Astra Linux - уязвимость в linux

In the Linux kernel, from drivers/staging/rtl8188eu/osdep/ioctllinux.c, the function rtwwxsetscan allows writing beyond the end of the -ssid array. NOTE: From the perspective of kernel.org’s release processes, CVE IDs are not typically used for drivers/staging/ unfinished work. However, system...

EUVD-2015-7223

Malware in sbrugna...

SUSE CVE-2022-50469

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix potential memory leak in rtwinitdrvsw In rtwinitdrvsw, there are various init functions are called to populate the padapter structure and some checks for their return value. However, except for the first o...

Design/Logic Flaw

An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in rkvdecremove in drivers/staging/media/rkvdec/rkvdec.c...

CVE-2023-35829

An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in rkvdecremove in drivers/staging/media/rkvdec/rkvdec.c...

CVE-2023-35826

CVE-2023-35826 affects the Linux kernel before 6.3.2, with a use-after-free in cedrus_remove (drivers/staging/media/sunxi/cedrus/cedrus.c). The issue is described in the NVD entry and corroborated by related advisories; the root cause is a resource management/use-after-free in the cedrus driver. ...

K31616043: Linux kernel vulnerability CVE-2021-28660

Security Advisory Description rtwwxsetscan in drivers/staging/rtl8188eu/osdep/ioctllinux.c in the Linux kernel through 5.11.6 allows writing beyond the end of the -ssid array. NOTE: from the perspective of kernel.org releases, CVE IDs are not normally used for drivers/staging/ unfinished work;...

PT-2022-5910 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 5.16-rc6 Description: An issue in the Linux kernel is related to the function rtw init xmit priv in the drivers/staging/r8188eu/core/rtw xmit.c module, which lacks a check of the return value of rtw alloc hwxmits...

SUSE SLES15 Security Update : kernel (Live Patch 0 for SLE 15 SP3) (SUSE-SU-2021:2198-1)

"The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2198-1 advisory. - An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka CID-5d069dbe8aaf. fusedogetattr calls...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-4945-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4945-1 advisory. It was discovered that the Nouveau GPU driver in the Linux kernel did not properly handle error conditions in some situations. A local attack...

CVE-2021-28660

rtwwxsetscan in drivers/staging/rtl8188eu/osdep/ioctllinux.c in the Linux kernel through 5.11.6 allows writing beyond the end of the -ssid array. NOTE: from the perspective of kernel.org releases, CVE IDs are not normally used for drivers/staging/ unfinished work; however, system integrators may...

CVE-2021-28660

rtwwxsetscan in drivers/staging/rtl8188eu/osdep/ioctllinux.c in the Linux kernel through 5.11.6 allows writing beyond the end of the -ssid array. NOTE: from the perspective of kernel.org releases, CVE IDs are not normally used for drivers/staging/ unfinished work; however, system integrators may...

Null pointer dereference

The isashmemfile function in drivers/staging/android/ashmem.c in a certain Qualcomm Innovation Center QuIC Android patch for the Linux kernel 3.x mishandles pointer validation within the KGSL Linux Graphics Module, which allows attackers to bypass intended access restrictions by using the /ashmem...

CVE-2015-7885

The dgncmgmtioctl function in drivers/staging/dgnc/dgncmgmt.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application...

CVE-2015-4003

CVE-2015-4003 affects the OZWPAN driver in the Linux kernel (drivers/staging/ozwpan/ozusbsvc1.c, function oz_usb_handle_ep_data) through kernel 4.0.5. A remote attacker can send a crafted packet to trigger a divide-by-zero and cause a system crash (DoS). The connected advisories (Unity Linux/Eule...

CVE-2015-4001

Integer signedness error in the ozhcdgetdesccnf function in drivers/staging/ozwpan/ozhcd.c in the OZWPAN driver in the Linux kernel through 4.0.5 allows remote attackers to cause a denial of service system crash or possibly execute arbitrary code via a crafted packet...