694 matches found
Debian dla-3778 : libnss-libvirt - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3778 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3778-1 [email protected]...
kernel: vmwgfx: race condition leading to information disclosure vulnerability
A race condition vulnerability was found in the vmwgfx driver in the Linux kernel. The flaw exists within the handling of GEM objects. The issue results from improper locking when performing operations on an object. This flaw allows a local privileged user to disclose information in the context o...
Linux kernel security vulnerabilities
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the fact that idev-mcifccount is allowed to be rewritten without proper locking...
kernel: vmwgfx: race condition leading to information disclosure vulnerability
A race condition vulnerability was found in the vmwgfx driver in the Linux kernel. The flaw exists within the handling of GEM objects. The issue results from improper locking when performing operations on an object. This flaw allows a local privileged user to disclose information in the context o...
mariadb: improper locking due to unreleased lock in the ds_xbstream.cc
MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/dsxbstream.cc, when an error occurs streamctxt-destfile == NULL while executing the method xbstreamopen, the held lock is not released correctly, which allows local users to trigger a denial of service due to the...
mariadb: DoS due to improper locking due to unreleased lock in plugin/server_audit/server_audit.c
MariaDB Server before 10.7 is vulnerable to Denial of Service. While executing the plugin/serveraudit/serveraudit.c method logstatementex, the held lock lockbigbuffer is not released correctly, which allows local users to trigger a denial of service due to the deadlock...
CVE-2023-3781
there is a possible use-after-free write due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
Design/Logic Flaw
there is a possible use-after-free write due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-3781
there is a possible use-after-free write due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-3781
there is a possible use-after-free write due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
PT-2023-26124 · Google · Android
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to a possible use-after-free write due to improper locking, which could lead to local escalation of privilege with no additional...
PT-2023-9460 · Linux +4 · Linux Kernel +4
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to incorrect locking of resources in the llcp component of the Linux kernel. This could allow an attacker to cause a denial of service. The device list needs its...
CVE-2023-32824
In rpmb , there is a possible double free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07912966; Issue ID: ALPS07912961...
Double free
In rpmb , there is a possible double free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07912966; Issue ID: ALPS07912961...
CVE-2023-32824
In rpmb , there is a possible double free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07912966; Issue ID: ALPS07912961...
MediaTek Chip Resource Management Error Vulnerability
MediaTek chips are a variety of chips from MediaTek, a company owned by MediaTek of China. A resource management error vulnerability exists in the MediaTek chips, which stems from an improper locking of the rpmb module, which may result in a double release...
PT-2023-24055 · Rpmb · Rpmb
Name of the Vulnerable Software and Affected Versions: rpmb affected versions not specified Description: The issue is related to a possible double free due to improper locking in rpmb, which could lead to local escalation of privilege. System execution privileges are needed for exploitation, and...
PUB-A-289470723
In gxpmappingput, there is a possible use-after-free write due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
SUSE-SU-2023:3313-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-40982: Fixed transient execution attack called 'Gather Data Sampling' bsc1206418. - CVE-2023-0459: Fixed information leak in uaccessbeginnospec...
SUSE-SU-2023:3311-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-40982: Fixed transient execution attack called 'Gather Data Sampling' bsc1206418. - CVE-2023-0459: Fixed information leak in uaccessbeginnospec...