36 matches found
CBL Mariner 2.0 Security Update: hyperv-daemons / kernel (CVE-2022-47929)
The version of hyperv-daemons / kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-47929 advisory. - In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control...
Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2023-12196)
The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12196 advisory. - l2tp: Serialize access to skuserdata with skcallbacklock Jakub Sitnicki Orabug: 34951574 CVE-2022-4129 - wifi: rndiswlan: Prevent buffer overflo...
kernel: stack overflow in do_proc_dointvec and proc_skip_spaces
A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system...
kernel: stack overflow in do_proc_dointvec and proc_skip_spaces
A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system...
kernel: stack overflow in do_proc_dointvec and proc_skip_spaces
A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system...
kernel: stack overflow in do_proc_dointvec and proc_skip_spaces
A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system...
SUSE SLES12: cluster-md-kmp-rt / dlm-kmp-rt / gfs2-kmp-rt / kernel-devel-rt / etc (SUSE-SU-2023:0485-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0485-1 advisory. The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: -...
The vulnerability of the Traffic Control Subsystem component of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the Traffic Control Subsystem in the Linux operating system is related to improper cleaning or release of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...
Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2023-12116)
The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12116 advisory. - netfilter: nftpayload: incorrect arithmetics when fetching VLAN header bits Pablo Neira Ayuso Orabug: 34978152 CVE-2023-0179 Tenable has extract...
CVE-2022-47929
CVE-2022-47929 is a Linux kernel vulnerability: a NULL pointer dereference in the traffic control subsystem (affecting qdisc_graft in net/sched/sch_api.c) that allows an unprivileged user to trigger a denial of service (system crash) via crafted tc qdisc/class configurations. Exploitation is loca...
Linux kernel 代码问题漏洞
Linux kernel, the kernel used by the Linux Foundation's open source operating system Linux, is vulnerable to a denial-of-service attack in versions of Linux kernel prior to 6.1.6. In affected versions of the Linux kernel, a NULL pointer dereference error in the flow control subsystem allows an...
CVE-2022-47929
In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service system crash via a crafted traffic control configuration that is set up with "tc qdisc" and "tc class" commands. This affects qdiscgraft in...
SUSE SLES15 Security Update : kernel (Live Patch 25 for SLE 15) (SUSE-SU-2021:3371-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3371-1 advisory. This update for the Linux Kernel 4.12.14-15075 fixes several issues. The following security issues were fixed: - CVE-2021-3715: Fixed a...
kernel: use-after-free in route4_change() in net/sched/cls_route.c
A flaw was found in the "Routing decision" classifier in the Linux kernel's Traffic Control networking subsystem in the way it handled changing of classification filters, leading to a use-after-free condition. This flaw allows unprivileged local users to escalate their privileges on the system. T...
CVE-2014-4971
Microsoft Windows XP SP3 does not validate addresses in certain IRP handler routines, which allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted address in an IOCTL call, related to 1 the MQAC.sys driver in the MQ Access Control subsystem...
CVE-2014-4971
CVE-2014-4971 affects Microsoft Windows XP SP3 and relates to two drivers: MQAC.sys in the MQ Access Control subsystem and BthPan.sys in Bluetooth PAN. The vulnerability arises because certain IRP/IOCTL handling does not validate addresses, enabling local attackers to write to arbitrary memory lo...