kernel: KVM: arm64: Tear down vGIC on failed vCPU creation

A use-after-free flaw was found in KVM for arm64 in the Linux Kernel, if the kvmarchvcpucreate fails to share the vCPU page with the hypervisor. This vulnerability could even lead to a kernel information leak problem...

CVE-2022-49852

In the Linux kernel, the following vulnerability has been resolved: riscv: process: fix kernel info leakage threadstruct's s12 may contain random kernel memory content, which may be finally leaked to userspace. This is a security hole. Fix it by clearing the s12 array in threadstruct when fork. A...

Linux Distros Unpatched Vulnerability : CVE-2023-2162

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free vulnerability was found in iscsiswtcpsessioncreate in drivers/scsi/iscsitcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attack...

kernel: use after free in vcs_read in drivers/tty/vt/vc_screen.c due to race

A use-after-free flaw was found in vcsread in drivers/tty/vt/vcscreen.c in vcscreen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information...

Cross site scripting

An out-of-bounds read vulnerability was found in smb2dumpdetail in fs/smb/client/smb2ops.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information...

CVE-2023-6606 Kernel: out-of-bounds read vulnerability in smbcalcsize

An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information...

CVE-2023-3268

An out of bounds OOB memory access flaw was found in the Linux kernel in relayfilereadstartpos in kernel/relay.c in the relayfs. This flaw could allow a local attacker to crash the system or leak kernel internal information...

CVE-2023-1611

A use-after-free flaw was found in btrfssearchslot in fs/btrfs/ctree.c in btrfs in the Linux Kernel.This flaw allows an attacker to crash the system and possibly cause a kernel information lea...

Null pointer dereference

A NULL pointer dereference flaw in diFree in fs/jfs/inode.c in Journaled File System JFSin the Linux kernel. This could allow a local attacker to crash the system or leak kernel internal information...

CVE-2022-3202

CVE-2022-3202 involves a NULL pointer dereference in diFree() within fs/jfs/inode.c of the Linux kernel’s Journaled File System (JFS). The underlying cause is a NULL pointer dereference, which could allow a local attacker to crash the system or leak kernel internal information. The CVE is associa...

openSUSE: Security Advisory for the (SUSE-SU-2022:2376-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2021-3739

CVE-2021-3739 is a local NULL pointer dereference in the Linux kernel’s btrfs_rm_device() (fs/btrfs/volumes.c) that requires CAP_SYS_ADMIN to trigger. The issue can crash the system or leak kernel information, with impact to availability and, to a lesser extent, confidentiality. Multiple connecte...

CVE-2021-4203

A use-after-free read flaw was found in sockgetsockopt in net/core/sock.c due to SOPEERCRED and SOPEERGROUPS race with listen and connect in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information. Mitigation Mitigation for this...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2021-9457)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-9457 advisory. 5.4.17-2102.205.7.3 - btrfs: fix NULL pointer dereference when deleting device by invalid id Qu Wenruo Orabug: 33281078 CVE-2021-3739 Tenable has extracted...

kernel: slab-out-of-bounds read in fbcon

An out-of-bounds OOB SLAB memory access flaw was found in the Linux kernel's fbcon driver module. A bounds check failure allows a local attacker with special user privileges to gain access to out-of-bounds memory, leading to a system crash or leaking of internal kernel information. The highest...

Null pointer dereference

A NULL pointer dereference flaw in Linux kernel versions prior to 5.11 may be seen if scosockgetsockopt function in net/bluetooth/sco.c do not have a sanity check for a socket connection, when using BTSNDMTU/BTRCVMTU for SCO sockets. This could allow a local attacker with a special user privilege...

CVE-2019-15117

An out of bounds OOB memory access flaw was found in the Linux kernel's ALSA subsystem. This could allow a local attacker to crash the system or leak kernel internal information. Mitigation Mitigation for this issue is either not available or the currently available options dont meet the Red Hat...

CVE-2019-16229

A NULL pointer dereference flaw was found in kfdinterruptinit in drivers/gpu/drm/amd/amdkfd/kfdinterrupt.c in AMD GPU driver. Here a call to allocworkqueue return was not validated and can cause a denial of service at the time of failure. This could allow an attacker to crash the system or leak...

CVE-2019-19815

A NULL pointer dereference flaw was found in F2FSPSB in fs/f2fs/f2fs.h in the F2FS filesystem exploiting the NAND flash memory-based storage device. This flaw allows an attacker to crash the system or leak internal kernel information. Mitigation Mitigation for this issue is either not available o...

CVE-2019-5522

CVE-2019-5522 concerns VMware Tools for Windows. The vulnerability is an out-of-bounds read in the vm3dmp driver installed with VMware Tools, affecting VMware Tools for Windows versions 10.2.x and 10.3.x prior to 10.3.10. A local attacker with non-administrative access in a Windows guest could le...