6 matches found
EUVD-2023-59723
Malicious code in bioql PyPI...
CVE-2023-52997
A vulnerability was found in the Linux kernel's ipmetricsconvert function, where improper handling of user input can potentially leak kernel memory via side channels. This issue is caused by the use of @type, a user-controlled input, which is an array within this function. If a CPU speculatively...
CVE-2023-52997 ipv4: prevent potential spectre v1 gadget in ip_metrics_convert()
In the Linux kernel, the following vulnerability has been resolved: ipv4: prevent potential spectre v1 gadget in ipmetricsconvert if !type continue; if type RTAXMAX return -EINVAL; ... metricstype - 1 = val; @type being used as an array index, we need to prevent cpu speculation or risk leaking...
CVE-2023-52997 ipv4: prevent potential spectre v1 gadget in ip_metrics_convert()
In the Linux kernel, the following vulnerability has been resolved: ipv4: prevent potential spectre v1 gadget in ipmetricsconvert if !type continue; if type RTAXMAX return -EINVAL; ... metricstype - 1 = val; @type being used as an array index, we need to prevent cpu speculation or risk leaking...
GSD-2023-1002248 ipv4: prevent potential spectre v1 gadget in ip_metrics_convert()
ipv4: prevent potential spectre v1 gadget in ipmetricsconvert This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.272 by commit...
GSD-2023-1002058 ipv4: prevent potential spectre v1 gadget in ip_metrics_convert()
ipv4: prevent potential spectre v1 gadget in ipmetricsconvert This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.91 by commit...