Lucene search
K

6634 matches found

Prion
Prion
added 2024/02/28 9:15 a.m.16 views

Spoofing

In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Fix pte update for kernel memory on radix When adding a PTE a ptesync is needed to order the update of the PTE with subsequent accesses otherwise a spurious fault may be raised. radixsetpteat does not do this for...

7AI score0.00221EPSS
Exploits0References6
OSV
OSV
added 2024/02/28 9:15 a.m.4 views

UBUNTU-CVE-2021-47034

In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Fix pte update for kernel memory on radix When adding a PTE a ptesync is needed to order the update of the PTE with subsequent accesses otherwise a spurious fault may be raised. radixsetpteat does not do this for...

4.4CVSS6.1AI score0.00221EPSS
Exploits0References9
Cvelist
Cvelist
added 2024/02/28 8:13 a.m.15 views

CVE-2021-47034 powerpc/64s: Fix pte update for kernel memory on radix

In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Fix pte update for kernel memory on radix When adding a PTE a ptesync is needed to order the update of the PTE with subsequent accesses otherwise a spurious fault may be raised. radixsetpteat does not do this for...

7.5AI score0.00221EPSS
Exploits0References6
CVE
CVE
added 2024/02/28 8:13 a.m.3741 views

CVE-2021-47034

CVE-2021-47034 affects the Linux kernel on powerpc/64s with radix paging. Root cause: radix__set_pte_at() omits a ptesync when updating a PTE, risking out-of-order updates for kernel memory and spurious faults during patching. The fix adds a ptesync path in flush_cache_vmap() (to be invoked when ...

4.4CVSS5.7AI score0.00221EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2024/02/27 10:15 a.m.8 views

DEBIAN-CVE-2021-46930

In the Linux kernel, the following vulnerability has been resolved: usb: mtu3: fix listhead check warning This is caused by uninitialization of listhead. BUG: KASAN: use-after-free in listdelentryvalid+0x34/0xe4 Call trace: dumpbacktrace+0x0/0x298 showstack+0x24/0x34 dumpstack+0x130/0x1a8...

5.5CVSS5.4AI score0.00216EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/02/27 12:0 a.m.55 views

RHEL 7 : kernel (RHSA-2024:0980)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0980 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: use-after-free in l2capconnect...

8.8CVSS6.9AI score0.02014EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2024/02/26 8:53 p.m.3 views

kernel: use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c

A use-after-free flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol L2CAP, part of the Bluetooth stack in the l2capconnect and l2capleconnectreq functions. An attacker with physical access within the range of standard Bluetooth transmission could...

8.8CVSS6.8AI score0.02014EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/02/20 12:0 a.m.26 views

Siemens SIMATIC CP products Improper Access Control (CVE-2023-37194)

A vulnerability has been identified in SIMATIC CP 1604 All versions, SIMATIC CP 1616 All versions, SIMATIC CP 1623 All versions, SIMATIC CP 1626 All versions, SIMATIC CP 1628 All versions. The kernel memory of affected devices is exposed to user-mode via direct memory access DMA which could allow...

6.7CVSS7AI score0.00184EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2024/02/15 5:46 p.m.2 views

kernel: ktls overwrites readonly memory pages when using function splice with a ktls socket as destination

An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination. This flaw allows a local user to crash or potentially escalate their privileges on the system...

7.8CVSS7.3AI score0.00308EPSS
Exploits0References5
OSV
OSV
added 2024/02/15 5:15 a.m.4 views

CVE-2022-23085

A user-provided integer option was passed to nmreqcopyin without checking if it would overflow. This insufficient bounds checking could lead to kernel memory corruption. On systems configured to include netmap in their devfsruleset, a privileged process running in a jail can affect the host...

8.2CVSS5.9AI score0.0049EPSS
Exploits0References2
NVD
NVD
added 2024/02/15 5:15 a.m.9 views

CVE-2022-23088

The 802.11 beacon handling routine failed to validate the length of an IEEE 802.11s Mesh ID before copying it to a heap-allocated buffer. While a FreeBSD Wi-Fi client is in scanning mode i.e., not associated with a SSID a malicious beacon frame may overwrite kernel memory, leading to remote code...

9.8CVSS7.1AI score0.0362EPSS
Exploits0References1
OSV
OSV
added 2024/02/15 5:15 a.m.3 views

CVE-2022-23088

The 802.11 beacon handling routine failed to validate the length of an IEEE 802.11s Mesh ID before copying it to a heap-allocated buffer. While a FreeBSD Wi-Fi client is in scanning mode i.e., not associated with a SSID a malicious beacon frame may overwrite kernel memory, leading to remote code...

9.8CVSS6AI score0.0362EPSS
Exploits0References1
NVD
NVD
added 2024/02/15 5:15 a.m.22 views

CVE-2022-23085

A user-provided integer option was passed to nmreqcopyin without checking if it would overflow. This insufficient bounds checking could lead to kernel memory corruption. On systems configured to include netmap in their devfsruleset, a privileged process running in a jail can affect the host...

9.8CVSS6.1AI score0.0049EPSS
Exploits0References2
NVD
NVD
added 2024/02/15 5:15 a.m.15 views

CVE-2022-23084

The total size of the user-provided nmreq to nmreqcopyin was first computed and then trusted during the copyin. This time-of-check to time-of-use bug could lead to kernel memory corruption. On systems configured to include netmap in their devfsruleset, a privileged process running in a jail can...

7.8CVSS6.2AI score0.00243EPSS
Exploits0References2
Prion
Prion
added 2024/02/15 5:15 a.m.14 views

Design/Logic Flaw

A user-provided integer option was passed to nmreqcopyin without checking if it would overflow. This insufficient bounds checking could lead to kernel memory corruption. On systems configured to include netmap in their devfsruleset, a privileged process running in a jail can affect the host...

6.8AI score0.0049EPSS
Exploits0References1
Prion
Prion
added 2024/02/15 5:15 a.m.17 views

Heap overflow

The 802.11 beacon handling routine failed to validate the length of an IEEE 802.11s Mesh ID before copying it to a heap-allocated buffer. While a FreeBSD Wi-Fi client is in scanning mode i.e., not associated with a SSID a malicious beacon frame may overwrite kernel memory, leading to remote code...

8.1AI score0.0362EPSS
Exploits0References1
Prion
Prion
added 2024/02/15 5:15 a.m.20 views

Memory corruption

The total size of the user-provided nmreq to nmreqcopyin was first computed and then trusted during the copyin. This time-of-check to time-of-use bug could lead to kernel memory corruption. On systems configured to include netmap in their devfsruleset, a privileged process running in a jail can...

6.8AI score0.00243EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/02/15 4:52 a.m.26 views

CVE-2022-23085 Potential jail escape vulnerabilities in netmap

A user-provided integer option was passed to nmreqcopyin without checking if it would overflow. This insufficient bounds checking could lead to kernel memory corruption. On systems configured to include netmap in their devfsruleset, a privileged process running in a jail can affect the host...

6.5AI score0.0049EPSS
Exploits0References2
CVE
CVE
added 2024/02/15 4:52 a.m.67 views

CVE-2022-23085

CVE-2022-23085 arises from an insufficient bounds check: a user-provided integer option passed to netmap’s nmreq_copyin() could overflow, risking kernel memory corruption. Documents in the FreeBSD Netmap advisory SA-22:04 and related CVE records confirm the flaw in the netmap component, enabling ...

9.8CVSS6.3AI score0.0049EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/02/15 4:52 a.m.12 views

CVE-2022-23084 Potential jail escape vulnerabilities in netmap

The total size of the user-provided nmreq to nmreqcopyin was first computed and then trusted during the copyin. This time-of-check to time-of-use bug could lead to kernel memory corruption. On systems configured to include netmap in their devfsruleset, a privileged process running in a jail can...

6.5AI score0.00243EPSS
Exploits0References2
Rows per page
Query Builder