The vulnerabilities of the functions module_gzip_decompress() and module_xz_decompress() in the kernel/module/decompress.c module of the Linux operating system’s kernel module loading subsystem allow a hacker to cause a service failure.

The vulnerability of the functions modulegzipdecompress and modulexzdecompress in the kernel/module/decompress.c module of the Linux operating system’s kernel module loading subsystem is related to improper checking of error values for pointers. Exploiting this vulnerability could allow an attack...

Debian: Security Advisory (DSA-2015-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-1076

A flaw was found in the Linux kernel's TUN/TAP functionality. This issue could allow a local user to bypass network filters and get unauthorized access to some resources. Mitigation To mitigate this issue, prevent modules tap and tun from being loaded. Please see...

K00947806: Linux kernel vulnerability CVE-2019-3846

Security Advisory Description A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network. CVE-2019-3846 Impact There is no impact; F5 products are not affected by this vulnerability...

SUSE CVE-2011-0431

The afslinuxlock function in afs/LINUX/osivnodeops.c in the kernel module in OpenAFS 1.4.14, 1.4.12, 1.4.7, and possibly other versions does not properly handle errors, which allows attackers to cause a denial of service via unknown vectors. NOTE: some of these details are obtained from third par...

SUSE CVE-2014-9645

The addprobe function in modutils/modprobe.c in BusyBox before 1.23.0 allows local users to bypass intended restrictions on loading kernel modules via a / slash character in a module name, as demonstrated by an "ifconfig /usbserial up" command or a "mount -t /sndpcm none /" command...

SUSE CVE-2019-3900

An infinite loop issue was found in the vhostnet kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handlerx. It could occur if one end sends packets faster than the other end can process them. A guest user, maybe remote one, could use this flaw to stal...

SUSE CVE-2022-0615

Use-after-free in esetrtp kernel module used in ESET products for Linux allows potential attacker to trigger denial-of-service condition on the system...

CVE-2023-23454

An out-of-bounds OOB read problem was found in cbqclassify in net/sched/schcbq.c in the Linux kernel. This issue may allow a local attacker to cause a denial of service due to type confusion. Non-negative numbers could indicate a TCACTSHOT condition rather than valid classification results...

cryptsetup bug fix and enhancement update

An update is available for cryptsetup. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The cryptsetup packages provide a utility for setting up disk encryption...

CVE-2022-44033

A use-after-free flaw was found in the Linux Kernel. This issue occurs due to a race between cm4040open and readerdetach in drivers/char/pcmcia/cm4040cs.c when a physically proximate attacker removes a PCMCIA device while calling open. Mitigation This flaw can be mitigated by preventing the...

kernel security and bug fix update

An update is available for kernel. This update affects Rocky Linux SIG Cloud 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux...

kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size()

An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reservesfasize function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write...

EulerOS Virtualization 2.9.0 : kernel (EulerOS-SA-2023-1223)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Insufficient control flow management for the IntelR 82599 Ethernet Controllers and Adapters may allow an authenticated user to...

DEBIAN-CVE-2022-42259

NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer nvidia.ko, where an integer overflow may lead to denial of service...

DEBIAN-CVE-2022-42257

NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer nvidia.ko, where an integer overflow may lead to information disclosure, data tampering or denial of service...

UBUNTU-CVE-2022-42254

NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer nvidia.ko, where an out-of-bounds array access may lead to denial of service, data tampering, or information disclosure...

UBUNTU-CVE-2022-42265

NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer nvidia.ko, where an integer overflow may lead to information disclosure or data tampering...

UBUNTU-CVE-2022-34673

NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer nvidia.ko, where an out-of-bounds array access may lead to denial of service, information disclosure, or data tampering...

UBUNTU-CVE-2022-42258

NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer nvidia.ko, where an integer overflow may lead to denial of service, data tampering, or information disclosure...