14 matches found
kernel: vhost/vsock: always initialize seqpacket_allow
Improper handling of seqpacketallow initialization was found in the Linux kernel in drivers/vhost/vsock.c...
Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-6681-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6681-1 advisory. Wenqing Liu discovered that the f2fs file system implementation in the Linux kernel did not properly validate inode types while performing...
kernel: Possible use-after-free since the two fdget() during vhost_net_set_backend()
A use-after-free flaw was found in vhostnetsetbackend in drivers/vhost/net.c in the virtio network subcomponent in the Linux kernel due to a double fget. This issue could allow a local attacker to crash the system, and could lead to a kernel information leak problem...
kernel: Possible use-after-free since the two fdget() during vhost_net_set_backend()
A use-after-free flaw was found in vhostnetsetbackend in drivers/vhost/net.c in the virtio network subcomponent in the Linux kernel due to a double fget. This issue could allow a local attacker to crash the system, and could lead to a kernel information leak problem...
CVE-2023-5158
A flaw was found in vringhkiovadvance in drivers/vhost/vringh.c in the host side of a virtio ring in the Linux Kernel. This issue may result in a denial of service from guest to host via zero length descriptor...
CVE-2023-1838
A use-after-free flaw was found in vhostnetsetbackend in drivers/vhost/net.c in virtio network subcomponent in the Linux kernel due to a double fget. This flaw could allow a local attacker to crash the system, and could even lead to a kernel information leak problem...
CVE-2023-1838
A use-after-free flaw was found in vhostnetsetbackend in drivers/vhost/net.c in the virtio network subcomponent in the Linux kernel due to a double fget. This issue could allow a local attacker to crash the system, and could lead to a kernel information leak problem. Mitigation This flaw can be...
Arbitrary Code Execution
kernel is vulnerable to arbitrary code execution. A use-after-free in drivers/vhost/vdpa.c as v-configctx has an invalid value upon re-opening a character device...
Linux kernel post-release reuse vulnerability (CNVD-2021-24270)
The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A post-release reuse vulnerability exists in drivers/vhost/vdpa.c in Linux kernel versions prior to 5.11.9. The...
CVE-2021-29266
CVE-2021-29266 affects the Linux kernel prior to 5.11.9. The use-after-free vulnerability is in drivers/vhost/vdpa.c where v->config_ctx may hold an invalid value when a character device is reopened, enabling a use-after-free scenario. The issue is addressed in ChangeLog-5.11.9 (kernel patch f...
SUSE SLES12 Security Update : kernel (SUSE-SU-2020:1255-1)
The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2020-11494: An issue was discovered in slcbump in drivers/net/can/slcan.c, which allowed attackers to read uninitialized canframe data, potentially containing...
CVE-2020-10942
In the Linux kernel before 5.5.8, getrawsocket in drivers/vhost/net.c lacks validation of an skfamily field, which might allow attackers to trigger kernel stack corruption via crafted system calls...
CVE-2020-10942
In the Linux kernel before 5.5.8, getrawsocket in drivers/vhost/net.c lacks validation of an skfamily field, which might allow attackers to trigger kernel stack corruption via crafted system calls...
Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2014-3022)
The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-3022 advisory. - aacraid: missing capable check in compat ioctl Dan Carpenter Orabug: 18721962 CVE-2013-6383 Tenable has extracted the preceding description block...