71 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-22942
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The vmwgfx driver contains a local privilege escalation vulnerability that allows unprivileged users to gain access to files opened by other processes on the...
CentOS 7 : kpatch-patch (RHSA-2022:0592)
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0592 advisory. - In doepollctl and eploopcheckproc of eventpoll.c, there is a possible use after free due to a logic error. This could lead to local escalation of...
CVE-2022-22942
The vmwgfx driver contains a local privilege escalation vulnerability that allows unprivileged users to gain access to files opened by other processes on the system through a dangling 'file' pointer...
CVE-2022-22942
The vmwgfx driver contains a local privilege escalation vulnerability that allows unprivileged users to gain access to files opened by other processes on the system through a dangling 'file' pointer...
CVE-2022-22942
The vmwgfx driver contains a local privilege escalation vulnerability that allows unprivileged users to gain access to files opened by other processes on the system through a dangling 'file' pointer...
CVE-2022-22942
CVE-2022-22942 concerns the VMware VMWGFX Linux kernel driver, enabling local privilege escalation due to a dangling file pointer in the driver that can let unprivileged users access files opened by other processes. Affected component: VMware vmwgfx/VGA driver in the kernel. Root cause/impact: lo...
AlmaLinux 8 : kernel (ALSA-2022:0825)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:0825 advisory. - In unixscmtoskb of afunix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with Syste...
K30914425: Linux vulnerabilities CVE-2022-0330 and CVE-2022-22942
Security Advisory Description CVE-2022-0330 A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system...
Metasploit Weekly Wrap-Up
Metasploit 6.3 is out! Earlier this week we announced the release of Metasploit 6.3 which came with a tonne of new modules and improvements. The whole team worked super hard on this and we're very excited that everyone can now get their hands on it and all of the new features it has to offer! I...
vmwgfx Driver File Descriptor Handling Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'vmwgfx Driver File Descriptor Handling Priv Esc', 'Description' = %q If the vmwgfx driver fails to copy the 'fencerep' object to userland, it tri...
CVE-2022-22942
creationtimestamp| type| source ---|---|--- 2023-01-31 19:59:14+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/local/vmwgfxfdprivesc.rb 2023-12-18 07:13:48+00:00| seen| https://t.me/arpsyndicate/1936 2024-01-10 08:06:54+00:00| seen|...
Security Bulletin: Publicly disclosed vulnerability from Kernel affects IBM Netezza Host Management
Summary Kernel is used by IBM Netezza Host Management. This bulletin provides mitigation for the reported CVE. Vulnerability Details CVEID: CVE-2022-22942 DESCRIPTION: Linux Kernel could allow a local authenticated attacker to obtain sensitive information, caused by improper file descriptor...
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-1647)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-1607)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-1537)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12 Security Update : kernel (Live Patch 23 for SLE 12 SP5) (SUSE-SU-2022:1278-1)
The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1278-1 advisory. - kernel: failing usercopy allows for use-after-free exploitation CVE-2022-22942 - A heap buffer overflow flaw was found in IPsec ESP...
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-1450)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12: kgraft-patch-4_12_14-122_103-default / etc (SUSE-SU-2022:1242-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1242-1 advisory. This update for the Linux Kernel 4.12.14-122103 fixes several issues. The following security issues were fixed: - CVE-2022-27666: Fixed a buffe...
SUSE SLES15: kernel-livepatch-4_12_14-197_92-default / etc (SUSE-SU-2022:1212-1)
The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1212-1 advisory. This update for the Linux Kernel 4.12.14-19792 fixes several issues. The following security issues were fixed: - CVE-2022-27666: Fixed a buffer...
SUSE SLES12 Security Update : kernel (Live Patch 17 for SLE 12 SP5) (SUSE-SU-2022:1189-1)
The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1189-1 advisory. - kernel: failing usercopy allows for use-after-free exploitation CVE-2022-22942 - A heap buffer overflow flaw was found in IPsec ESP...