USN-6339-1: Linux kernel vulnerabilities

It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in certain situations. An attacker could use this to construct a malicious NTFS image that, when mounted and operated on, could cause a denial of service system crash. CVE-2022-48425...

USN-6339-1 linux, linux-gcp, linux-hwe-5.15, linux-ibm, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia vulnerabilities

It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in certain situations. An attacker could use this to construct a malicious NTFS image that, when mounted and operated on, could cause a denial of service system crash. CVE-2022-48425...

USN-6338-1 linux, linux-aws, linux-aws-6.2, linux-hwe-6.2, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-6.2, linux-raspi vulnerabilities

Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-21255 It was discovered that a race condition existed in th...

USN-6338-1: Linux kernel vulnerabilities

Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-21255 It was discovered that a race condition existed in th...

CLSA-2023-1693904331 Fix of 11 CVEs

Jammy update: v5.15.86 upstream stable release LP: 2005113 // CVE-url: https://ubuntu.com/security/CVE-2022-3606 - libbpf: Fix null-pointer dereference in findprogbysecinsn Jammy update: v5.15.87 upstream stable release LP: 2007441 // CVE-url: https://ubuntu.com/security/CVE-2023-23454 - net:...

Ubuntu 18.04 ESM / 20.04 LTS : Linux kernel vulnerabilities (USN-6340-1)

The remote Ubuntu 18.04 ESM / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6340-1 advisory. Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. ...

The vulnerability in the `drivers/media/usb/ttusb-dec/ttusb_dec.c` component of the Linux kernel allows a attacker to perform a “denial-of-service” attack.

The vulnerability of the drivers/media/usb/ttusb-dec/ttusbdec.c component in the Linux operating system is related to a memory leak due to the absence of the dvbfrontenddetach function being called. Exploiting this vulnerability can allow an attacker to perform a type of “denial-of-service” attac...

CLSA-2023-1693827560 Fix of 9 CVEs

Jammy update: v5.15.86 upstream stable release LP: 2005113 // CVE-url: https://ubuntu.com/security/CVE-2022-3606 - libbpf: Fix null-pointer dereference in findprogbysecinsn Jammy update: v5.15.87 upstream stable release LP: 2007441 // CVE-url: https://ubuntu.com/security/CVE-2023-23454 - net:...

CLSA-2023-1693827322 Fix of 9 CVEs

Jammy update: v5.15.86 upstream stable release LP: 2005113 // CVE-url: https://ubuntu.com/security/CVE-2022-3606 - libbpf: Fix null-pointer dereference in findprogbysecinsn Jammy update: v5.15.87 upstream stable release LP: 2007441 // CVE-url: https://ubuntu.com/security/CVE-2023-23454 - net:...

CVE-2023-31084

...

USN-6327-1 linux-kvm vulnerabilities

Zheng Zhang discovered that the device-mapper implementation in the Linux kernel did not properly handle locking during tableclear operations. A local attacker could use this to cause a denial of service kernel deadlock. CVE-2023-2269 It was discovered that a use-after-free vulnerability existed ...

USN-6309-1 linux, linux-aws, linux-lts-xenial vulnerabilities

Zheng Zhang discovered that the device-mapper implementation in the Linux kernel did not properly handle locking during tableclear operations. A local attacker could use this to cause a denial of service kernel deadlock. CVE-2023-2269 It was discovered that a use-after-free vulnerability existed ...

EuroTel ETL3100 Transmitter Authorization Bypass / Insecure Direct Object Reference

EuroTel ETL3100 Transmitter Authorization Bypass IDOR Vendor: EuroTel S.p.A. | SIEL, Sistemi Elettronici S.R.L Product web page: https://www.eurotel.it | https://www.siel.fm Affected version: v01c01 Microprocessor: socs0t10/ats01s01, Model: ETL3100 Exciter v01x37 Microprocessor: socs0t08/socs0s08...

EuroTel ETL3100 Transmitter Information Disclosure

EuroTel ETL3100 Transmitter Unauthenticated Config/Log Download Vulnerability Vendor: EuroTel S.p.A. | SIEL, Sistemi Elettronici S.R.L Product web page: https://www.eurotel.it | https://www.siel.fm Affected version: v01c01 Microprocessor: socs0t10/ats01s01, Model: ETL3100 Exciter v01x37...

EuroTel ETL3100 Transmitter Authorization Bypass / Insecure Direct Object Reference Vulnerabilities

The EuroTel ETL3100 transmitter is vulnerable to insecure direct object references that occur when the application provides direct access to objects based on user-supplied input. As a result of this vulnerability attackers can bypass authorization and access the hidden resources on the system and...

EuroTel ETL3100 Transmitter Default Credentials Vulnerability

EuroTel ETL3100 transmitters use a weak set of default administrative credentials that can be guessed in remote password attacks and gain full control of the system. EuroTel ETL3100 Transmitter Default Credentials Vendor: EuroTel S.p.A. | SIEL, Sistemi Elettronici S.R.L Product web page:...

OESA-2023-1448 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvbnet.c has a .disconnect versus dvbdeviceopen race condition that leads to a use-after-free.CVE-2022-45886 A use-after-free vulnerability was fou...

Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6231-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6231-1 advisory. It was discovered that the XFS file system implementation in the Linux kernel did not properly perform metadata validation when mounting certain images. ...

PT-2025-53064

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s gl861 i2c master xfer function within the dvb-usb-v2 module. The issue arises because the msg parameter, controlled by the user, can lead to a null...

USN-6231-1: Linux kernel (OEM) vulnerabilities

It was discovered that the XFS file system implementation in the Linux kernel did not properly perform metadata validation when mounting certain images. An attacker could use this to specially craft a file system image that, when mounted, could cause a denial of service system crash. CVE-2023-212...