SUSE CVE-2019-18807

Two memory leaks in the sja1105staticconfigupload function in drivers/net/dsa/sja1105/sja1105spi.c in the Linux kernel before 5.3.5 allow attackers to cause a denial of service memory consumption by triggering staticconfigbufprepareforupload or sja1105inhibittx failures, aka CID-68501df92d11...

SA40018 - System vulnerability issue in terms of CVE-2011-3188

Edit: 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. This article describes the issue of System vulnerability, which is related to CVE-2011-3188. Customer used security audit tools to verify if PCS is vulnerable and it reported the...

PT-2023-34798 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.7 Description: The issue is related to an incorrect file map count for invalid pmd in the arm64/mm component. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux...

PT-2023-33332 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.158 Description: A potential issue has been identified in the Linux Kernel, related to a possible use after free in the e100 xmit prepare function. The actual impact and attack plausibility have not yet be...

PT-2023-33643 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.16 Description: The issue introduces active flags to prevent Use After Free UAF when an applicant is uninitialized. The actual impact and attack plausibility have not yet been proven. Recommendations: For...

PT-2023-33121 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.13 Description: A null pointer dereference issue was found in the io tctx exit cb function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions pri...

PT-2023-34336 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.163 Description: The issue is related to a use-after-free UAF problem due to reference count races when releasing resources. The actual impact and potential for attack have not been fully determined...

PT-2023-34090 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.86 Description: A potential shift-out-of-bounds issue in the brcmf fw alloc request function may exist. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel...

PT-2023-34095 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4 Description: A potential memory leak issue has been identified. The actual impact and attack plausibility have not yet been proven. This issue is related to the drm/amd/display component. Recommendations: F...

PT-2023-33199 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.83 Description: The issue concerns a potential skb leak in the greth init rings function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prio...

PT-2023-33342 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.228 Description: The issue is related to a bounds check in the snd soc put volsw sx function for the second channel. The actual impact and potential for attack have not been proven yet. Recommendations: For...

CVE-2022-47943

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. There is an out-of-bounds read and OOPS for SMB2WRITE, when there is a large length in the zero DataOffset case...

CVE-2022-47520

An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000 wireless driver can trigger an out-of-bounds read when parsing a Robust Security Network RSN information element from a Netlink packet...

An issue was discovered in the Linux kernel through 5.16-rc6. mtk_vcodec_fw_vpu_init in drivers/media/platform/mtk-vcodec/mtk_vcodec_fw_vpu.c lacks check of the return value of devm_kzalloc() and will cause the null pointer dereference.

...

DEBIAN-CVE-2022-3113

An issue was discovered in the Linux kernel through 5.16-rc6. mtkvcodecfwvpuinit in drivers/media/platform/mtk-vcodec/mtkvcodecfwvpu.c lacks check of the return value of devmkzalloc and will cause the null pointer dereference...

CVE-2022-3107

An issue was discovered in the Linux kernel through 5.16-rc6. netvscgetethtoolstats in drivers/net/hyperv/netvscdrv.c lacks check of the return value of kvmallocarray and will cause the null pointer dereference...

CVE-2022-3106

An issue was discovered in the Linux kernel through 5.16-rc6. ef100updatestats in drivers/net/ethernet/sfc/ef100nic.c lacks check of the return value of kmalloc...

CVE-2022-25681

Possible memory corruption in kernel while performing memory access due to hypervisor not correctly invalidated the processor translation caches in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile...

CVE-2022-42756

In sensor driver, there is a possible buffer overflow due to a missing bounds check. This could lead to local denial of service in kernel...

CVE-2022-39129

In face detect driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel...