CVE-2023-52550

Vulnerability of data verification errors in the kernel module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

CVE-2023-52550

CVE-2023-52550 describes a data verification error in the Huawei HarmonyOS kernel module. The impact is confidentiality loss with a CVSS 3.1 base score of 7.5 (Network attack vector, Low attack complexity, No user interaction, No privileges required, Scope unchanged; Confidentiality impact High)....

CVE-2023-52549

Vulnerability of data verification errors in the kernel module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

CVE-2023-52549

Vulnerability of data verification errors in the kernel module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

CVE-2023-52549

CVE-2023-52549 : Connected sources identify a data validation error in Huawei HarmonyOS/EMUI that originates from the kernel module. The vulnerability is described as impacting service confidentiality. Concrete details on affected versions, root cause specifics, exploit status, or available fixes...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is a distributed operating system developed independently by Huawei Technologies Co. Huawei EMUI is Huawei's emotional operating system based on Android. A data validation error vulnerability exists in Huawei HarmonyOS/EMUI, which originates from a data validation error...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is a distributed operating system developed independently by Huawei Technologies Co. Huawei EMUI is Huawei's emotional operating system based on Android. A data validation error vulnerability exists in Huawei HarmonyOS/EMUI, which originates from a data validation error...

CVE-2024-26610

A memory corruption flaw was found in the Linux kernel Intel Wireless WiFi Next Gen AGN module. This issue could allow a local user to crash the system. Mitigation To mitigate this issue, prevent the iwlwifi module from being loaded. Please see https://access.redhat.com/solutions/41278 for how to...

SUSE CVE-2023-52570

In the Linux kernel, the following vulnerability has been resolved: vfio/mdev: Fix a null-ptr-deref bug for mdevunregisterparent Inject fault while probing mdpy.ko, if kstrdup of createdir fails in kobjectaddinternal in kobjectinitandadd in mdevtypeadd in parentcreatesysfsfiles, it will return 0...

Moderate: Red Hat Security Advisory: device-mapper-multipath security update

An update for device-mapper-multipath is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...

MediaTek Chip Security Breach

MediaTek chips are a variety of chips from MediaTek, a company owned by China's MediaTek. A security vulnerability exists in the MediaTek chips, which stems from a lack of bounds checking in the lk module, which may lead to privilege escalation...

SUSE CVE-2022-42265

NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer nvidia.ko, where an integer overflow may lead to information disclosure or data tampering...

UBUNTU-CVE-2021-47012

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix a use after free in siwallocmr Our code analyzer reported a UAF. In siwallocmr, it calls siwmraddmemmr,... In the implementation of siwmraddmem, mem is assigned to mr-mem and then mem is freed via kfreemem if...

CVE-2024-26581

A flaw was found in the Linux kernel’s Netfilter subsystem. This issue occurs in the nftsetrbtree. rbtree lazy gc on insert, which might collect an end interval element just added in a transaction and skip the end interval elements not yet active. Mitigation 1. This flaw can be mitigated by...

CVE-2023-52433

A flaw was found in the Netfilter subsystem in the Linux kernel. This issue occurs in the nftsetrbtree, where new elements in this transaction might expire before the transaction ends. Skip sync GC for such elements, otherwise a commit path might walk over an already released object. Once the...

CVE-2024-1086

A flaw was found in the Netfilter subsystem in the Linux kernel. This issue occurs in the nftverdictinit function, allowing positive values as a drop error within the hook verdict, therefore, the nfhookslow function can cause a double-free vulnerability when NFDROP is issued with a drop error tha...

kernel: out-of-bounds access in relay_file_read

An out-of-bounds OOB memory access flaw was found in the Linux kernel in relayfilereadstartpos in kernel/relay.c in the relayfs. This flaw allows a local attacker to crash the system or leak kernel internal information...

The vulnerability of the io_alloc_pbuf_ring() function in the kernel module io_uring/kbuf.c of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the ioallocpbufring function in the iouring/kbuf.c module of the Linux operating system is related to a memory leak during buffer allocation. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected...

CVE-2024-0646

An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination. This flaw allows a local user to crash or potentially escalate their privileges on the system. Mitigation To...

CVE-2023-6546

A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOCSETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsmdlci while restarting th...