Lucene search
K

65 matches found

Ubuntu
Ubuntu
added 2025/02/26 3:14 p.m.30 views

USN-7295-1: Linux kernel vulnerabilities

Ye Zhang and Nicolas Wu discovered that the iouring subsystem in the Linux kernel did not properly handle locking for rings with IOPOLL, leading to a double-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

9.1CVSS7.9AI score0.03301EPSS
Exploits4
OSV
OSV
added 2025/02/26 3:14 p.m.12 views

USN-7295-1 linux-xilinx-zynqmp vulnerabilities

Ye Zhang and Nicolas Wu discovered that the iouring subsystem in the Linux kernel did not properly handle locking for rings with IOPOLL, leading to a double-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

9.1CVSS6.8AI score0.03301EPSS
Exploits4References150
Ubuntu
Ubuntu
added 2025/02/26 12:57 p.m.107 views

USN-7293-1: Linux kernel vulnerabilities

Attila Szász discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service system crash or possibly execute arbitrary code...

9.1CVSS8AI score0.03301EPSS
Exploits2
OSV
OSV
added 2025/02/26 10:38 a.m.29 views

USN-7303-1 linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACPI drivers; - Drivers cor...

9.1CVSS6.8AI score0.01367EPSS
Exploits0References209
Tenable Nessus
Tenable Nessus
added 2025/02/26 12:0 a.m.19 views

Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-7304-1)

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7304-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...

9.1CVSS7.5AI score0.01367EPSS
Exploits0References207
OSV
OSV
added 2024/12/20 12:51 p.m.21 views

USN-7166-3 linux-hwe-5.15 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - RISC-V architecture; - S390 architecture; - x86 architecture; - Block layer subsystem; - ACPI...

9.1CVSS6.6AI score0.01367EPSS
Exploits0References168
OSV
OSV
added 2024/12/17 11:22 p.m.20 views

USN-7166-2 linux-aws, linux-aws-5.15 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - RISC-V architecture; - S390 architecture; - x86 architecture; - Block layer subsystem; - ACPI...

9.1CVSS6.6AI score0.01367EPSS
Exploits0References168
OSV
OSV
added 2024/07/12 1:15 p.m.8 views

DEBIAN-CVE-2024-40904

In the Linux kernel, the following vulnerability has been resolved: USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages The syzbot fuzzer found that the interrupt-URB completion callback in the cdc-wdm driver was taking too long, and the driver's immediate resubmission of interru...

5.5CVSS5.7AI score0.00294EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 4:6 a.m.3 views

SUSE CVE-2019-19530

In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/class/cdc-acm.c driver, aka CID-c52873e5a1ef...

4.6CVSS6.6AI score0.00426EPSS
Exploits0References19
OSV
OSV
added 2022/02/07 10:15 p.m.7 views

CVE-2021-3835

Buffer overflow in usb device class. Zephyr versions = v2.6.0 contain Heap-based Buffer Overflow CWE-122. For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-fm6v-8625-99jf...

8.8CVSS5.5AI score0.00743EPSS
Exploits1References1
NVD
NVD
added 2022/02/07 10:15 p.m.24 views

CVE-2021-3835

Buffer overflow in usb device class. Zephyr versions = v2.6.0 contain Heap-based Buffer Overflow CWE-122. For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-fm6v-8625-99jf...

8.8CVSS0.00743EPSS
Exploits1References1
NVD
NVD
added 2022/02/07 10:15 p.m.23 views

CVE-2021-3861

The RNDIS USB device class includes a buffer overflow vulnerability. Zephyr versions = v2.6.0 contain Heap-based Buffer Overflow CWE-122. For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hvfp-w4h8-gxvj...

8.2CVSS0.00479EPSS
Exploits1References1
CVE
CVE
added 2022/02/07 10:0 p.m.61 views

CVE-2021-3861

The vulnerability CVE-2021-3861 affects Zephyr’s RNDIS USB device class. The issue is a Heap-based Buffer Overflow (CWE-122) in Zephyr versions >= 2.6.0, caused by improper memory boundary handling in the RNDIS USB class. Impact is high for confidentiality, integrity, and availability per the ...

8.2CVSS7.2AI score0.00479EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2019/12/06 11:15 p.m.4 views

CVE-2019-2226

In deviceclasstoint of deviceclass.cc, there is a possible out of bounds read due to improper casting. This could lead to local information disclosure in the Bluetooth server with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8...

5.5CVSS6.8AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2014/10/28 12:0 a.m.54 views

F5 Networks BIG-IP : Linux kernel vulnerability (SOL15746)

block/scsiioctl.c in the Linux kernel through 3.8 does not properly consider the SCSI device class during authorization of SCSI commands, which allows local users to bypass intended access restrictions via an SGIO ioctl call that leverages overlapping opcodes.CVE-2012-4542 C Tenable Network...

4.6CVSS8.1AI score0.00349EPSS
Exploits0References2
Kitploit
Kitploit
added 2013/12/18 12:29 a.m.18 views

[Harald scan] Bluetooth discovery scanning

Harald Scan is able to determine Major and Minor device class of device, as well as attempt to resolve the device's MAC address to the largest known Bluetooth MAC address Vendor list. If you are running Harald Scan and see a entry with 'Unknown' in the vendor column pleaseemail me the file which ...

7.2AI score
Exploits0
RedHat Linux
RedHat Linux
added 2013/06/11 5:31 p.m.3 views

kernel: block: default SCSI command filter does not accomodate commands overlap across device classes

block/scsiioctl.c in the Linux kernel through 3.8 does not properly consider the SCSI device class during authorization of SCSI commands, which allows local users to bypass intended access restrictions via an SGIO ioctl call that leverages overlapping opcodes...

4.6CVSS7.3AI score0.00349EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2013/02/28 6:40 p.m.5 views

kernel: block: default SCSI command filter does not accomodate commands overlap across device classes

block/scsiioctl.c in the Linux kernel through 3.8 does not properly consider the SCSI device class during authorization of SCSI commands, which allows local users to bypass intended access restrictions via an SGIO ioctl call that leverages overlapping opcodes...

4.6CVSS7.3AI score0.00349EPSS
Exploits0References4
Oracle linux
Oracle linux
added 2013/02/27 12:0 a.m.71 views

Oracle Linux 6 kernel security and bugfix update

2.6.32-358.el6 - fs Fix sget race with failing mount Eric Sandeen 883276 2.6.32-357.el6 - virt xen: Fix stack corruption in xenfailsafecallback for 32bit PVOPS guests Andrew Jones 896050 CVE-2013-0190 - block sgio: use different default filters for each device class Paolo Bonzini 875361...

6.6CVSS7.7AI score0.00882EPSS
Exploits2
RedHat Linux
RedHat Linux
added 2013/02/20 4:32 p.m.5 views

kernel: block: default SCSI command filter does not accomodate commands overlap across device classes

block/scsiioctl.c in the Linux kernel through 3.8 does not properly consider the SCSI device class during authorization of SCSI commands, which allows local users to bypass intended access restrictions via an SGIO ioctl call that leverages overlapping opcodes...

4.6CVSS7.3AI score0.00349EPSS
Exploits0References4
Rows per page
Query Builder