694 matches found
CVE-2022-26452
CVE-2022-26452 affects the isp component, describing a use-after-free caused by improper locking. The vulnerability enables local escalation of privilege with System execution privileges required and does not require user interaction. The available connected documents consistently cite a patch id...
MediaTek 芯片安全漏洞
MediaTek Inc. is the world's fourth largest fab semiconductor company and a market leader in mobile devices, smart home applications, wireless connectivity technologies and IoT products, with approximately 1.5 billion devices with MediaTek chips built into them hitting the market around the world...
MediaTek 芯片安全漏洞
MediaTek Inc. is the world's fourth largest fab semiconductor company and a market leader in mobile devices, smart home applications, wireless connectivity technologies and IoT products, with approximately 1.5 billion devices with MediaTek chips built into them hitting the market around the world...
CVE-2022-26452
In isp, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07262305; Issue ID: ALPS07262305...
PT-2022-17886 · Vdec Fmt · Vdec Fmt
Name of the Vulnerable Software and Affected Versions: vdec fmt affected versions not specified Description: The issue is related to a possible use after free due to improper locking in vdec fmt. This could lead to local escalation of privilege, with System execution privileges needed. User...
PT-2022-17863 · Isp · Isp
Name of the Vulnerable Software and Affected Versions: isp affected versions not specified Description: The issue is related to a possible use after free due to improper locking, which could lead to local escalation of privilege. System execution privileges are needed for exploitation, and user...
Linux kernel denial of service vulnerability (CNVD-2022-68087)
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A denial of service vulnerability exists in the Linux kernel that stems from improper locking, a race condition flaw has been found in the Linux kernel sound subsystem, which m...
CVE-2022-3303
A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTLDSPSYNC ioctl. A privileged local user root or member of the audio group could use this flaw to crash the system, resulting in a denial...
CVE-2022-3303
CVE-2022-3303 is a race-condition vulnerability in the Linux kernel sound subsystem (SNDCTL_DSP_SYNC ioctl) that can cause a NULL pointer dereference and denial of service via a locally privileged user. The issue affects the Linux kernel’s sound code path and can crash the system, potentially ena...
mariadb: improper locking due to the unreleased lock in extra/mariabackup/ds_compress.cc
MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/dscompress.cc, when an error occurs pthreadcreate returns a nonzero value while executing the method createworkerthreads, the held lock is not released correctly, which allows local users to trigger a denial of...
CVE-2022-26451
In ged, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07202966; Issue ID: ALPS07202966...
CVE-2022-26451
In ged, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07202966; Issue ID: ALPS07202966...
Design/Logic Flaw
In ged, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07202966; Issue ID: ALPS07202966...
CVE-2022-26451
In ged, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07202966; Issue ID: ALPS07202966...
MediaTek 芯片资源管理错误漏洞
MediaTek chips are a variety of chips from MediaTek, a Chinese company called MediaTek. A security vulnerability exists in the ged module of the MediaTek chips, which stems from improper locking and use after free. This could result in a local privilege escalation that requires system execution...
PT-2022-17862 · Ged · Ged
Name of the Vulnerable Software and Affected Versions: ged affected versions not specified Description: The issue is related to a possible use after free due to improper locking, which could lead to local escalation of privilege. System execution privileges are needed for exploitation, and user...
mariadb: improper locking due to the unreleased lock in extra/mariabackup/ds_compress.cc
MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/dscompress.cc, when an error occurs pthreadcreate returns a nonzero value while executing the method createworkerthreads, the held lock is not released correctly, which allows local users to trigger a denial of...
CVE-2022-20376
In trustylogseqstart of trusty-log.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
Design/Logic Flaw
In trustylogseqstart of trusty-log.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
CVE-2022-20376
In trustylogseqstart of trusty-log.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...