Ubuntu: Security Advisory (USN-5909-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-23586

A use-after-free vulnerability was discovered in the Linux kernel's iouring subsystem. It was found that it is possible to insert a time namespace's vvar page to process memory space via a page fault. When this time namespace is destroyed, the vvar page is also freed, but not removed from the...

CVE-2023-23502

An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, tvOS 16.3, watchOS 9.3. An app may be able to determine kernel memory layout...

CVE-2023-23501

The issue was addressed with improved memory handling This issue is fixed in macOS Ventura 13.2. An app may be able to disclose kernel memory...

CVE-2022-32824

The issue was addressed with improved memory handling. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app may be able to disclose kernel memory...

CVE-2022-32824

The issue was addressed with improved memory handling. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app may be able to disclose kernel memory...

Memory corruption

The issue was addressed with improved memory handling This issue is fixed in macOS Ventura 13.2. An app may be able to disclose kernel memory...

Information disclosure

An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, tvOS 16.3, watchOS 9.3. An app may be able to determine kernel memory layout...

Memory corruption

The issue was addressed with improved memory handling. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app may be able to disclose kernel memory...

CVE-2023-23501

The issue was addressed with improved memory handling This issue is fixed in macOS Ventura 13.2. An app may be able to disclose kernel memory...

CVE-2023-23502

An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, tvOS 16.3, watchOS 9.3. An app may be able to determine kernel memory layout...

CVE-2023-23502

An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, tvOS 16.3, watchOS 9.3. An app may be able to determine kernel memory layout...

CVE-2022-32824

The CVE-2022-32824 entry describes a kernel memory disclosure vulnerability. Affected Apple platforms include tvOS, iOS, iPadOS, and watchOS; the issue stems from memory handling weaknesses that could allow an app to disclose kernel memory. Apple lists fixes in tvOS 15.6, iOS 15.6, iPadOS 15.6, a...

CVE-2023-23501

CVE-2023-23501 affects macOS Ventura, where a memory handling issue could allow an app to disclose kernel memory. The vulnerability is addressed in macOS Ventura 13.2 with improved memory handling, per the NVD/NVD-related sources. Affected component is listed as Kernel-related memory handling; ro...

USN-5884-1: Linux kernel (AWS) vulnerabilities

Kirill Tkhai discovered that the XFS file system implementation in the Linux kernel did not calculate size correctly when pre-allocating space in some situations. A local attacker could use this to expose sensitive information. CVE-2021-4155 Lee Jones discovered that a use-after-free vulnerabilit...

Amazon Linux AMI : kernel (ALAS-2023-1688)

The version of kernel installed on the remote host is prior to 4.14.262-135.486. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1688 advisory. 2024-04-30: CVE-2023-0047 was removed from this advisory rejected. 2024-02-01: CVE-2023-0047 was added to this...

K40523020: Linux kernel vulnerability CVE-2018-16658

Security Advisory Description An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdromioctldrivestatus in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is...

K58729485: Linux kernel vulnerability CVE-2018-14656

Security Advisory Description A missing address check in the callers of the showopcodes in the Linux kernel allows an attacker to dump the kernel memory at an arbitrary kernel address into the dmesg log. CVE-2018-14656 Impact There is no impact; F5 products are not affected by this vulnerability...

K15699: Linux kernel vulnerability CVE-2014-0131

Security Advisory Description Use-after-free vulnerability in the skbsegment function in net/core/skbuff.c in the Linux kernel through 3.13.6 allows attackers to obtain sensitive information from kernel memory by leveraging the absence of a certain orphaning operation. CVE-2014-0131 Impact...

K15274: TCP reassembly vulnerability CVE-2014-3000

Security Advisory Description The TCP reassembly function in the inet module in FreeBSD 8.3 before p16, 8.4 before p9, 9.1 before p12, 9.2 before p5, and 10.0 before p2 allows remote attackers to cause a denial of service undefined memory access and system crash or possibly read system memory via...