Ubuntu: Security Advisory (USN-5915-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5917-1: Linux kernel vulnerabilities

It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...

USN-5915-1: Linux kernel (OEM) vulnerabilities

It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...

USN-5915-1 linux-oem-6.1 vulnerabilities

It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...

NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2023-0001)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel packages installed that are affected by multiple vulnerabilities: - A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU...

NewStart CGSL MAIN 6.02 : kernel Multiple Vulnerabilities (NS-SA-2023-0005)

The remote NewStart CGSL host, running version MAIN 6.02, has kernel packages installed that are affected by multiple vulnerabilities: - A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw...

SUSE CVE-2017-8061

drivers/media/usb/dvb-usb/dvb-usb-firmware.c in the Linux kernel 4.9.x and 4.10.x before 4.10.7 interacts incorrectly with the CONFIGVMAPSTACK option, which allows local users to cause a denial of service system crash or memory corruption or possibly have unspecified other impact by leveraging us...

SUSE CVE-2017-8062

drivers/media/usb/dvb-usb/dw2102.c in the Linux kernel 4.9.x and 4.10.x before 4.10.4 interacts incorrectly with the CONFIGVMAPSTACK option, which allows local users to cause a denial of service system crash or memory corruption or possibly have unspecified other impact by leveraging use of more...

SUSE CVE-2017-16648

The dvbfrontendfree function in drivers/media/dvb-core/dvbfrontend.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service use-after-free and system crash or possibly have unspecified other impact via a crafted USB device. NOTE: the function was later renamed...

SUSE CVE-2019-15213

An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver...

SUSE CVE-2021-22222

Infinite loop in DVB-S2-BB dissector in Wireshark 3.4.0 to 3.4.5 allows denial of service via packet injection or crafted capture file...

SUSE CVE-2022-41218

In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvbdemuxopen and dvbdmxdevrelease...

SUSE CVE-2022-45887

An issue was discovered in the Linux kernel through 6.0.9. drivers/media/usb/ttusb-dec/ttusbdec.c has a memory leak because of the lack of a dvbfrontenddetach call...

SUSE CVE-2022-45886

An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvbnet.c has a .disconnect versus dvbdeviceopen race condition that leads to a use-after-free...

SUSE CVE-2022-45919

An issue was discovered in the Linux kernel through 6.0.10. In drivers/media/dvb-core/dvbcaen50221.c, a use-after-free can occur is there is a disconnect after an open, because of the lack of a waitevent...

The vulnerability in the DVB driver (drivers/media/dvb-core/dvb_frontend.c) of the Linux operating system allows a hacker to cause a service failure or increase their privileges.

The vulnerability of the DVB driver drivers/media/dvb-core/dvbfrontend.c in the Linux operating system is related to the reutilization of previously freed memory. Exploiting this vulnerability can allow an attacker to cause service failures or increase their privileges...

GSD-2023-1001552 media: dvb-frontends: fix leak of memory fw

media: dvb-frontends: fix leak of memory fw This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.337 by commit...

GSD-2023-1001551 media: dvb-usb: fix memory leak in dvb_usb_adapter_init()

media: dvb-usb: fix memory leak in dvbusbadapterinit This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.337 by commit...

GSD-2023-1001533 media: dvb-core: Fix double free in dvb_register_device()

media: dvb-core: Fix double free in dvbregisterdevice This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.337 by commit...

GSD-2023-1001323 media: dvb-frontends: fix leak of memory fw

media: dvb-frontends: fix leak of memory fw This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.163 by commit...