openSUSE 15 Security Update : kernel (openSUSE-SU-2022:0755-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0755-1 advisory. - Amazon Linux has been made aware of a potential Branch Target Injection BTI issue sometimes referred to as Spectre variant 2. This is a...

openSUSE 15 Security Update : kernel (openSUSE-SU-2022:0760-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0760-1 advisory. - Amazon Linux has been made aware of a potential Branch Target Injection BTI issue sometimes referred to as Spectre variant 2. This is a...

SUSE SLES15 Security Update : kernel (SUSE-SU-2022:0759-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0759-1 advisory. The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. Transient execution side-channel...

OPENSUSE-SU-2022:0760-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. Transient execution side-channel attacks attacking the Branch History Buffer BHB, named 'Branch Target Injection' and 'Intra-Mode Branch History Injection' are now mitigated. The following security bugs...

kernel: missing check in ioctl allows kernel memory read/write

A vulnerability was found in kvms390guestsidaop in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel. This flaw allows a local attacker with a normal user privilege to obtain unauthorized memory write access...

PT-2022-9728 · Amd +4 · Amd Cpus +4

Name of the Vulnerable Software and Affected Versions: AMD CPUs affected versions not specified Description: The issue is related to speculative execution in AMD CPUs, which may allow data leakage by transiently executing beyond unconditional direct branches. This could potentially lead to the...

OESA-2022-1559 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: A vulnerability was found in the Linux kernel's EBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A local attacker with the permissions to insert eBPF code to the kern...

DEBIAN-CVE-2021-4002

A memory leak flaw in the Linux kernel's hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget which are aligned to PUD alignment with the fault of some of the memory pages. A local user could use this flaw to get unauthorized access to some data...

CVE-2022-25375

An information disclosure vulnerability was found in the Linux kernel. The RNDIS USB gadget lacks validation of the size of the RNDISMSGSET command. This flaw allows a local attacker to dump contents of kernel memory space via a packet filter update mechanism and potentially extract sensitive...

PUB-A-178379135

In showregs of process.c, there is a possible leak of kernel memory and addresses due to log information disclosure. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation...

kernel: Use After Free in unix_gc() which could result in a local privilege escalation

A vulnerability was found in unixdgramrecvmsg in net/unix/afunix.c in the Linux kernel's garbage collection for Unix domain socket file handlers. In this flaw, a missing cleanup may lead to a use-after-free due to a race problem. This flaw allows a local user to crash the system or escalate their...

CVE-2022-25375

An issue was discovered in drivers/usb/gadget/function/rndis.c in the Linux kernel before 5.16.10. The RNDIS USB gadget lacks validation of the size of the RNDISMSGSET command. Attackers can obtain sensitive information from kernel memory...

DEBIAN-CVE-2022-25375

An issue was discovered in drivers/usb/gadget/function/rndis.c in the Linux kernel before 5.16.10. The RNDIS USB gadget lacks validation of the size of the RNDISMSGSET command. Attackers can obtain sensitive information from kernel memory...

CVE-2022-25375

An issue was discovered in drivers/usb/gadget/function/rndis.c in the Linux kernel before 5.16.10. The RNDIS USB gadget lacks validation of the size of the RNDISMSGSET command. Attackers can obtain sensitive information from kernel memory...

CVE-2022-25375

An issue was discovered in drivers/usb/gadget/function/rndis.c in the Linux kernel before 5.16.10. The RNDIS USB gadget lacks validation of the size of the RNDISMSGSET command. Attackers can obtain sensitive information from kernel memory...

Linux kernel 安全漏洞

Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. Linux kernel versions prior to 5.16.10 have a security vulnerability that stems from the lack of RNDIS USB validation of the size of the RNDIS MSG SET command. An attacker could exploit this vulnerabilit...

PT-2022-6122 · Freebsd · Freebsd

Name of the Vulnerable Software and Affected Versions: FreeBSD affected versions not specified Description: The issue is related to a time-of-check to time-of-use bug in the nmreq copyin function of the netmap component in FreeBSD. This bug could lead to kernel memory corruption. On systems...

PT-2022-6217 · Freebsd · Freebsd

Name of the Vulnerable Software and Affected Versions: FreeBSD affected versions not specified Description: The issue is caused by an integer overflow in the nmreq copyin function of the netmap component. This insufficient bounds checking could lead to kernel memory corruption. On systems...

Linux kernel information disclosure vulnerability (CNVD-2022-14701)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from an information disclosure vulnerability that originates in the Linux kernel's TIPC protocol subsystem due to uninitialized memory that sends TIPC...

DEBIAN-CVE-2022-0382

An information leak flaw was found due to uninitialized memory in the Linux kernel's TIPC protocol subsystem, in the way a user sends a TIPC datagram to one or more destinations. This flaw allows a local user to read some kernel memory. This issue is limited to no more than 7 bytes, and the user...