AlmaLinux 8 : kernel (ALSA-2023:2951)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:2951 advisory. - Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage. CVE-2021-26341 - When sending...

kernel: igmp: use-after-free in ip_check_mc_rcu when opening and closing inet sockets

A use-after-free flaw was found in the Linux kernel’s IGMP protocol in how a user triggers a race condition in the ipcheckmcrcu function. This flaw allows a local user to crash or potentially escalate their privileges on the system...

AlmaLinux 9 : kernel-rt (ALSA-2023:2148)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:2148 advisory. - Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage. CVE-2021-26341 - When sending...

RHEL 9 : kernel-rt (RHSA-2023:2148)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:2148 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

SUSE CVE-2022-20141

In ipcheckmcrcu of igmp.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege when opening and closing inet sockets with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

SUSE SLES12 Security Update : kernel (Live Patch 23 for SLE 12 SP5) (SUSE-SU-2022:2780-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2780-1 advisory. - The root cause of this vulnerability is that the ioctl$DRMIOCTLMODEDESTROYDUMB can decrease refcount of drmvgemgemobject created in...

SUSE SLES12 Security Update : kernel (Live Patch 25 for SLE 12 SP5) (SUSE-SU-2022:2789-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2789-1 advisory. - The root cause of this vulnerability is that the ioctl$DRMIOCTLMODEDESTROYDUMB can decrease refcount of drmvgemgemobject created in...

SUSE SLES15 Security Update : kernel (Live Patch 27 for SLE 15 SP2) (SUSE-SU-2022:2781-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2781-1 advisory. - A use-after-free flaw was found in the Linux kernel's Atheros wireless adapter driver in the way a user forces the...

SUSE SLES12 / SLES15 Security Update : kernel (Live Patch 29 for SLE 15) (SUSE-SU-2022:2750-1)

The remote SUSE Linux SLES12 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2750-1 advisory. - The root cause of this vulnerability is that the ioctl$DRMIOCTLMODEDESTROYDUMB can decrease refcount of drmvgemgemobject...

SUSE SLES12 Security Update : kernel (Live Patch 26 for SLE 12 SP5) (SUSE-SU-2022:2745-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2745-1 advisory. - The root cause of this vulnerability is that the ioctl$DRMIOCTLMODEDESTROYDUMB can decrease refcount of drmvgemgemobject created in...

SUSE SLES15 Security Update : kernel (Live Patch 18 for SLE 15 SP3) (SUSE-SU-2022:2759-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2759-1 advisory. - A use-after-free flaw was found in the Linux kernel's Atheros wireless adapter driver in the way a user forces the...

SUSE SLES12 / SLES15 Security Update : kernel (Live Patch 26 for SLE 12 SP4) (SUSE-SU-2022:2710-1)

The remote SUSE Linux SLES12 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2710-1 advisory. - The root cause of this vulnerability is that the ioctl$DRMIOCTLMODEDESTROYDUMB can decrease refcount of drmvgemgemobject...

SUSE SLES15 Security Update : kernel (Live Patch 17 for SLE 15 SP3) (SUSE-SU-2022:2732-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2732-1 advisory. - A use-after-free flaw was found in the Linux kernel's Atheros wireless adapter driver in the way a user forces the...

SUSE SLES15 Security Update : kernel (Live Patch 28 for SLE 15) (SUSE-SU-2022:2728-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2728-1 advisory. - The root cause of this vulnerability is that the ioctl$DRMIOCTLMODEDESTROYDUMB can decrease refcount of drmvgemgemobject created ...

SUSE SLES12 Security Update : kernel (Live Patch 24 for SLE 12 SP4) (SUSE-SU-2022:2699-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2699-1 advisory. - The root cause of this vulnerability is that the ioctl$DRMIOCTLMODEDESTROYDUMB can decrease refcount of drmvgemgemobject created in...

SUSE SLES12 Security Update : kernel (Live Patch 27 for SLE 12 SP4) (SUSE-SU-2022:2697-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2697-1 advisory. - A use-after-free flaw was found in the Linux kernel's Atheros wireless adapter driver in the way a user forces the ath9khtcwaitfortarget...

CVE-2022-20141

A use-after-free flaw was found in the Linux kernel’s IGMP protocol in how a user triggers a race condition in the ipcheckmcrcu function. This flaw allows a local user to crash or potentially escalate their privileges on the system...

Google Android Elevation of Privilege Vulnerability (CNVD-2022-52271)

Google Android is a Linux-based open source operating system from Google, Inc. An elevation of privilege vulnerability exists in Google Android, which stems from a locking error in ipcheckmcrcu in igmp.c and can be exploited by attackers to cause a local privilege escalation...

DEBIAN-CVE-2022-20141

In ipcheckmcrcu of igmp.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege when opening and closing inet sockets with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

Design/Logic Flaw

In ipcheckmcrcu of igmp.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege when opening and closing inet sockets with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...