Lucene search
K

6634 matches found

Prion
Prion
added 2023/05/31 7:15 p.m.26 views

Information disclosure

Windows Kernel Memory Information Disclosure Vulnerability...

1.7CVSS6.1AI score0.00497EPSS
Exploits0References1Affected Software11
Amazon
Amazon
added 2023/05/31 12:0 a.m.5 views

Important: kernel-livepatch-5.10.167-147.601

Issue Overview: A use-after-free vulnerability was found in nfs42sscopen in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to conduct a remote denial of service. CVE-2022-4379 In the Linux kernel through 6.3.1, a use-after-free in Netfilter nftables when processing batch...

7.8CVSS6.7AI score0.12966EPSS
Exploits7
RedHat Linux
RedHat Linux
added 2023/05/30 3:8 p.m.4 views

kernel: netfilter: use-after-free in nf_tables when processing batch requests can lead to privilege escalation

A use-after-free vulnerability was found in the Netfilter subsystem of the Linux kernel when processing batch requests to update nftables configuration. This vulnerability can be abused to perform arbitrary reads and writes in kernel memory. A local user with CAPNETADMIN capability could use this...

7.8CVSS6.6AI score0.12966EPSS
Exploits7References6
Tenable Nessus
Tenable Nessus
added 2023/05/30 12:0 a.m.28 views

Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6124-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6124-1 advisory. Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests,...

7.8CVSS7.4AI score0.12966EPSS
Exploits7References7
Tenable Nessus
Tenable Nessus
added 2023/05/30 12:0 a.m.32 views

Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6122-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6122-1 advisory. Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests,...

7.8CVSS7.6AI score0.12966EPSS
Exploits7References3
Ubuntu
Ubuntu
added 2023/05/22 1:29 p.m.67 views

USN-6093-1: Linux kernel (BlueField) vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the...

7.8CVSS7.2AI score0.01029EPSS
Exploits1
CNNVD
CNNVD
added 2023/05/18 12:0 a.m.3 views

Apple macOS Ventura 缓冲区错误漏洞

Apple macOS Ventura is a desktop operating system by Apple Inc. Apple macOS Ventura version 13.4 suffers from a buffer error vulnerability that originates in an application that could cause the system to unexpectedly terminate or read kernel memory...

7.1CVSS7.3AI score0.00249EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2023/05/18 12:0 a.m.1 views

PT-2023-23767 · Apple · Macos Ventura +5

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 16.5 iPadOS versions prior to 16.5 watchOS versions prior to 9.5 tvOS versions prior to 16.5 macOS Ventura versions prior to 13.4 Description: The issue allows an app to potentially disclose kernel memory due to inadequa...

5.5CVSS6.2AI score0.00248EPSS
Exploits0References8
CNNVD
CNNVD
added 2023/05/18 12:0 a.m.5 views

Apple tvOS 安全漏洞

Apple tvOS is a smart TV operating system from Apple. A security vulnerability exists in Apple tvOS version 16.5, which stems from an application that may leak kernel memory...

5.5CVSS5.6AI score0.00248EPSS
Exploits0References7
CNNVD
CNNVD
added 2023/05/18 12:0 a.m.6 views

Apple iOS 和 iPadOS 缓冲区错误漏洞

Apple iOS and Apple iPadOS are both products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for the iPad tablet computer. A buffer error vulnerability exists in Apple iOS version 16.5 and iPadOS version 16.5, which arises from ...

5.5CVSS5.8AI score0.0026EPSS
Exploits0References6
OSV
OSV
added 2023/05/17 5:52 p.m.7 views

USN-6084-1 linux-gcp-4.15, linux-oracle vulnerabilities

Jordy Zomer and Alexandra Sandulescu discovered that the Linux kernel did not properly implement speculative execution barriers in usercopy functions in certain situations. A local attacker could use this to expose sensitive information kernel memory. CVE-2023-0459 Xingyuan Mo discovered that the...

7.8CVSS7AI score0.00635EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/05/16 8:56 a.m.2 views

kernel: memory leak in l2cap_recv_acldata of the file net/bluetooth/l2cap_core.c

A memory leak flaw was found in the Linux kernel’s L2CAP bluetooth functionality. This issue occurs when a user generates malicious packets, triggering the l2caprecvacldata function. This flaw allows a local or bluetooth connection user to potentially crash the system...

4.3CVSS6.6AI score0.00563EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2023/05/16 8:43 a.m.5 views

kernel: race condition in xfrm_probe_algs can lead to OOB read/write

A race condition was found in the Linux kernel's IP framework for transforming packets XFRM subsystem when multiple calls to xfrmprobealgs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an...

7CVSS6.6AI score0.002EPSS
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2023/05/16 7:0 a.m.2 views

In the Linux kernel through 6.3.1 a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled.

...

7.8CVSS6.6AI score0.12966EPSS
Exploits7
Veracode
Veracode
added 2023/05/11 7:16 a.m.48 views

Use-After-Free

linux-lts is vulnerable to Use-After-Free. The vulnerability occurs within the netfilter 'nftables' when processing batch requests. This can be abused and used to perform arbitrary read and write operations on to the kernel memory...

7.8CVSS6.8AI score0.12966EPSS
Exploits7References13Affected Software3
RedHat Linux
RedHat Linux
added 2023/05/09 10:4 a.m.9 views

kernel: race condition in xfrm_probe_algs can lead to OOB read/write

A race condition was found in the Linux kernel's IP framework for transforming packets XFRM subsystem when multiple calls to xfrmprobealgs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an...

7CVSS6.6AI score0.002EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/05/09 10:4 a.m.1 views

kernel: octeontx2-pf: Fix the use of GFP_KERNEL in atomic context on rt

In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix the use of GFPKERNEL in atomic context on rt The commit 4af1b64f80fb "octeontx2-pf: Fix lmtst ID used in aura free" uses the get/putcpu to protect the usage of percpu pointer in -aurafreeptr callback, but it als...

5.5CVSS6.3AI score0.00136EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/05/09 10:4 a.m.1 views

kernel: octeontx2-pf: Avoid use of GFP_KERNEL in atomic context

In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Avoid use of GFPKERNEL in atomic context Using GFPKERNEL in preemption disable context, causing below warning when CONFIGDEBUGATOMICSLEEP is enabled. 32.542271 BUG: sleeping function called from invalid context at...

5.5CVSS6.3AI score0.00136EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/05/09 10:1 a.m.4 views

kernel: race condition in xfrm_probe_algs can lead to OOB read/write

A race condition was found in the Linux kernel's IP framework for transforming packets XFRM subsystem when multiple calls to xfrmprobealgs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an...

7CVSS6.6AI score0.002EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/05/09 12:0 a.m.5 views

PT-2025-18619 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak issue has been identified in the Linux kernel. The problem occurs when the device add disk function fails, causing memory allocated in wbt enable default to not be...

8.8CVSS7AI score0.03763EPSS
Exploits13References688
Rows per page
Query Builder