6633 matches found
SUSE CVE-2022-21499
KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is triggered. CVSS 3.1 Base Score 6.7...
SUSE CVE-2022-40768
drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stexqueuecommandlck lacks a memset for the PASSTHRUCMD case...
Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2023-12119)
The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12119 advisory. - Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM Luiz Augusto von Dentz CVE-2022-42896 - drm/i915: fix TLB invalidation for...
Ubuntu: Security Advisory (USN-5858-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2023-12109)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12109 advisory. - USB: core: Prevent nested device-reset calls Alan Stern Orabug: 34951641 CVE-2022-4662 - Bluetooth: L2CAP: Fix accepting connection request for...
PT-2023-34777 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.7 Description: A potential memory leak was identified in the ice gnss tty write function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior...
PT-2025-49495
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.0.0-rc2 19 Description The Linux kernel contains an issue within the dm cache component. Specifically, the background tracker's queued work is not properly freed in the btracker destroy function. This can lead ...
Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel (Raspberry Pi) vulnerabilities (USN-5829-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5829-1 advisory. It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A...
kernel: memory corruption in AX88179_178A based USB ethernet device.
A flaw was found in the Linux kernel’s driver for the ASIX AX88179178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes...
Apple tvOS 安全漏洞
Apple tvOS is a set of smart TV operating systems from the American company Apple. A security vulnerability exists in Apple tvOS versions prior to 16.3, which stems from an information disclosure issue where an application may be able to determine the kernel memory layout...
Apple macOS Ventura 安全漏洞
Apple macOS Ventura is a desktop operating system from Apple Inc. in the United States. A security vulnerability exists in Apple macOS Ventura prior to version 13.2 that stems from a memory handling issue where an application may leak kernel memory...
PT-2023-18994 · Apple · Apple Macos
Name of the Vulnerable Software and Affected Versions: macOS versions prior to 13.2 Description: The issue was addressed with improved memory handling. An app may be able to disclose kernel memory. Recommendations: For versions prior to 13.2, update to macOS Ventura 13.2 to resolve the issue...
PT-2025-13343 · Linux +5 · Linux Kernel +5
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A potential spectre v1 gadget in the ip metrics convert function has been resolved. The issue arises from the use of the type variable as an array index, which could lead to cpu...
Use-After-Free
linux is vulnerable to Use-After-Free. net/bluetooth/l2capcore.c's l2capconnect and l2capleconnectreq functions may allow code execution and leak kernel memory remotely via Bluetooth, which allows a remote attacker to exploit the vulnerability via Bluetooth if they are within the proximity of the...
PT-2023-34370 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 4.13 through 5.10.162 Description: A memory leak issue was discovered. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions 4.13 through 5.10.162, update to versi...
PT-2023-34159 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.86 Description: A memory leak issue was discovered in the test firmware init function. The actual impact and attack plausibility have not yet been proven. This issue was introduced in version v4.14 and is...
PT-2023-34257 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v5.11 through v5.15.85 Description: A memory leak issue was discovered in the power state initialization of the AMDGPU powerplay PSM. The actual impact and attack plausibility have not yet been proven. This issue was...
The vulnerability of the fs/io_uring.c component in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the fs/iouring.c component in the Linux kernel operating system is related to the reutilization of freed memory. Exploiting this vulnerability can allow an attacker to cause a service failure...
Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2023-12017)
The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12017 advisory. - proc: procskipspaces shouldn't think it is working on C strings Linus Torvalds Orabug: 34882775 CVE-2022-4378 - proc: avoid integer type confusi...
The vulnerability of the Linux operating system’s kernel allows a attacker to obtain the basic address of the Kernel ASLR and gain access to the kernel’s memory.
The vulnerability of the Linux operating system’s kernel is related to the lack of protection for service data. Exploiting this vulnerability can allow an attacker to obtain the basic Kernel ASLR address and gain access to the kernel’s memory...