CVE-2021-47608 bpf: Fix kernel address leakage in atomic fetch

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix kernel address leakage in atomic fetch The change in commit 37086bfdc737 "bpf: Propagate stack bounds to registers in atomics w/ BPFFETCH" around checkmemaccess handling is buggy since this would allow for unprivileged...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a problematic change to the checkmemaccess handling that allows unprivileged users to disclose kernel pointe...

kernel: Information leak in l2cap_parse_conf_req in net/bluetooth/l2cap_core.c

An information leak vulnerability was found in the Linux kernel's implementation of logical link control and adaptation protocol L2CAP, part of the Bluetooth stack in the l2capparseconfreq function. An attacker with physical access within the range of standard Bluetooth transmission could use thi...

kernel: Information leak in l2cap_parse_conf_req in net/bluetooth/l2cap_core.c

An information leak vulnerability was found in the Linux kernel's implementation of logical link control and adaptation protocol L2CAP, part of the Bluetooth stack in the l2capparseconfreq function. An attacker with physical access within the range of standard Bluetooth transmission could use thi...

kernel: Information leak in l2cap_parse_conf_req in net/bluetooth/l2cap_core.c

An information leak vulnerability was found in the Linux kernel's implementation of logical link control and adaptation protocol L2CAP, part of the Bluetooth stack in the l2capparseconfreq function. An attacker with physical access within the range of standard Bluetooth transmission could use thi...

kernel: bpf: Fix wrong reg type conversion in release_reference()

A flaw was found in the eBPF subsystem in the Linux kernel. When a resource is released, the pointer registers related to the resource are incorrectly converted to the wrong type, allowing kernel pointers to be exposed to unprivileged users...

CVE-2023-21492

Kernel pointers are printed in the log file prior to SMR May-2023 Release 1 allows a privileged local attacker to bypass ASLR...

CVE-2023-21492

Kernel pointers are printed in the log file prior to SMR May-2023 Release 1 allows a privileged local attacker to bypass ASLR...

Authentication flaw

Kernel pointers are printed in the log file prior to SMR May-2023 Release 1 allows a privileged local attacker to bypass ASLR...

CVE-2023-21492

Kernel pointers are printed in the log file prior to SMR May-2023 Release 1 allows a privileged local attacker to bypass ASLR...

CVE-2023-21492

Kernel pointers are printed in the log file prior to SMR May-2023 Release 1 allows a privileged local attacker to bypass ASLR. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

PT-2023-18246 · Samsung · Samsung Mobile Devices

Name of the Vulnerable Software and Affected Versions: Samsung Mobile Devices affected versions not specified Description: The issue allows a privileged local attacker to bypass ASLR due to kernel pointers being printed in the log file prior to SMR May-2023 Release 1. This is related to the...

SUSE CVE-2018-7755

An issue was discovered in the fdlockedioctl function in drivers/block/floppy.c in the Linux kernel through 4.15.7. The floppy driver will copy a kernel pointer to user memory in response to the FDGETPRM ioctl. An attacker can send the FDGETPRM ioctl and use the obtained kernel pointer to discove...

SUSE CVE-2022-42895

There is an infoleak vulnerability in the Linux kernel's net/bluetooth/l2capcore.c's l2capparseconfreq function which can be used to leak kernel pointers remotely. We recommend upgrading past commit https://github.com/torvalds/linux/commit/b1a2cd50c0357f243b7435a732b4e62ba3157a2e...

Information Disclosure

linux is vulnerable to Information Disclosure. An attacker is able to gain access to leaked kernel pointers remotely via l2capparseconfreq function of net/bluetooth/l2capcore.c, resulting in disclosure of sensitive information...

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2023-12017)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12017 advisory. - proc: procskipspaces shouldn't think it is working on C strings Linus Torvalds Orabug: 34882775 CVE-2022-4378 - proc: avoid integer type confusi...

SUSE: Security Advisory (SUSE-SU-2022:4616-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-42895

There is an infoleak vulnerability in the Linux kernel's net/bluetooth/l2capcore.c's l2capparseconfreq function which can be used to leak kernel pointers remotely. We recommend upgrading past commit https://github.com/torvalds/linux/commit/b1a2cd50c0357f243b7435a732b4e62ba3157a2e...

UBUNTU-CVE-2022-42895

There is an infoleak vulnerability in the Linux kernel's net/bluetooth/l2capcore.c's l2capparseconfreq function which can be used to leak kernel pointers remotely. We recommend upgrading past commit https://github.com/torvalds/linux/commit/b1a2cd50c0357f243b7435a732b4e62ba3157a2e...

Design/Logic Flaw

There is an infoleak vulnerability in the Linux kernel's net/bluetooth/l2capcore.c's l2capparseconfreq function which can be used to leak kernel pointers remotely. We recommend upgrading past commit https://github.com/torvalds/linux/commit/b1a2cd50c0357f243b7435a732b4e62ba3157a2e...