SUSE CVE-2016-8636

Integer overflow in the memcheckrange function in drivers/infiniband/sw/rxe/rxemr.c in the Linux kernel before 4.9.10 allows local users to cause a denial of service memory corruption, obtain sensitive information from kernel memory, or possibly have unspecified other impact via a write or read...

SUSE CVE-2017-7558

A kernel data leak due to an out-of-bound read was found in the Linux kernel in inetdiagmsgsctp,laddrfill and sctpgetsctpinfo functions present since version 4.7-rc1 through version 4.13. A data leak happens when these functions fill in sockaddr data structures used to export socket's diagnostic...

SUSE CVE-2021-39800

In ionioctl of ion-ioctl.c, there is a possible way to leak kernel head data due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

SUSE CVE-2022-1651

A memory leak flaw was found in the Linux kernel in acrndevioctl in the drivers/virt/acrn/hsm.c function in how the ACRN Device Model emulates virtual NICs in VM. This flaw allows a local privileged attacker to leak unauthorized kernel information, causing a denial of service...

PT-2023-33292 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 5.10.157 through 5.10.158 Description: The issue is related to a data race in the netfilter ctnetlink component of the Linux Kernel. The actual impact and attack plausibility have not yet been proven. Recommendations: Fo...

NVIDIA GPU Display Driver 缓冲区错误漏洞

NVIDIA GPU Display Driver is a driver from NVIDIA Corporation that is used for interactive support of graphics card display modules in operating systems. A security vulnerability exists in NVIDIA GPU Display Driver, which arises from a failure to properly validate data at the kernel mode layer th...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS, which stems from a bypass checking vulnerability in the HISP module for data passed in the kernel state...

Huawei HarmonyOS 缓冲区错误漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a microkernel-based, distributed operating system. Huawei HarmonyOS is vulnerable to an input validation error, which stems from the existence of a HISP module that does not validate data passed from the kernel state. An...

GSD-2022-1005944 net: Fix data-races around netdev_tstamp_prequeue.

net: Fix data-races around netdevtstampprequeue. This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.212 by commit...

DEBIAN-CVE-2022-3202

A NULL pointer dereference flaw in diFree in fs/jfs/inode.c in Journaled File System JFSin the Linux kernel. This could allow a local attacker to crash the system or leak kernel internal information...

UBUNTU-CVE-2022-3202

A NULL pointer dereference flaw in diFree in fs/jfs/inode.c in Journaled File System JFSin the Linux kernel. This could allow a local attacker to crash the system or leak kernel internal information...

CVE-2021-0947

The method PVRSRVBridgeTLDiscoverStreams allocates puiStreamsInt on the heap, fills the contents of the buffer via TLServerDiscoverStreamsKM, and then copies the buffer to userspace. The method TLServerDiscoverStreamsKM may fail for several reasons including invalid sizes. If this method fails th...

OESA-2022-1825 kexec-tools security update

kexec-tools provides /sbin/kexec binary that facilitates a new kernel to boot using the kernel's kexec feature either on a normal or a panic reboot. This package contains the /sbin/kexec binary and ancillary utilities that together form the userspace component of the kernel's kexec feature...

PT-2024-11520 · Freebsd · Freebsd

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: A particular case of memory sharing is mishandled in the virtual memory system, similar to a previously known issue but with a different root cause. Thi...

UBUNTU-CVE-2022-29901

Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under...

kernel: out-of-bounds read in fbcon_get_font function

An out-of-bounds OOB memory access flaw was found in fbcongetfont in drivers/video/fbdev/core/fbcon.c in fbcon driver module in the Linux kernel. A bound check failure allows a local attacker with special user privilege to gain access to out-of-bounds memory, leading to a system crash or a leak o...

GSD-2022-1003452 KVM: SVM: Use kzalloc for sev ioctl interfaces to prevent kernel data leak

KVM: SVM: Use kzalloc for sev ioctl interfaces to prevent kernel data leak This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.45 by commit...

GSD-2022-1003179 KVM: SVM: Use kzalloc for sev ioctl interfaces to prevent kernel data leak

KVM: SVM: Use kzalloc for sev ioctl interfaces to prevent kernel data leak This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.13 by commit...

GSD-2022-1002869 KVM: SVM: Use kzalloc for sev ioctl interfaces to prevent kernel data leak

KVM: SVM: Use kzalloc for sev ioctl interfaces to prevent kernel data leak This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.2 by commit...

kernel: Copy_from_user on 64-bit versions may leak kernel information

A vulnerability was found in copyfromuser in 64-bit versions of the Linux kernel. This flaw allows a local attacker to bypass the "accessok" sanity check and pass a kernel pointer to copyfromuser, resulting in kernel data leaking...