250 matches found
UBUNTU-CVE-2022-23038
Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Several Linux PV device frontends are using the grant table interfaces for removing access rights of the...
Race condition
Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Several Linux PV device frontends are using the grant table interfaces for removing access rights of the...
CVE-2022-23042
CVE-2022-23042 is part of a set describing race-condition vulnerabilities in Linux PV (paravirtualization) grant-table frontends. The Astra Linux advisories summarize that multiple frontends—blkfront, netfront, scsifront, and the gntalloc driver—test whether a grant reference is still in use, and...
CVE-2022-23042
Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Several Linux PV device frontends are using the grant table interfaces for removing access rights of the...
CVE-2022-23042
Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Several Linux PV device frontends are using the grant table interfaces for removing access rights of the...
CVE-2022-23036
The Connected Astra Linux entries provide concrete details for CVEs 2022-23036 to 2022-23042 and related entries, describing a shared vulnerability class in Linux PV device frontends. Specifically, blkfront, netfront, scsifront, and the gntalloc driver use grant-table interfaces to remove backend...
Linux PV device frontends vulnerable to attacks by backends
ISSUE DESCRIPTION Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious...
kernel: out of bound read in DVB connexant driver.
A vulnerability was found in the Linux kernel’s CX24116 tv-card driver, where an out of bounds read occurs when checking userspace params in drivers/media/dvb-frontends/cx24116.c. An attacker could use this flaw to leak kernel private information to userspace...
GHSA-926Q-WXR6-3CRQ Moderate severity vulnerability that affects roundup
Roundup 1.6 allows XSS via the URI because frontends/roundup.cgi and roundup/cgi/wsgihandler.py mishandle 404 errors...
Ubuntu 4.10 : imagemagick vulnerability (USN-90-1)
Tavis Ormandy discovered a format string vulnerability in ImageMagick's file name handling. Specially crafted file names could cause a program using ImageMagick to crash, or possibly even cause execution of arbitrary code. Since ImageMagick can be used in custom printing systems, this also might...