ROS-20260112-7310

A vulnerability in the ioctl.c component of the Linux operating system kernel is related to integer overflow. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

The vulnerabilities in the components inode.c, ioctl.c, root-tree.c, and root-tree.h of the Linux operating system’s kernel allow a hacker to cause a service failure.

The vulnerability in the components inode.c, ioctl.c, root-tree.c, and root-tree.h of the Linux operating system is related to improper memory release before deleting the last reference. Exploiting this vulnerability can allow an attacker to cause a service failure...

RHEL 9 : kernel (RHSA-2024:5066)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5066 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: block: null pointer dereferenc...

SUSE SLES15 Security Update : kernel RT (Live Patch 8 for SLE 15 SP5) (SUSE-SU-2024:0639-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2024:0639-1 advisory. - An issue was discovered in the Linux kernel before 6.6.8. dovccioctl in net/atm/ioctl.c has a use-after- free because of a vccrecvmsg race condition...

SUSE SLES15 Security Update : kernel RT (Live Patch 5 for SLE 15 SP5) (SUSE-SU-2024:0624-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0624-1 advisory. - A use-after-free vulnerability in the Linux kernel's net/sched: schqfq component can be exploited to achieve local privilege escalation. When...

CVE-2024-23851

copyparams in drivers/md/dm-ioctl.c in the Linux kernel through 6.7.1 can attempt to allocate more than INTMAX bytes, and crash, because of a missing paramkernel-datasize check. This is related to ctlioctl...

CVE-2024-23851

copyparams in drivers/md/dm-ioctl.c in the Linux kernel through 6.7.1 can attempt to allocate more than INTMAX bytes, and crash, because of a missing paramkernel-datasize check. This is related to ctlioctl...

CVE-2023-51780

An issue was discovered in the Linux kernel before 6.6.8. dovccioctl in net/atm/ioctl.c has a use-after-free because of a vccrecvmsg race condition...

CVE-2023-51780

An issue was discovered in the Linux kernel before 6.6.8. dovccioctl in net/atm/ioctl.c has a use-after-free because of a vccrecvmsg race condition...

CVE-2023-51780

An issue was discovered in the Linux kernel before 6.6.8. dovccioctl in net/atm/ioctl.c has a use-after-free because of a vccrecvmsg race condition...

OracleVM 3.4 : kernel-uek (OVMSA-2023-0017)

The remote OracleVM system is missing necessary patches to address security updates: - A use-after-free flaw was found in the Linux kernel's Atheros wireless adapter driver in the way a user forces the ath9khtcwaitfortarget function to fail with some input messages. This flaw allows a local user ...

CVE-2023-2269

A flaw was found in the Linux Kernel, leading to a denial of service. This issue occurs due to a possible recursive locking scenario, resulting in a deadlock in tableclear in drivers/md/dm-ioctl.c in the Linux Kernel Device Mapper-Multipathing sub-component. Mitigation Mitigation for this issue i...

CVE-2023-2269

A denial of service problem was found, due to a possible recursive locking scenario, resulting in a deadlock in tableclear in drivers/md/dm-ioctl.c in the Linux Kernel Device Mapper-Multipathing sub-component...

Design/Logic Flaw

In ionioctl of ion-ioctl.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

CVE-2021-39800

CVE-2021-39800 affects the Android kernel ION component (ion_ioctl.c) where a use-after-free can leak kernel head data, enabling local information disclosure without extra privileges or user interaction. Exploitation details are not provided in the supplied documents. Impact is limited to local d...

CVE-2021-39801

In ionioctl of ion-ioctl.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

ASB-A-208277166

In ionioctl of ion-ioctl.c, there is a possible way to leak kernel head data due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

OracleVM 3.4 : kernel-uek (OVMSA-2021-0022)

The remote OracleVM system is missing necessary patches to address security updates: - Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access. CVE-2020-12352 - An issue was discovered in the Linux kernel before 5.8.1...

Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2021-9305)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9305 advisory. - dm ioctl: fix out of bounds array access when no devices Mikulas Patocka Orabug: 32860493 CVE-2021-31916 - powerpc/64s: flush L1D after user accesses...

Linux kernel 缓冲区错误漏洞

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. An out-of-bounds memory write vulnerability exists in listdevices in drivers/md/dm-ioctl.c in the Multi-Device Driver...