Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly initializing memory. An attacker could exploit this vulnerability to execute arbitrary code in...

Uninitialized local variable uint256 _i

Lines of code Vulnerability details Impact Uninitialized local variable uint256 i is a variable that was declared inside a function but it was not assigned a value. It contains default value for that data type. Using an uninitialized variable in an expression may give unexpected results or cause...

USN-5695-1 linux-gcp vulnerabilities

It was discovered that the SUNRPC RDMA protocol implementation in the Linux kernel did not properly calculate the header size of a RPC message payload. A local attacker could use this to expose sensitive information kernel memory. CVE-2022-0812 Moshe Kol, Amit Klein and Yossi Gilad discovered tha...

UBUNTU-CVE-2022-3637

A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function jlinkinit of the file monitor/jlink.c of the component BlueZ. The manipulation leads to denial of service. It is recommended to apply a patch to fix this issue. The identifier of...

PT-2022-36695 · Oracle · Java.Base

Name of the Vulnerable Software and Affected Versions: java.base affected versions not specified Description: A security exception crash has been reported. The crash occurs in the jaz.Zer class during the initialization process, specifically in the java.lang.Class.forName0 and...

Linux Kernel nftables Uninitialized Variable Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of the Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

kernel: information leak in the IPv4 implementation

An information leak flaw was found in the Linux kernel’s IPv4 implementation in the iprtinit in net/ipv4/route.c function. The use of a small hash table in IP ID generation allows a remote attacker to reveal sensitive information...

kernel: information leak in the IPv4 implementation

An information leak flaw was found in the Linux kernel’s IPv4 implementation in the iprtinit in net/ipv4/route.c function. The use of a small hash table in IP ID generation allows a remote attacker to reveal sensitive information...

Siemens Simcenter Femap JT File Parsing Uninitialized Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Simcenter Femap. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

CVE-2022-3358

A flaw was found in OpenSSL, where it incorrectly handles legacy custom ciphers passed to the EVPEncryptInitex2, EVPDecryptInitex2 and EVPCipherInitex2 functions as well as other similarly named encryption and decryption initialization functions. Instead of using the custom cipher directly, it...

Altair HyperView Player H3D File Parsing Uninitialized Memory Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Altair HyperView Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

USN-5678-1: Linux kernel vulnerabilities

It was discovered that the SUNRPC RDMA protocol implementation in the Linux kernel did not properly calculate the header size of a RPC message payload. A local attacker could use this to expose sensitive information kernel memory. CVE-2022-0812 Moshe Kol, Amit Klein and Yossi Gilad discovered tha...

CVE-2022-3358

OpenSSL supports creating a custom cipher via the legacy EVPCIPHERmethnew function and associated function calls. This function was deprecated in OpenSSL 3.0 and application authors are instead encouraged to use the new provider mechanism in order to implement custom ciphers. OpenSSL versions 3.0...

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2022-2532)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Excessive grant frame usage in Windows xenbus drivers after version 9.1.3

A VM with 2 VBD, 8 vCPUs, 7 VIFs may consume over 90 grant tables, but ONLY consume 26grant tables when running with xen PV driver version 9.1.2. It will lead to virtual NIC initialization failure issue after Windows VM startup. Device manager shows NICs are notinitialized: Setupapi.log : Device...

The vulnerability of the bpf_sys_bpf() function in the Linux operating system’s BPF subsystem allows a hacker to gain unauthorized access to protected information.

The vulnerability of the bpfsysbpf function in the Linux kernel’s BPF subsystem stems from the operation of pushing data out of the buffer into memory during pointer initialization. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

After pool is initialized, user can perform a sandwich attack through front-running and back-running mint transaction by calling swap function twice to manipulate initial price to be much different than market price and gain much more of output token than expected

Lines of code Vulnerability details Impact After the following initialize function is called, the pool does not own any of the tokens at that moment since the mint function below is not called yet. When the mint transaction is sent, a malicious user can notice it in the mempool and front-run it b...

[NAZ-M3] initialize() Can be Front-Run

Lines of code Vulnerability details Impact AlgebraPool.sol is deployed and initialized in two different transactions. This allows an attacker to be able front-run the AlgebraPool.sol's initialize after it's deployed. Proof of Concept The attacker can do this for two different reasons: 1. Price =...

Upstash Adapter missing token verification

Impact Applications that use next-auth Email Provider and @next-auth/upstash-redis-adapter before v3.0.2 are affected. Description The Upstash Redis adapter implementation did not check for both the identifier email and the token, but only checking for the identifier when verifying the token in t...

GHSA-4RXR-27MM-MXQ9 Upstash Adapter missing token verification

Impact Applications that use next-auth Email Provider and @next-auth/upstash-redis-adapter before v3.0.2 are affected. Description The Upstash Redis adapter implementation did not check for both the identifier email and the token, but only checking for the identifier when verifying the token in t...