4 matches found
USN-6819-2: Linux kernel vulnerabilities
Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service system crash. CVE-2023-6356, CVE-2023-6535, CVE-2023-6536 Chenyuan...
Ubuntu 23.10 : Linux kernel vulnerabilities (USN-6819-2)
The remote Ubuntu 23.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6819-2 advisory. Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference...
CVE-2023-52681
A flaw was found in the efivarfs filesystem in the Linux kernel, where sfsinfo is not properly freed upon unmounting. This oversight can lead to a use-after-free condition, which could be exploited by an attacker to execute arbitrary code or cause a system crash. Mitigation Mitigation for this...
CVE-2023-52681 efivarfs: Free s_fs_info on unmount
In the Linux kernel, the following vulnerability has been resolved: efivarfs: Free sfsinfo on unmount Now that we allocate a sfsinfo struct on fs context creation, we should ensure that we free it again when the superblock goes away...