AZL-31566 CVE-2023-45898 affecting package kernel for versions less than 5.15.135.1-2

The Linux kernel before 6.5.4 has an es1 use-after-free in fs/ext4/extentsstatus.c, related to ext4esinsertextent...

AZL-31567 CVE-2023-45871 affecting package kernel for versions less than 5.15.135.1-2

An issue was discovered in drivers/net/ethernet/intel/igb/igbmain.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU...

AZL-31271 CVE-2023-42754 affecting package kernel for versions less than 5.15.135.1-2

A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer skb was assumed to be associated with a device before calling ipoptionscompile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with CAPNETADMIN privileges t...

AZL-29941 CVE-2023-2163 affecting package kernel for versions less than 5.15.133.1-1

Incorrect verifier pruning in BPF in Linux Kernel =5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape...

CVE-2023-27373

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. Due to insufficient input validation, an attacker can tamper with a runtime-accessible EFI variable to cause a dynamic BAR setting to overlap SMRAM...

AZL-27761 CVE-2023-33951 affecting package kernel for versions less than 5.15.135.1-2

A race condition vulnerability was found in the vmwgfx driver in the Linux kernel. The flaw exists within the handling of GEM objects. The issue results from improper locking when performing operations on an object. This flaw allows a local privileged user to disclose information in the context o...

AZL-27537 CVE-2023-38428 affecting package kernel for versions less than 5.15.122.1-2

An issue was discovered in the Linux kernel before 6.3.4. fs/ksmbd/smb2pdu.c in ksmbd does not properly check the UserName value because it does not consider the address of security buffer, leading to an out-of-bounds read...

CVE-2023-27499

SAP GUI for HTML - versions KERNEL 7.22, 7.53, 7.54, 7.77, 7.81, 7.85, 7.89, 7.91, KRNL64UC, 7.22, 7.22EXT, KRNL64UC 7.22, 7.22EXT does not sufficiently encode user-controlled inputs, resulting in a reflected Cross-Site Scripting XSS vulnerability. An attacker could craft a malicious URL and lure...

CVE-2023-27499

SAP GUI for HTML - versions KERNEL 7.22, 7.53, 7.54, 7.77, 7.81, 7.85, 7.89, 7.91, KRNL64UC, 7.22, 7.22EXT, KRNL64UC 7.22, 7.22EXT does not sufficiently encode user-controlled inputs, resulting in a reflected Cross-Site Scripting XSS vulnerability. An attacker could craft a malicious URL and lure...

Insyde InsydeH2O 缓冲区错误漏洞

Insyde InsydeH2O is a C-language source from Insyde Corporation of Taiwan, which implements the new technology "EFI/UEFI" specification designed to replace the traditional BIOS Basic Input/Output System. A security vulnerability exists in Insyde InsydeH2O with kernel versions 5.0 to 5.5, which...

Insyde InsydeH2O 缓冲区错误漏洞

Insyde InsydeH2O is a C-language source from Insyde Corporation of Taiwan, which implements the new technology "EFI/UEFI" specification designed to replace the legacy BIOS Basic Input/Output System. A security vulnerability exists in Insyde InsydeH2O with kernel versions 5.0 to 5.5, which...

Insyde InsydeH2O 缓冲区错误漏洞

Insyde InsydeH2O is a C-language source from Insyde Corporation of Taiwan, which implements the new technology "EFI/UEFI" specification designed to replace the traditional BIOS Basic Input/Output System. A security vulnerability exists in Insyde InsydeH2O with kernel versions 5.0 to 5.5, which...

SAP GUI 跨站脚本漏洞

SAP GUI is an application from SAP, a German company. graphical user interface for SAP systems. A cross-site scripting vulnerability exists in SAP GUI for HTML, which stems from not adequately cleaning up user-controlled input. The following versions are affected: KERNEL versions 7.22, 7.53, 7.54...

PT-2023-2392 · Insyde · Insydeh2O

Name of the Vulnerable Software and Affected Versions: Insyde InsydeH2O with kernel versions 5.0 through 5.5 Description: An issue was discovered in IhisiSmm that may corrupt SMRAM. An attacker can pass an address in the RCX save state register that overlaps SMRAM, coercing an IHISI subfunction...

AZL-26033 CVE-2023-1855 affecting package kernel for versions less than 5.15.107.1-2

A use-after-free flaw was found in xgenehwmonremove in drivers/hwmon/xgene-hwmon.c in the Hardware Monitoring Linux Kernel Driver xgene-hwmon. This flaw could allow a local attacker to crash the system due to a race problem. This vulnerability could even lead to a kernel information leak problem...

AZL-25798 CVE-2023-1079 affecting package kernel for versions less than 5.15.102.1-3

A flaw was found in the Linux kernel. A use-after-free may be triggered in asuskbdbacklightset when plugging/disconnecting in a malicious USB device, which advertises itself as an Asus device. Similarly to the previous known CVE-2023-25012, but in asus devices, the workstruct may be scheduled by...

AZL-25690 CVE-2023-1281 affecting package kernel for versions less than 5.15.102.1-3

Use After Free vulnerability in Linux kernel traffic control index filter tcindex allows Privilege Escalation. The imperfect hash area can be updated while packets are traversing, which will cause a use-after-free when 'tcfextsexec' is called with the destroyed tcfext. A local attacker user can u...

Ez Systems eZ Platform 安全漏洞

Ez Systems eZ Platform is a content management system CMS based on the Symfony framework from Ez Systems, Norway. A security vulnerability exists in Ez Systems eZ Publish Ibexa Kernel versions prior to 7.5.15.1, which stems from misuse of the /user/sessions endpoint to determine if an account...

AZL-25611 CVE-2023-23004 affecting package kernel for versions less than 5.15.102.1-1

In the Linux kernel before 5.19, drivers/gpu/drm/arm/malidpplanes.c misinterprets the getsgtable return value expects it to be NULL in the error case, whereas it is actually an error pointer...

AZL-13824 CVE-2023-22997 affecting package kernel for versions less than 5.15.111.1-1

In the Linux kernel before 6.1.2, kernel/module/decompress.c misinterprets the modulegetnextpage return value expects it to be NULL in the error case, whereas it is actually an error pointer...