Lucene search
+L

202 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:29 a.m.3 views

SUSE CVE-2018-7273

In the Linux kernel through 4.15.4, the floppy driver reveals the addresses of kernel functions and global variables using printk calls within the function showfloppy in drivers/block/floppy.c. An attacker can read this information from dmesg and use the addresses to find the locations of kernel...

5.5CVSS7.5AI score0.01794EPSS
Exploits3References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:29 a.m.11 views

SUSE CVE-2018-7755

An issue was discovered in the fdlockedioctl function in drivers/block/floppy.c in the Linux kernel through 4.15.7. The floppy driver will copy a kernel pointer to user memory in response to the FDGETPRM ioctl. An attacker can send the FDGETPRM ioctl and use the obtained kernel pointer to discove...

4CVSS6.5AI score0.00683EPSS
Exploits1References13
SUSE CVE
SUSE CVE
added 2023/02/15 4:9 a.m.4 views

SUSE CVE-2019-14284

In the Linux kernel before 5.2.3, drivers/block/floppy.c allows a denial of service by setupformatparams division-by-zero. Two consecutive ioctls can trigger the bug: the first one should set the drive geometry with .sect and .rate values that make FSECTPERTRACK be zero. Next, the floppy format...

5.5CVSS6.5AI score0.00703EPSS
Exploits0References18
SUSE CVE
SUSE CVE
added 2023/02/15 4:0 a.m.3 views

SUSE CVE-2020-9383

An issue was discovered in the Linux kernel 3.16 through 5.5.6. setfdc in drivers/block/floppy.c leads to a waittilready out-of-bounds read because the FDC index is not checked for errors before assigning it, aka CID-2e90ca68b0d2...

4.3CVSS6.2AI score0.00731EPSS
Exploits0References18
SUSE CVE
SUSE CVE
added 2023/02/15 3:25 a.m.2 views

SUSE CVE-2022-33981

drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating rawcmd in the rawcmdioctl function...

5.5CVSS6.6AI score0.0055EPSS
Exploits1References45
Tenable Nessus
Tenable Nessus
added 2022/12/20 12:0 a.m.27 views

SUSE SLES15: cluster-md-kmp-default / dlm-kmp-default / gfs2-kmp-default / etc (SUSE-SU-2022:4573-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4573-1 advisory. The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: -...

8.8CVSS7.5AI score0.21314EPSS
Exploits7References120
OSV
OSV
added 2022/08/25 3:58 a.m.3 views

USN-5582-1 linux-azure-fde vulnerabilities

Arthur Mongodin discovered that the netfilter subsystem in the Linux kernel did not properly perform data validation. A local attacker could use this to escalate privileges in certain situations. CVE-2022-34918 Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux...

7.8CVSS7.3AI score0.12746EPSS
Exploits25References12
OpenVAS
OpenVAS
added 2022/08/18 12:0 a.m.29 views

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-2257)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.4AI score0.02913EPSS
Exploits7References2
OSV
OSV
added 2022/08/10 2:30 p.m.13 views

USN-5562-1 linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-bluefield, linux-gcp, linux-gcp-5.4, linux-gke, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerabilities

Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

7.8CVSS7AI score0.12746EPSS
Exploits25References12
Ubuntu
Ubuntu
added 2022/08/10 12:36 p.m.92 views

USN-5560-2: Linux kernel vulnerabilities

Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

7.8CVSS7.3AI score0.12746EPSS
Exploits26
Ubuntu
Ubuntu
added 2022/08/10 11:17 a.m.200 views

USN-5560-1: Linux kernel vulnerabilities

Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

7.8CVSS7.3AI score0.12746EPSS
Exploits26
OSV
OSV
added 2022/08/10 11:17 a.m.13 views

USN-5560-1 linux, linux-aws, linux-azure-4.15, linux-dell300x, linux-gcp-4.15, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities

Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

7.8CVSS7.1AI score0.12746EPSS
Exploits26References14
OSV
OSV
added 2022/08/02 4:11 a.m.3 views

USN-5544-1 linux, linux-hwe-5.15, linux-lowlatency, linux-lowlatency-hwe-5.15 vulnerabilities

It was discovered that the Atheros ath9k wireless device driver in the Linux kernel did not properly handle some error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-1679...

7.8CVSS7AI score0.05496EPSS
Exploits12References5
OSV
OSV
added 2022/07/28 11:2 p.m.17 views

USN-5539-1 linux-bluefield, linux-gcp-5.4, linux-gke-5.4 vulnerabilities

It was discovered that the implementation of the 6pack and mkiss protocols in the Linux kernel did not handle detach events properly in some situations, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service system crash. CVE-2022-1195...

7.5CVSS6.8AI score0.0155EPSS
Exploits3References8
OSV
OSV
added 2022/07/15 9:51 a.m.8 views

SUSE-SU-2022:2407-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new Spectre like Branch Target Buffer attack, that can leak arbitrary kernel information bsc1199657. -...

8CVSS7.8AI score0.04831EPSS
Exploits4References32
OSV
OSV
added 2022/07/14 1:5 a.m.7 views

USN-5518-1 linux, linux-aws, linux-azure, linux-gcp, linux-gke, linux-ibm, linux-kvm, linux-lowlatency, linux-oracle, linux-raspi vulnerabilities

It was discovered that the eBPF implementation in the Linux kernel did not properly prevent writes to kernel objects in BPFBTFLOAD commands. A privileged local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-0500 It was discovered tha...

7.8CVSS6.9AI score0.0055EPSS
Exploits2References7
Ubuntu
Ubuntu
added 2022/07/14 1:5 a.m.121 views

USN-5518-1: Linux kernel vulnerabilities

It was discovered that the eBPF implementation in the Linux kernel did not properly prevent writes to kernel objects in BPFBTFLOAD commands. A privileged local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-0500 It was discovered tha...

7.8CVSS7.2AI score0.0055EPSS
Exploits2
OSV
OSV
added 2022/07/13 7:3 p.m.16 views

USN-5514-1 linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-azure-fde, linux-gcp, linux-gke, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerabilities

It was discovered that the implementation of the 6pack and mkiss protocols in the Linux kernel did not handle detach events properly in some situations, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service system crash. CVE-2022-1195...

7.5CVSS6.8AI score0.0155EPSS
Exploits3References7
Ubuntu
Ubuntu
added 2022/07/13 7:3 p.m.118 views

USN-5514-1: Linux kernel vulnerabilities

It was discovered that the implementation of the 6pack and mkiss protocols in the Linux kernel did not handle detach events properly in some situations, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service system crash. CVE-2022-1195...

7.5CVSS6.9AI score0.0155EPSS
Exploits3
OSV
OSV
added 2022/07/13 9:26 a.m.9 views

SUSE-SU-2022:2382-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new Spectre like Branch Target Buffer attack, that can leak arbitrary kernel information bsc1199657....

8.2CVSS8.3AI score0.04831EPSS
Exploits4References53
Rows per page
Query Builder