321 matches found
SUSE CVE-2022-2327
iouring use workflags to determine which identity need to grab from the calling process to make sure it is consistent with the calling process when executing IORINGOP. Some operations are missing some types, which can lead to incorrect reference counts which can then lead to a double free. We...
PT-2023-35053 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.8 Description: A potential issue exists where sdata can be NULL during AMPDU start in the mac80211 wifi component. The actual impact and attack plausibility have not yet been proven. Recommendations: For...
PT-2023-34937 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.11 Description: The issue is related to the FPGA M10BMC-SEC and is fixed in Linux Kernel version v6.1.11. It was introduced in version v6.0. The actual impact and attack plausibility have not yet been prove...
PT-2023-33793 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.16 Description: A potential memory leak was identified in the qlcnic sriov init function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior...
PT-2023-33565 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.18 Description: The issue is related to the s5p-mfc media component in the Linux Kernel, where a clear workbit is not handled properly in an error condition. The actual impact and potential for attack have...
PT-2023-33363 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.227 Description: The issue is related to the xen/netback component, where protocol headers may fall in the non-linear area. The actual impact and attack plausibility have not yet been proven. Recommendation...
AZL-12951 CVE-2022-2196 affecting package kernel for versions less than 5.15.102.1-1
A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM L0 advertising eIBRS support to L1. An attacker at L2 with code...
DEBIAN-CVE-2022-2196
A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM L0 advertising eIBRS support to L1. An attacker at L2 with code...
[slackware-security] Slackware 15.0 kernel
New kernel packages are available for Slackware 15.0 to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/linux-5.15.80/: Upgraded. These updates fix various bugs and security issues. Be sure to upgrade your initrd after upgrading the kernel packages. I...
PT-2022-35269 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.75 Description: The issue concerns the ti: k3-udma component of the dmaengine in the Linux Kernel, where the UDMA CHAN RT byte counters are not reset, potentially leading to an overflow. The actual impact...
PT-2022-34940 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.6 Description: The issue is related to a potential security vulnerability in the cifs ses add channel function, which may cause an xid leak. The actual impact and attack plausibility have not yet been prove...
PT-2022-35070 · Xilinx · Xilinx Vipp
Name of the Vulnerable Software and Affected Versions: Xilinx VIPP versions prior to v6.0.3 Description: A refcount leak was discovered in the xvip graph dma init function. The actual impact and attack plausibility have not yet been proven. This issue was introduced in Linux Kernel version v4.1 a...
PT-2022-35797 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.19.262 Description: The issue is related to a NULL pointer dereference at the nilfs bmap lookup at level function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linu...
PT-2022-34925 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.6 Description: The issue is related to the ext4 file system, specifically with the function ext4 fc get tl. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux...
PT-2022-35538 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.150 Description: The issue is related to refcount leak bugs in the drm/omap dss component. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions pri...
PT-2022-34954 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.6 Description: The issue is related to the KVM arm64 vgic, specifically with the exit condition in the scan its table function. The actual impact and attack plausibility have not yet been proven...
PT-2022-35793 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.19.262 Description: The issue is related to a circular deferral regression in the qcom rpm regulator. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel...
PT-2022-6045 · Linux +8 · Linux Kernel +8
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to 6.2 Description: A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines o...
[SECURITY] [DLA 3102-1] linux-5.10 new package
Debian LTS Advisory DLA-3102-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings September 11, 2022 https://wiki.debian.org/LTS Package : linux-5.10 Version : 5.10.136-1deb10u3 CVE ID : CVE-2022-2585 CVE-2022-2586 CVE-2022-2588 CVE-2022-26373 CVE-2022-29900...
SonicWall SMA1000 CVE-2021-33909 and CVE-2022-0847
This advisory is intended to address Linux Kernel vulnerability CVE-2021-33909 and CVE-2022-0847 in the SonicWall SMA1000 platform.SonicWall has performed a comprehensive analysis of the SMA1000 platform that resulted in no observable attack vectors for CVE-2021-33909 and CVE-2022-0847. To remove...