Lucene search
K

8 matches found

OpenVAS
OpenVAS
added 2023/03/03 12:0 a.m.23 views

Debian: Security Advisory (DLA-3349-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.9CVSS8.3AI score0.03702EPSS
Exploits8References6
Tenable Nessus
Tenable Nessus
added 2023/03/03 12:0 a.m.71 views

Debian dla-3349 : linux-config-5.10 - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3349 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3349-1 [email protected]...

7.9CVSS7.9AI score0.03702EPSS
Exploits8References32
Debian
Debian
added 2023/03/02 10:5 p.m.82 views

[SECURITY] [DLA 3349-1] linux-5.10 security update

Debian LTS Advisory DLA-3349-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings March 02, 2023 https://wiki.debian.org/LTS Package : linux-5.10 Version : 5.10.162-1deb10u1 CVE ID : CVE-2022-2873 CVE-2022-3545 CVE-2022-3623 CVE-2022-4696 CVE-2022-36280 CVE-2022-41218...

7.9CVSS7.3AI score0.03702EPSS
Exploits8
Tenable Nessus
Tenable Nessus
added 2023/02/08 12:0 a.m.63 views

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2023-026 (ALASKERNEL-5.10-2023-026)

The version of kernel installed on the remote host is prior to 5.10.165-143.735. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2023-026 advisory. In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows...

7.8CVSS7AI score0.02399EPSS
Exploits10References252
RedhatCVE
RedhatCVE
added 2023/01/31 10:4 a.m.94 views

CVE-2023-0240

A logic error was found in the iouring subsystem of the Linux kernel. This issue occurs due to an incorrect assumption that the last iograbidentity call could not return false in the ioprepasyncwork function, leading to reference counting issues and a use-after-free issue. This could allow a loca...

7.8CVSS6.1AI score0.00269EPSS
Exploits0References3
OSV
OSV
added 2023/01/30 1:17 p.m.4 views

CVE-2023-0240 Use after free in io_uring in the Linux Kernel

There is a logic error in iouring's implementation which can be used to trigger a use-after-free vulnerability leading to privilege escalation. In the ioprepasyncwork function the assumption that the last iograbidentity call cannot return false is not true, and in this case the function will use...

7.8CVSS6.7AI score0.00269EPSS
Exploits0References7
CVE
CVE
added 2023/01/30 1:17 p.m.115 views

CVE-2023-0240

CVE-2023-0240 relates to a logic error in Linux kernel io_uring that can trigger a use-after-free, enabling local privilege escalation. Specifically, in io_prep_async_work, the code may incorrectly use the init_cred or a previous identity if the final io_grab_identity returns false, causing refer...

7.8CVSS7.7AI score0.00269EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2023/01/30 1:17 p.m.24 views

CVE-2023-0240 Use after free in io_uring in the Linux Kernel

There is a logic error in iouring's implementation which can be used to trigger a use-after-free vulnerability leading to privilege escalation. In the ioprepasyncwork function the assumption that the last iograbidentity call cannot return false is not true, and in this case the function will use...

7.8CVSS7.7AI score0.00269EPSS
Exploits0References3
Rows per page
Query Builder