8 matches found
Debian: Security Advisory (DLA-3349-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian dla-3349 : linux-config-5.10 - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3349 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3349-1 [email protected]...
[SECURITY] [DLA 3349-1] linux-5.10 security update
Debian LTS Advisory DLA-3349-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings March 02, 2023 https://wiki.debian.org/LTS Package : linux-5.10 Version : 5.10.162-1deb10u1 CVE ID : CVE-2022-2873 CVE-2022-3545 CVE-2022-3623 CVE-2022-4696 CVE-2022-36280 CVE-2022-41218...
Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2023-026 (ALASKERNEL-5.10-2023-026)
The version of kernel installed on the remote host is prior to 5.10.165-143.735. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2023-026 advisory. In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows...
CVE-2023-0240
A logic error was found in the iouring subsystem of the Linux kernel. This issue occurs due to an incorrect assumption that the last iograbidentity call could not return false in the ioprepasyncwork function, leading to reference counting issues and a use-after-free issue. This could allow a loca...
CVE-2023-0240 Use after free in io_uring in the Linux Kernel
There is a logic error in iouring's implementation which can be used to trigger a use-after-free vulnerability leading to privilege escalation. In the ioprepasyncwork function the assumption that the last iograbidentity call cannot return false is not true, and in this case the function will use...
CVE-2023-0240
CVE-2023-0240 relates to a logic error in Linux kernel io_uring that can trigger a use-after-free, enabling local privilege escalation. Specifically, in io_prep_async_work, the code may incorrectly use the init_cred or a previous identity if the final io_grab_identity returns false, causing refer...
CVE-2023-0240 Use after free in io_uring in the Linux Kernel
There is a logic error in iouring's implementation which can be used to trigger a use-after-free vulnerability leading to privilege escalation. In the ioprepasyncwork function the assumption that the last iograbidentity call cannot return false is not true, and in this case the function will use...