Lucene search
K

36 matches found

Tenable Nessus
Tenable Nessus
added 2023/03/20 12:0 a.m.31 views

CBL Mariner 2.0 Security Update: hyperv-daemons / kernel (CVE-2022-47929)

The version of hyperv-daemons / kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-47929 advisory. - In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control...

5.5CVSS6.5AI score0.00964EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2023/03/17 12:0 a.m.61 views

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2023-12196)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12196 advisory. - l2tp: Serialize access to skuserdata with skcallbacklock Jakub Sitnicki Orabug: 34951574 CVE-2022-4129 - wifi: rndiswlan: Prevent buffer overflo...

7.9CVSS7.6AI score0.03702EPSS
Exploits2References9
RedHat Linux
RedHat Linux
added 2023/03/07 1:17 p.m.5 views

kernel: stack overflow in do_proc_dointvec and proc_skip_spaces

A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system...

7.8CVSS6.7AI score0.00431EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2023/03/07 10:4 a.m.4 views

kernel: stack overflow in do_proc_dointvec and proc_skip_spaces

A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system...

7.8CVSS6.7AI score0.00431EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2023/03/07 9:58 a.m.3 views

kernel: stack overflow in do_proc_dointvec and proc_skip_spaces

A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system...

7.8CVSS6.7AI score0.00431EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2023/02/28 8:24 a.m.4 views

kernel: stack overflow in do_proc_dointvec and proc_skip_spaces

A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system...

7.8CVSS6.7AI score0.00431EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2023/02/24 12:0 a.m.42 views

SUSE SLES12: cluster-md-kmp-rt / dlm-kmp-rt / gfs2-kmp-rt / kernel-devel-rt / etc (SUSE-SU-2023:0485-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0485-1 advisory. The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: -...

7.9CVSS7.2AI score0.03702EPSS
Exploits4References72
BDU FSTEC
BDU FSTEC
added 2023/02/15 12:0 a.m.5 views

The vulnerability of the Traffic Control Subsystem component of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the Traffic Control Subsystem in the Linux operating system is related to improper cleaning or release of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.4AI score0.002EPSS
Exploits0References15Affected Software4
Tenable Nessus
Tenable Nessus
added 2023/02/13 12:0 a.m.36 views

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2023-12116)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12116 advisory. - netfilter: nftpayload: incorrect arithmetics when fetching VLAN header bits Pablo Neira Ayuso Orabug: 34978152 CVE-2023-0179 Tenable has extract...

7.8CVSS6.9AI score0.01944EPSS
Exploits6References5
CVE
CVE
added 2023/01/17 12:0 a.m.387 views

CVE-2022-47929

CVE-2022-47929 is a Linux kernel vulnerability: a NULL pointer dereference in the traffic control subsystem (affecting qdisc_graft in net/sched/sch_api.c) that allows an unprivileged user to trigger a denial of service (system crash) via crafted tc qdisc/class configurations. Exploitation is loca...

5.5CVSS5.9AI score0.00964EPSS
Exploits1References7Affected Software1
CNNVD
CNNVD
added 2023/01/17 12:0 a.m.4 views

Linux kernel 代码问题漏洞

Linux kernel, the kernel used by the Linux Foundation's open source operating system Linux, is vulnerable to a denial-of-service attack in versions of Linux kernel prior to 6.1.6. In affected versions of the Linux kernel, a NULL pointer dereference error in the flow control subsystem allows an...

5.5CVSS6AI score0.00964EPSS
Exploits1References26
Cvelist
Cvelist
added 2023/01/17 12:0 a.m.26 views

CVE-2022-47929

In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service system crash via a crafted traffic control configuration that is set up with "tc qdisc" and "tc class" commands. This affects qdiscgraft in...

6.2AI score0.00964EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2021/10/13 12:0 a.m.25 views

SUSE SLES15 Security Update : kernel (Live Patch 25 for SLE 15) (SUSE-SU-2021:3371-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3371-1 advisory. This update for the Linux Kernel 4.12.14-15075 fixes several issues. The following security issues were fixed: - CVE-2021-3715: Fixed a...

7.8CVSS6.9AI score0.00395EPSS
Exploits4References13
RedHat Linux
RedHat Linux
added 2021/09/07 3:2 p.m.3 views

kernel: use-after-free in route4_change() in net/sched/cls_route.c

A flaw was found in the "Routing decision" classifier in the Linux kernel's Traffic Control networking subsystem in the way it handled changing of classification filters, leading to a use-after-free condition. This flaw allows unprivileged local users to escalate their privileges on the system. T...

7.8CVSS6.8AI score0.00353EPSS
Exploits2References5
NVD
NVD
added 2014/07/26 3:55 p.m.15 views

CVE-2014-4971

Microsoft Windows XP SP3 does not validate addresses in certain IRP handler routines, which allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted address in an IOCTL call, related to 1 the MQAC.sys driver in the MQ Access Control subsystem...

7.2CVSS6.3AI score0.23046EPSS
Exploits21References18
CVE
CVE
added 2014/07/26 3:0 p.m.79 views

CVE-2014-4971

CVE-2014-4971 affects Microsoft Windows XP SP3 and relates to two drivers: MQAC.sys in the MQ Access Control subsystem and BthPan.sys in Bluetooth PAN. The vulnerability arises because certain IRP/IOCTL handling does not validate addresses, enabling local attackers to write to arbitrary memory lo...

7.2CVSS6.2AI score0.23046EPSS
Exploits21References18Affected Software1
Rows per page
Query Builder