1233 matches found
PT-2022-33848 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.61 Description: A potential memory leak was identified in the qedr alloc mr function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to...
GSD-2022-1005055 ice: xsk: prohibit usage of non-balanced queue id
ice: xsk: prohibit usage of non-balanced queue id This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.6 by commit...
GSD-2022-1004978 Input: iforce - wake up after clearing IFORCE_XMIT_RUNNING flag
Input: iforce - wake up after clearing IFORCEXMITRUNNING flag This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.8 by commit...
GSD-2022-1004972 vt: Clear selection before changing the font
vt: Clear selection before changing the font This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.8 by commit...
GSD-2022-1004963 tty: n_gsm: avoid call of sleeping functions from atomic context
tty: ngsm: avoid call of sleeping functions from atomic context This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.8 by commit...
PT-2022-33420 · Apparmor · Apparmor
Name of the Vulnerable Software and Affected Versions: apparmor versions prior to v5.19.4 Description: A memory leak issue exists in the aa simple write to buffer function. The actual impact and attack plausibility have not yet been proven. Recommendations: For versions prior to v5.19.4, update t...
PT-2022-33342 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.4 Description: The issue is related to the ext4 file system, where a block range must be validated before use in the ext4 mb clear bb function. The actual impact and attack plausibility have not yet been...
PT-2022-33357 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.4 Description: The issue is related to the gadgetfs ep io, where it waits until IRQ finishes. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions...
PT-2022-33368 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 4.18 through 5.19.3 Description: The issue is related to preventing underflow when computing packet sizes in the drm/sun4i dsi component. The actual impact and attack plausibility have not yet been proven. Recommendation...
PT-2022-33493 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.2 Description: The issue is related to the cdns3 gadget driver in the Linux Kernel. It involves the assignment of 'priv ep' in the cdns3 gadget ep dequeue and cdns3 gadget ep enable functions. The actual...
PT-2022-33639 · Linux · Kvm
Name of the Vulnerable Software and Affected Versions: KVM versions prior to v5.19.2 Description: The issue concerns the nVMX snapshot pre-VM-Enter BNDCFGS for the !nested run pending case. The actual impact and attack plausibility have not yet been proven. Recommendations: For versions prior to...
Amazon Linux 2 : kernel (ALASKERNEL-5.15-2022-007)
The version of kernel installed on the remote host is prior to 5.15.59-33.133. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2022-007 advisory. An out-of-bounds read flaw was found in the Linux kernel's TeleTYpe subsystem. The issue occurs in how a...
PT-2024-11768
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.0.0-rc3+ Description The issue arises from the psb gem unpin function calling dma resv lock while the underlying ww mutex is destroyed by drm gem object release. To fix this, the drm gem object release call in...
AZL-10793 CVE-2022-1205 affecting package kernel for versions less than 5.15.67.1-4
A NULL pointer dereference flaw was found in the Linux kernel’s Amateur Radio AX.25 protocol functionality in the way a user connects with the protocol. This flaw allows a local user to crash the system...
CVE-2022-23238
Linux deployments of StorageGRID formerly StorageGRID Webscale versions 11.6.0 through 11.6.0.2 deployed with a Linux kernel version less than 4.7.0 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to view limited metrics information and modify alert email...
GSD-2022-1004926 xen/netfront: force data bouncing when backend is untrusted
xen/netfront: force data bouncing when backend is untrusted This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.322 by commit...
GSD-2022-1004420 dmaengine: pl330: Fix lockdep warning about non-static key
dmaengine: pl330: Fix lockdep warning about non-static key This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.54 by commit...
GSD-2022-1004368 x86/speculation: Disable RRSBA behavior
x86/speculation: Disable RRSBA behavior This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.57 by commit...
GSD-2022-1004333 tcp: Fix a data-race around sysctl_tcp_early_retrans.
tcp: Fix a data-race around sysctltcpearlyretrans. This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.58 by commit...
GSD-2022-1004227 powerpc/memhotplug: Add add_pages override for PPC
powerpc/memhotplug: Add addpages override for PPC This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.10 by commit...