1233 matches found
Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.4-2022-028 (ALASKERNEL-5.4-2022-028)
The version of kernel installed on the remote host is prior to 5.4.201-111.359. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2022-028 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/plane: Move range check for...
Linux kernel 信息泄露漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in versions of the Linux kernel prior to 3.1, which originated from allowing local users to obtain sensitive keystroke information by accessing...
PT-2022-3915 · Linux +8 · Linux Kernel +8
Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 5.18.9 Description: A type confusion bug in nft set elem init leading to a buffer overflow could be used by a local attacker to escalate privileges. The attacker can obtain root access, but must start with an...
GSD-2022-1003899 md/bitmap: don't set sb values if can't pass sanity check
md/bitmap: don't set sb values if can't pass sanity check This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.247 by commit...
GSD-2022-1003795 drm/msm/disp/dpu1: set vbif hw config to NULL to avoid use after memory free during pm runtime resume
drm/msm/disp/dpu1: set vbif hw config to NULL to avoid use after memory free during pm runtime resume This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel...
GSD-2022-1003719 netfilter: nf_tables: memleak flow rule from commit path
netfilter: nftables: memleak flow rule from commit path This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.198 by commit...
GSD-2022-1003684 NFSv4: Don't hold the layoutget locks across multiple RPC calls
NFSv4: Don't hold the layoutget locks across multiple RPC calls This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.198 by commit...
GSD-2022-1003554 dlm: fix plock invalid read
dlm: fix plock invalid read This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.121 by commit 899bc4429174861122f0c236588700a4710c1fec, it was...
GSD-2022-1003192 netfilter: nf_tables: disallow non-stateful expression in sets earlier
netfilter: nftables: disallow non-stateful expression in sets earlier This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.13 by commit...
GSD-2022-1003095 arm64: stackleak: fix current_top_of_stack()
arm64: stackleak: fix currenttopofstack This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.14 by commit...
GSD-2022-1003056 soc: ti: ti_sci_pm_domains: Check for null return of devm_kcalloc
soc: ti: tiscipmdomains: Check for null return of devmkcalloc This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.14 by commit...
GSD-2022-1002948 bpf, arm64: Clear prog->jited_len along prog->jited
bpf, arm64: Clear prog-jitedlen along prog-jited This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.15 by commit...
GSD-2022-1002887 staging: rtl8712: fix uninit-value in usb_read8() and friends
staging: rtl8712: fix uninit-value in usbread8 and friends This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.15 by commit...
GSD-2022-1002763 arm64: stackleak: fix current_top_of_stack()
arm64: stackleak: fix currenttopofstack This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.3 by commit...
GSD-2022-1002694 smb3: check for null tcon
smb3: check for null tcon This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.3 by commit cc45e3b25540a237c12d5ff601c49e3f2004d5c4. For more...
GSD-2022-1002627 tipc: check attribute length for bearer name
tipc: check attribute length for bearer name This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.4 by commit...
GSD-2022-1002579 net/mlx5: E-Switch, pair only capable devices
net/mlx5: E-Switch, pair only capable devices This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.4 by commit...
CVE-2022-28388 affecting package kernel for versions less than 5.15.37.1-2
CVE-2022-28388 affecting package kernel for versions less than 5.15.37.1-2. A patched version of the package is available...
CVE-2021-22556
The Security Team discovered an integer overflow bug that allows an attacker with code execution to issue memory cache invalidation operations on pages that they don’t own, allowing them to control kernel memory from userspace. We recommend upgrading to kernel version 4.1 or beyond...
CVE-2021-22556 Integer Overflow in Fuchsia Kernel
The Security Team discovered an integer overflow bug that allows an attacker with code execution to issue memory cache invalidation operations on pages that they don’t own, allowing them to control kernel memory from userspace. We recommend upgrading to kernel version 4.1 or beyond...