage of the security labeling that is IP option number 134. A local user could use this flaw to crash the system or possibly escalate...

7.8CVSS6.7AI score0.00566EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2021/07/21 1:8 a.m.6 views

kernel: use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c

A flaw use-after-free in the Linux kernel CIPSO network packet labeling protocol functionality was found in the way user open local network connection with the usage of the security labeling that is IP option number 134. A local user could use this flaw to crash the system or possibly escalate...

7.8CVSS6.7AI score0.00566EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2021/06/08 12:0 a.m.4 views

PT-2024-11257 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak has been identified in the Linux kernel, specifically in the netlbl cipsov4 add std function. The memory leak occurs because the memory allocated for doi def-map.std is n...

9.8CVSS6.6AI score0.01358EPSS
Exploits6References458
Veracode
Veracode
added 2021/06/06 10:38 a.m.46 views

Privilege Escalation

kernel is vulnerable to privilege escalation. A use-after-free in cipsov4genopt in net/ipv4/cipsoipv4.c due to the CIPSO and CALIPSO refcounting for the DOI definitions are mishandled, leading to writing of an arbitrary value...

7.8CVSS3.1AI score0.00566EPSS
Exploits1References7Affected Software5
Ubuntu
Ubuntu
added 2021/06/04 7:4 p.m.249 views

USN-4979-1: Linux kernel vulnerabilities

Kiyin 尹亮 discovered that the NFC LLCP protocol implementation in the Linux kernel contained a reference counting error. A local attacker could use this to cause a denial of service system crash. CVE-2020-25670 Kiyin 尹亮 discovered that the NFC LLCP protocol implementation in the Linux kernel did n...

8.8CVSS7.6AI score0.03259EPSS
Exploits4
Microsoft CVE
Microsoft CVE
added 2021/05/25 7:0 a.m.2 views

The Linux kernel before 5.11.14 has a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled aka CID-ad5d07f4a9cd. This leads to writing an arbitrary value.

...

7.8CVSS6.8AI score0.00566EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2021/05/19 12:27 a.m.193 views

CVE-2021-33033

A flaw use-after-free in the Linux kernel CIPSO network packet labeling protocol functionality was found in the way user open local network connection with the usage of the security labeling that is IP option number 134. A local user could use this flaw to crash the system or possibly escalate...

7.8CVSS1.4AI score0.00566EPSS
Exploits1References3
CNVD
CNVD
added 2021/05/17 12:0 a.m.11 views

Linux kernel resource management error vulnerability (CNVD-2021-37734)

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A resource management error vulnerability exists in cipsov4genopt in net/ipv4/cipsoipv4.c in Linux kernel versions...

7.8CVSS6.5AI score0.00566EPSS
Exploits1References1
OSV
OSV
added 2021/05/14 11:15 p.m.6 views

AZL-6561 CVE-2021-33033 affecting package kernel for versions less than 5.10.78.1-1

The Linux kernel before 5.11.14 has a use-after-free in cipsov4genopt in net/ipv4/cipsoipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd. This leads to writing an arbitrary value...

7.8CVSS6.7AI score0.00566EPSS
Exploits1References1
OSV
OSV
added 2021/05/14 11:15 p.m.6 views

CVE-2021-33033

The Linux kernel before 5.11.14 has a use-after-free in cipsov4genopt in net/ipv4/cipsoipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd. This leads to writing an arbitrary value...

7.8CVSS8AI score
Exploits0References6
OSV
OSV
added 2021/05/14 11:15 p.m.4 views

DEBIAN-CVE-2021-33033

The Linux kernel before 5.11.14 has a use-after-free in cipsov4genopt in net/ipv4/cipsoipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd. This leads to writing an arbitrary value...

7.8CVSS6.7AI score0.00566EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2021/05/14 11:15 p.m.74 views

CVE-2021-33033

The Linux kernel before 5.11.14 has a use-after-free in cipsov4genopt in net/ipv4/cipsoipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd. This leads to writing an arbitrary value...

7.8CVSS6.7AI score0.00566EPSS
Exploits1References10
OSV
OSV
added 2021/05/14 11:15 p.m.4 views

UBUNTU-CVE-2021-33033

The Linux kernel before 5.11.14 has a use-after-free in cipsov4genopt in net/ipv4/cipsoipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd. This leads to writing an arbitrary value...

7.8CVSS6.8AI score0.00566EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2021/03/04 12:0 a.m.8 views

PT-2021-4224 · Linux +9 · Linux Kernel +9

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.11.14 Description: The issue is related to a use-after-free error in the cipso v4 genopt function, located in net/ipv4/cipso ipv4.c, due to mishandled CIPSO and CALIPSO refcounting for the DOI definitions. Thi...

9.8CVSS8.3AI score0.93838EPSS
Exploits255References1223
Rows per page
Query Builder