CVE-2023-22615

An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. IHISI subfunction execution may corrupt SMRAM. An attacker can pass an address in the RCX save state register that overlaps SMRAM, thereby coercing an IHISI subfunction handler to overwrite private SMRAM...

CVE-2023-22612

An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. A malicious host OS can invoke an Insyde SMI handler with malformed arguments, resulting in memory corruption in SMM...

CVE-2023-22613

An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. It is possible to write to an attacker-controlled address. An attacker could invoke an SMI handler with a malformed pointer in RCX that overlaps SMRAM, resulting in SMM memory corruption...

PT-2023-4753 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.3.4 Description: The issue is related to a use-after-free problem in the r592 remove function of the Linux kernel's r592 device driver. This can lead to a race condition, potentially causing system crashes or...

Out-of-bounds

In the Linux kernel before 6.1.3, fs/ntfs3/record.c does not validate resident attribute names. An out-of-bounds write may occur...

PT-2023-35407 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.12 Description: The issue concerns a potential NULL dereference in the pinctrl single component. The actual impact and attack plausibility have not yet been proven. It was introduced in version v4.11 and...

Linux kernel 代码问题漏洞

The Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel prior to version 6.2, which stems from an error in the mm/memory-tiers.c file that incorrectly handles the return value of allocmemorytype...

AZL-13774 CVE-2023-22998 affecting package kernel for versions less than 5.15.102.1-1

In the Linux kernel before 6.0.3, drivers/gpu/drm/virtio/virtgpuobject.c misinterprets the drmgemshmemgetsgtable return value expects it to be NULL in the error case, whereas it is actually an error pointer...

Linux kernel 代码问题漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in versions of Linux kernel prior to 6.1.2, which stems from an incorrect pointer...

CVE-2023-26607

In the Linux kernel 6.0.8, there is an out-of-bounds read in ntfsattrfind in fs/ntfs/attrib.c...

Linux kernel 缓冲区错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel version 6.0.8, which stems from the presence of out-of-bounds reads...

kmod-kvdo bug fix and enhancement update

An update is available for kmod-kvdo. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kmod-kvdo packages provide the kernel module for Virtual Data Optimizer...

SUSE CVE-2004-2660

Memory leak in direct-io.c in Linux kernel 2.6.x before 2.6.10 allows local users to cause a denial of service memory consumption via certain ODIRECT direct IO write requests...

SUSE CVE-2005-0209

Netfilter in Linux kernel 2.6.8.1 allows remote attackers to cause a denial of service kernel crash via crafted IP packet fragments...

SUSE CVE-2005-2800

Memory leak in the seqfile implementation in the SCSI procfs interface sg.c in Linux kernel 2.6.13 and earlier allows local users to cause a denial of service memory consumption via certain repeated reads from the /proc/scsi/sg/devices file, which is not properly handled when the next iterator...

SUSE CVE-2006-0742

The dieifkernel function in arch/ia64/kernel/unaligned.c in Linux kernel 2.6.x before 2.6.15.6, possibly when compiled with certain versions of gcc, has the "noreturn" attribute set, which allows local users to cause a denial of service by causing user faults on Itanium systems...

SUSE CVE-2007-2525

Memory leak in the PPP over Ethernet PPPoE socket implementation in the Linux kernel before 2.6.21-git8 allows local users to cause a denial of service memory consumption by creating a socket using connect, and releasing it before the PPPIOCGCHAN ioctl is initialized...

SUSE CVE-2007-5093

The disconnect method in the Philips USB Webcam pwc driver in Linux kernel 2.6.x before 2.6.22.6 "relies on user space to close the device," which allows user-assisted local attackers to cause a denial of service USB subsystem hang and CPU consumption in khubd by not closing the device after the...

SUSE CVE-2008-1669

Linux kernel before 2.6.25.2 does not apply a certain protection mechanism for fcntl functionality, which allows local users to 1 execute code in parallel or 2 exploit a race condition to obtain "re-ordered access to the descriptor table."...

SUSE CVE-2008-3077

arch/x86/kernel/ptrace.c in the Linux kernel before 2.6.25.10 on the x8664 platform leaks taskstruct references into the sys32ptrace function, which allows local users to cause a denial of service system crash or have unspecified other impact via unknown vectors, possibly a use-after-free...