19 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-3389
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free vulnerability in the Linux Kernel iouring subsystem can be exploited to achieve local privilege escalation. Racing a iouring cancel poll reques...
Photon OS 5.0: Linux PHSA-2023-5.0-0046
An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-5.0-0046. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Photon OS 4.0: Linux PHSA-2023-4.0-0436
An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0436. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2023:2892-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-3389 affecting package hyperv-daemons for versions less than 5.15.135.1-1
CVE-2023-3389 affecting package hyperv-daemons for versions less than 5.15.135.1-1. An upgraded version of the package is available that resolves this issue...
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-3054)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-2843)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-3389 affecting package kernel for versions less than 5.15.122.1-2
CVE-2023-3389 affecting package kernel for versions less than 5.15.122.1-2. A patched version of the package is available...
CVE-2023-3389 affecting package kernel 5.10.183.1-1
CVE-2023-3389 affecting package kernel 5.10.183.1-1. An upgraded version of the package is available that resolves this issue...
Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6249-1)
The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6249-1 advisory. Ruihan Li discovered that the memory management subsystem in the Linux kernel contained a race condition when accessing VMAs in certain conditions, leadi...
Ubuntu: Security Advisory (USN-6250-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-6246-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-6248-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6249-1: Linux kernel (OEM) vulnerabilities
Ruihan Li discovered that the memory management subsystem in the Linux kernel contained a race condition when accessing VMAs in certain conditions, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service system crash or execute arbitrary...
OESA-2023-1424 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: A use-after-free vulnerability in the Linux Kernel iouring subsystem can be exploited to achieve local privilege escalation. Racing a iouring cancel poll request with a linked timeout can cause a UAF in a hrtimer. We recommend...
SUSE-SU-2023:2820-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter tcindex bsc1210335. - CVE-2023-3389: Fixed a use-after-free vulnerability in the...
CVE-2023-3389 Use after free in io_uring in the Linux Kernel
A use-after-free vulnerability in the Linux Kernel iouring subsystem can be exploited to achieve local privilege escalation. Racing a iouring cancel poll request with a linked timeout can cause a UAF in a hrtimer. We recommend upgrading past commit ef7dfac51d8ed961b742218f526bd589f3900a59...
CVE-2023-3389
CVE-2023-3389 (Linux kernel io_uring UAF) : A use-after-free in the io_uring subsystem can be exploited to achieve local privilege escalation. The issue involves racing a io_uring cancel poll request with a linked timeout, which can trigger a UAF in an hrtimer. Impact is local privilege escalatio...
CVE-2023-3389 Use after free in io_uring in the Linux Kernel
A use-after-free vulnerability in the Linux Kernel iouring subsystem can be exploited to achieve local privilege escalation. Racing a iouring cancel poll request with a linked timeout can cause a UAF in a hrtimer. We recommend upgrading past commit ef7dfac51d8ed961b742218f526bd589f3900a59...