5 matches found
The vulnerability of the gsm_dlci_config() function in the TTY driver (drivers/tty/n_gsm.c) of the Linux kernel allows a hacker to increase their privileges.
The vulnerability of the gsmdlciconfig function in the TTY driver drivers/tty/ngsm.c of the Linux kernel is related to the reallocation of previously freed memory due to concurrent access to resources. Exploiting this vulnerability can allow an attacker to increase their privileges...
kernel: GSM multiplexing race condition leads to privilege escalation
A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOCSETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsmdlci while restarting th...
kernel: GSM multiplexing race condition leads to privilege escalation
A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOCSETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsmdlci while restarting th...
DEBIAN-CVE-2023-52564
In the Linux kernel, the following vulnerability has been resolved: Revert "tty: ngsm: fix UAF in gsmcleanupmux" This reverts commit 9b9c8195f3f0d74a826077fc1c01b9ee74907239. The commit above is reverted as it did not solve the original issue. gsmcleanupmux tries to free up the virtual ttys by...
DEBIAN-CVE-2023-6546
A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOCSETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsmdlci while restarting th...