200 matches found
kernel: use-after-free in netfilter: nf_tables
A use-after-free flaw was found in the Linux kernel's netfilter: nftables component, which can be exploited to achieve local privilege escalation. When nftablesdelrule is flushing table rules, it is not checked whether the chain is bound, and the chain's owner rule can release the objects in...
kernel: use-after-free in netfilter: nf_tables
A use-after-free flaw was found in the Linux kernel's netfilter: nftables component, which can be exploited to achieve local privilege escalation. When nftablesdelrule is flushing table rules, it is not checked whether the chain is bound, and the chain's owner rule can release the objects in...
kernel: use-after-free in netfilter: nf_tables
A use-after-free flaw was found in the Linux kernel's netfilter: nftables component, which can be exploited to achieve local privilege escalation. When nftablesdelrule is flushing table rules, it is not checked whether the chain is bound, and the chain's owner rule can release the objects in...
CVE-2023-34326 x86/AMD: missing IOMMU TLB flushing
The caching invalidation guidelines from the AMD-Vi specification 48882—Rev 3.07-PUB—Oct 2022 is incorrect on some hardware, as devices will malfunction see stale DMA mappings if some fields of the DTE are updated but the IOMMU TLB is not flushed. Such stale DMA mappings can point to memory range...
SUSE-SU-2023:4476-1 Security update for xen
This update for xen fixes the following issues: - CVE-2023-20588: AMD CPU transitional execution leak via division by zero XSA-439 bsc1215474. - CVE-2023-34322: top-level shadow reference dropped too early for 64-bit PV guests XSA-438 bsc1215145. - CVE-2023-34325: Multiple vulnerabilities in...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : xen (SUSE-SU-2023:4476-1)
The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4476-1 advisory. - A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. CVE-2023-20588 - arm3...
kernel: devlink: hold region lock when flushing snapshots
In the Linux kernel, the following vulnerability has been resolved: devlink: hold region lock when flushing snapshots Netdevsim triggers a splat on reload, when it destroys regions with snapshots pending: WARNING: CPU: 1 PID: 787 at net/core/devlink.c:6291 devlinkregionsnapshotdel+0x12e/0x140 CPU...
Fedora 39 : xen (2023-de338d9f37)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-de338d9f37 advisory. xenstored: A transaction conflict can crash C Xenstored XSA-440, CVE-2023-34323 x86/AMD: missing IOMMU TLB flushing XSA-442, CVE-2023-34326 Multiple...
Fedora 37 : xen (2023-881672fdab)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-881672fdab advisory. xenstored: A transaction conflict can crash C Xenstored XSA-440, CVE-2023-34323 x86/AMD: missing IOMMU TLB flushing XSA-442, CVE-2023-34326 Multiple...
SUSE-SU-2023:4054-1 Security update for xen
This update for xen fixes the following issues: - CVE-2023-34323: A transaction conflict can crash C Xenstored XSA-440, bsc1215744 - CVE-2023-34326: Missing IOMMU TLB flushing XSA-442, bsc1215746 - CVE-2023-34325: Multiple vulnerabilities in libfsimage disk handling XSA-443, bsc1215747 -...
Xen: missing IOMMU TLB flushing (XSA-442)
The caching invalidation guidelines from the AMD-Vi specification 48882âRev 3.07-PUBâOct 2022 is incorrect on some hardware, as devices will malfunction see stale DMA mappings if some fields of the DTE are updated but the IOMMU TLB is not flushed. Such stale DMA mappings can point to memory...
OESA-2023-1636 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2SESSIONSETUP commands. The issue results from the lack of control of resource consumption...
SUSE CVE-2023-3777
A use-after-free vulnerability in the Linux kernel's netfilter: nftables component can be exploited to achieve local privilege escalation. When nftablesdelrule is flushing table rules, it is not checked whether the chain is bound and the chain's owner rule can also release the objects in certain...
USN-6194-1 linux-oem-6.1 vulnerabilities
Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-35788, LP: 2023577 Xingyuan Mo and Gengjia Chen...
kernel: scsi: storvsc: Remove WQ_MEM_RECLAIM from storvsc_error_wq
In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Remove WQMEMRECLAIM from storvscerrorwq storvscerrorwq workqueue should not be marked as WQMEMRECLAIM as it doesn't need to make forward progress under memory pressure. Marking this workqueue as WQMEMRECLAIM may...
SUSE CVE-2017-7495
fs/ext4/inode.c in the Linux kernel before 4.6.2, when ext4 data=ordered mode is used, mishandles a needs-flushing-before-commit list, which allows local users to obtain sensitive information from other users' files in opportunistic circumstances by waiting for a hardware reset, creating a new...
GSD-2023-1000620 devlink: hold region lock when flushing snapshots
devlink: hold region lock when flushing snapshots This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...
GHSA-8HMH-MHQV-7638 PartialBufferOutputStream2 flush issues
Withdrawn This advisory has been withdrawn as there the effects of the bug would only give the caller an incomplete view of data which they would be authorized to see. Original Advisory PartialBufferOutputStream2 in GeoServer before 1.6.1 and 1.7.0-beta1 attempts to flush buffer contents even whe...
Exposure of Sensitive Information to an Unauthorized Actor in Undertow
An information leak vulnerability was found in Undertow. If all headers are not written out in the first write call then the code that handles flushing the buffer will always write out the full contents of the writevBuffer buffer, which may contain data from previous requests...
GSD-2022-1002093 dax: make sure inodes are flushed before destroy cache
dax: make sure inodes are flushed before destroy cache This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.110 by commit...