677 matches found
AZL-26668 CVE-2023-31436 affecting package hyperv-daemons for versions less than 5.15.111.1-1
qfqchangeclass in net/sched/schqfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQMINLMAX...
CVE-2022-34292
Docker Desktop for Windows before 4.6.0 allows attackers to overwrite any file through a symlink attack on the hyperv/create dockerBackendV2 API by controlling the DataFolder parameter for DockerDesktop.vhdx, a similar issue to CVE-2022-31647...
CVE-2022-31647
Docker Desktop before 4.6.0 on Windows allows attackers to delete any file through the hyperv/destroy dockerBackendV2 API via a symlink in the DataFolder parameter, a different vulnerability than CVE-2022-26659...
Design/Logic Flaw
Docker Desktop before 4.6.0 on Windows allows attackers to delete any file through the hyperv/destroy dockerBackendV2 API via a symlink in the DataFolder parameter, a different vulnerability than CVE-2022-26659...
CVE-2022-31647
Docker Desktop before 4.6.0 on Windows allows attackers to delete any file through the hyperv/destroy dockerBackendV2 API via a symlink in the DataFolder parameter, a different vulnerability than CVE-2022-26659...
PT-2023-2595 · Docker · Docker Desktop
Name of the Vulnerable Software and Affected Versions: Docker Desktop versions prior to 4.6.0 Description: The issue is related to errors in handling symbolic links within the settings.DataFolder variable in the Docker Desktop for Windows platform. This can allow a remote attacker to gain read,...
PT-2023-2594 · Docker · Docker Desktop For Windows
Name of the Vulnerable Software and Affected Versions: Docker Desktop for Windows versions prior to 4.6.0 Description: The issue is related to a symlink attack on the hyperv/create dockerBackendV2 API, allowing attackers to overwrite any file by controlling the DataFolder parameter for...
AZL-28505 CVE-2023-31084 affecting package hyperv-daemons for versions less than 5.15.158.2-1
An issue was discovered in drivers/media/dvb-core/dvbfrontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASKRUNNING. In dvbfrontendgetevent, waiteventinterruptible is called; the condition is dvbfrontendtesteventfepriv,events. In dvbfrontendtestevent,...
AZL-34803 CVE-2023-31084 affecting package hyperv-daemons for versions less than 6.6.35.1-1
An issue was discovered in drivers/media/dvb-core/dvbfrontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASKRUNNING. In dvbfrontendgetevent, waiteventinterruptible is called; the condition is dvbfrontendtesteventfepriv,events. In dvbfrontendtestevent,...
AZL-26234 CVE-2023-1998 affecting package hyperv-daemons for versions less than 5.15.118.1-1
The Linux kernel allows userspace processes to enable mitigations by calling prctl with PRSETSPECULATIONCTRL which disables the speculation feature as well as by using seccomp. We had noticed that on VMs of at least one major cloud provider, the kernel still left the victim process exposed to...
AZL-26983 CVE-2023-1989 affecting package hyperv-daemons for versions less than 5.15.118.1-1
A use-after-free flaw was found in btsdioremove in drivers\bluetooth\btsdio.c in the Linux Kernel. In this flaw, a call to btsdioremove with an unfinished job, may cause a race problem leading to a UAF on hdev devices...
CVE-2022-4379 affecting package hyperv-daemons 5.10.172.1-1
CVE-2022-4379 affecting package hyperv-daemons 5.10.172.1-1. This CVE either no longer is or was never applicable...
AZL-26142 CVE-2023-1855 affecting package hyperv-daemons for versions less than 5.15.107.1-1
A use-after-free flaw was found in xgenehwmonremove in drivers/hwmon/xgene-hwmon.c in the Hardware Monitoring Linux Kernel Driver xgene-hwmon. This flaw could allow a local attacker to crash the system due to a race problem. This vulnerability could even lead to a kernel information leak problem...
AZL-25900 CVE-2023-1670 affecting package hyperv-daemons for versions less than 5.15.107.1-1
A flaw use after free in the Linux kernel Xircom 16-bit PCMCIA PC-card Ethernet driver was found.A local user could use this flaw to crash the system or potentially escalate their privileges on the system...
CBL Mariner 2.0 Security Update: hyperv-daemons (CVE-2022-3707)
The version of hyperv-daemons installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-3707 advisory. - A double-free memory flaw was found in the Linux kernel. The Intel GVT-g graphics driver triggers VGA...
CBL Mariner 2.0 Security Update: hyperv-daemons / kernel (CVE-2023-26545)
The version of hyperv-daemons / kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-26545 advisory. - In the Linux kernel before 6.1.13, there is a double free in net/mpls/afmpls.c upon an...
CVE-2023-26545 affecting package hyperv-daemons for versions less than 5.15.102.1-1
CVE-2023-26545 affecting package hyperv-daemons for versions less than 5.15.102.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2022-3707 affecting package hyperv-daemons for versions less than 5.15.102.1-1
CVE-2022-3707 affecting package hyperv-daemons for versions less than 5.15.102.1-1. An upgraded version of the package is available that resolves this issue...
CBL Mariner 2.0 Security Update: hyperv-daemons / kernel (CVE-2022-47929)
The version of hyperv-daemons / kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-47929 advisory. - In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control...
CBL Mariner 2.0 Security Update: kernel (CVE-2022-3107)
The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-3107 advisory. - An issue was discovered in the Linux kernel through 5.16-rc6. netvscgetethtoolstats in...