6634 matches found
FreeBSD -- NFS client data corruption and kernel memory disclosure
Problem Description: In FreeBSD 13.2 and 14.0, the NFS client was optimized to improve the performance of IOAPPEND writes, that is, writes which add data to the end of a file and so extend its size. This uncovered an old bug in some routines which copy userspace data into the kernel. The bug also...
Apple iOS and iPadOS Security Vulnerabilities
Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS version 17.2 and iPadOS version 17.2, which originates from an application th...
About the security content of iOS 17.2 and iPadOS 17.2
About the security content of iOS 17.2 and iPadOS 17.2 This document describes the security content of iOS 17.2 and iPadOS 17.2. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches ...
About the security content of iOS 16.7.3 and iPadOS 16.7.3
About the security content of iOS 16.7.3 and iPadOS 16.7.3 This document describes the security content of iOS 16.7.3 and iPadOS 16.7.3. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and...
About the security content of macOS Ventura 13.6.3
About the security content of macOS Ventura 13.6.3 This document describes the security content of macOS Ventura 13.6.3. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...
kernel: bpf: Incorrect verifier pruning leads to unsafe code paths being incorrectly marked as safe
An incorrect verifier pruning flaw was found in BPF in the Linux Kernel that may lead to unsafe code paths incorrectly marked as safe, resulting in arbitrary read/writes in kernel memory, lateral privilege escalation, and container escape...
CVE-2023-49062
Katran could disclose non-initialized kernel memory as part of an IP header. The issue was present for IPv4 encapsulation and ICMP v4 Too Big packet generation. After a bpfxdpadjusthead call, Katran code didn’t initialize the Identification field for the IPv4 header, resulting in writing content ...
CVE-2023-49062
Katran could disclose non-initialized kernel memory as part of an IP header. The issue was present for IPv4 encapsulation and ICMP v4 Too Big packet generation. After a bpfxdpadjusthead call, Katran code didn’t initialize the Identification field for the IPv4 header, resulting in writing content ...
Design/Logic Flaw
Katran could disclose non-initialized kernel memory as part of an IP header. The issue was present for IPv4 encapsulation and ICMP v4 Too Big packet generation. After a bpfxdpadjusthead call, Katran code didn’t initialize the Identification field for the IPv4 header, resulting in writing content ...
CVE-2023-49062
Katran could disclose non-initialized kernel memory as part of an IP header. The issue was present for IPv4 encapsulation and ICMP v4 Too Big packet generation. After a bpfxdpadjusthead call, Katran code didn’t initialize the Identification field for the IPv4 header, resulting in writing content ...
CVE-2023-49062
Summary: CVE-2023-49062 affects Meta Katran. After a bpf_xdp_adjust_head call, Katran could write uninitialized kernel memory into the IPv4 Identification field during IPv4 encapsulation (and ICMPv4 Too Big packet generation), exposing kernel memory content. This occurs in all Katran versions pri...
Meta Katran Security Vulnerability
Meta Katran is a C++ library and BPF program from Meta Corporation. It is used to build high-performance Layer 4 load-balanced forwarding planes. A security vulnerability exists in Meta Katran that stems from the ability to expose uninitialized kernel memory as part of an IP header...
SUSE CVE-2023-6238
A buffer overflow vulnerability was found in the NVM Express NVMe driver in the Linux kernel. Only privileged user could specify a small meta buffer and let the device perform larger Direct Memory Access DMA into the same buffer, overwriting unrelated kernel memory, causing random kernel crashes...
CVE-2023-6238
A buffer overflow vulnerability was found in the NVM Express NVMe driver in the Linux kernel. Only privileged user could specify a small meta buffer and let the device perform larger Direct Memory Access DMA into the same buffer, overwriting unrelated kernel memory, causing random kernel crashes...
CVE-2023-6238
A buffer overflow vulnerability was found in the NVM Express NVMe driver in the Linux kernel. Only privileged user could specify a small meta buffer and let the device perform larger Direct Memory Access DMA into the same buffer, overwriting unrelated kernel memory, causing random kernel crashes...
Buffer overflow
A buffer overflow vulnerability was found in the NVM Express NVMe driver in the Linux kernel. Only privileged user could specify a small meta buffer and let the device perform larger Direct Memory Access DMA into the same buffer, overwriting unrelated kernel memory, causing random kernel crashes...
CVE-2023-6238
A buffer overflow vulnerability was found in the NVM Express NVMe driver in the Linux kernel. Only privileged user could specify a small meta buffer and let the device perform larger Direct Memory Access DMA into the same buffer, overwriting unrelated kernel memory, causing random kernel crashes...
WithSecure products Security breaches
WithSecure products is a line of security software from the Finnish company WithSecure. A security vulnerability exists in WithSecure products that originates from a local elevation of privilege that allows an attacker with administrator privileges to corrupt kernel memory. Affected products and...
kernel: drm/amdkfd: Fix memory leak in kfd_mem_dmamap_userptr()
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix memory leak in kfdmemdmamapuserptr If the number of pages from the userptr BO differs from the SG BO then the allocated memory for the SG table doesn't get freed before returning -EINVAL, which may lead to a memor...
kernel: selinux: enable use of both GFP_KERNEL and GFP_ATOMIC in convert_context()
In the Linux kernel, the following vulnerability has been resolved: selinux: enable use of both GFPKERNEL and GFPATOMIC in convertcontext The following warning was triggered on a hardware environment: SELinux: Converting 162 SID table entries... BUG: sleeping function called from invalid context ...