PT-2025-27722

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.14.0-rc7+ Description: A vulnerability in the Linux kernel has been resolved, specifically in the renesas usbhs module. The issue arises from the incorrect ordering of clock handling and power management in th...

AZL-54881 CVE-2024-53231 affecting package kernel for versions less than 6.6.64.2-1

In the Linux kernel, the following vulnerability has been resolved: cpufreq: CPPC: Fix possible null-ptr-deref for cpufreqcpugetraw cpufreqcpugetraw may return NULL if the cpu is not in policy-cpus cpu mask and it will cause null pointer dereference...

UBUNTU-CVE-2023-31436

qfqchangeclass in net/sched/schqfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQMINLMAX...

AZL-25901 CVE-2023-23000 affecting package hyperv-daemons for versions less than 5.15.111.1-1

In the Linux kernel before 5.17, drivers/phy/tegra/xusb.c mishandles the tegraxusbfindportnode return value. Callers expect NULL in the error case, but an error pointer is used...

SUSE CVE-2006-0555

The Linux Kernel before 2.6.15.5 allows local users to cause a denial of service NFS client panic via unknown attack vectors related to the use of ODIRECT direct I/O...

SUSE CVE-2011-1833

Race condition in the ecryptfsmount function in fs/ecryptfs/main.c in the eCryptfs subsystem in the Linux kernel before 3.1 allows local users to bypass intended file permissions via a mount.ecryptfsprivate mount with a mismatched uid...

SUSE CVE-2011-5327

In the Linux kernel before 3.1, an off by one in the drivers/target/loopback/tcmloop.c tcmloopmakenaatpg function could result in at least memory corruption...

SUSE CVE-2013-4254

The validateevent function in arch/arm/kernel/perfevent.c in the Linux kernel before 3.10.8 on the ARM platform allows local users to gain privileges or cause a denial of service NULL pointer dereference and system crash by adding a hardware event to an event group led by a software event...

SUSE CVE-2017-5206

Firejail before 0.9.44.4, when running on a Linux kernel before 4.8, allows context-dependent attackers to bypass a seccomp-based sandbox protection mechanism via the --allow-debuggers argument...

Ubuntu 18.04 LTS : Linux kernel (Qualcomm Snapdragon) vulnerabilities (USN-5862-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5862-1 advisory. It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 V4L2 implementation in the Linux kernel. A local attacker...

PT-2022-7350 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to 6.0 Description: The issue is related to an improper update of reference count in io uring, leading to Use-After-Free and Local Privilege Escalation. When io msg ring is invoked with a fixed file, it calls io fp...

AZL-6588 CVE-2021-38204 affecting package kernel for versions less than 5.10.78.1-1

drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to cause a denial of service use-after-free and panic by removing a MAX-3421 USB device in certain situations...

PT-2021-7639 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.10.161 Description: The issue is related to a logic error in the io uring implementation, which can trigger a use-after-free vulnerability leading to privilege escalation. In the io prep async work function, t...

Oracle Linux 7 : kernel (ELSA-2020-5023)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5023 advisory. - net bluetooth: l2cap: Fix calling skfilter on non-socket based channel Gopal Tiwari 1888253 CVE-2020-12351 - net bluetooth: a2mp: Fix not initializin...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1671)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DEBIAN-CVE-2019-19083

Memory leaks in clocksourcecreate functions under drivers/gpu/drm/amd/display/dc in the Linux kernel before 5.3.8 allow attackers to cause a denial of service memory consumption. This affects the dce112clocksourcecreate function in drivers/gpu/drm/amd/display/dc/dce112/dce112resource.c, the...

CVE-2019-19047

A memory leak in the mlx5fwfatalreporterdump function in drivers/net/ethernet/mellanox/mlx5/core/health.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service memory consumption by triggering mlx5crdumpcollect failures, aka CID-c7ed6d0183d5...

CVE-2019-19052

A memory leak in the gscanopen function in drivers/net/can/usb/gsusb.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service memory consumption by triggering usbsubmiturb failures, aka CID-fb5be6a7b486...

Code injection

Two memory leaks in the sja1105staticconfigupload function in drivers/net/dsa/sja1105/sja1105spi.c in the Linux kernel before 5.3.5 allow attackers to cause a denial of service memory consumption by triggering staticconfigbufprepareforupload or sja1105inhibittx failures, aka CID-68501df92d11...

CVE-2019-18807

Two memory leaks in the sja1105staticconfigupload function in drivers/net/dsa/sja1105/sja1105spi.c in the Linux kernel before 5.3.5 allow attackers to cause a denial of service memory consumption by triggering staticconfigbufprepareforupload or sja1105inhibittx failures, aka CID-68501df92d11...