132 matches found
SUSE CVE-2013-1957
The clonemnt function in fs/namespace.c in the Linux kernel before 3.8.6 does not properly restrict changes to the MNTREADONLY flag, which allows local users to bypass an intended read-only property of a filesystem by leveraging a separate mount namespace...
SUSE CVE-2016-2186
The powermateprobe function in drivers/input/misc/powermate.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service NULL pointer dereference and system crash via a crafted endpoints value in a USB device descriptor...
GSD-2023-1000735 mmc: moxart: fix return value check of mmc_add_host()
mmc: moxart: fix return value check of mmcaddhost This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...
GSD-2022-1007844 netfilter: ipset: enforce documented limit to prevent allocating huge memory
netfilter: ipset: enforce documented limit to prevent allocating huge memory This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.8 by commit...
GSD-2022-1007111 staging: greybus: audio_helper: remove unused and wrong debugfs usage
staging: greybus: audiohelper: remove unused and wrong debugfs usage This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.75 by commit...
GSD-2022-1006643 drm/msm/dp: add atomic_check to bridge ops
drm/msm/dp: add atomiccheck to bridge ops This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.7 by commit...
GSD-2022-1005828 powerpc/cell/axon_msi: Fix refcount leak in setup_msi_msg_address
powerpc/cell/axonmsi: Fix refcount leak in setupmsimsgaddress This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.137 by commit...
GSD-2022-1004255 f2fs: attach inline_data after setting compression
f2fs: attach inlinedata after setting compression This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.8 by commit...
DEBIAN-CVE-2022-34495
rpmsgprobe in drivers/rpmsg/virtiorpmsgbus.c in the Linux kernel before 5.18.4 has a double free...
Vulnerability of the prealloc_elems_and_frealist function (kernel/bpf/stackmap.c) in the Linux operating system’s kernel, which allows an attacker to access confidential information or cause a service failure
The vulnerability of the preallocelemsandfrealist function kernel/bpf/stackmap.c in the Linux operating system’s kernel is related to integer overflow. Exploiting this vulnerability could allow an attacker to access confidential information or cause service failures...
GSD-2022-1001101 virtio: use virtio_device_ready() in virtio_device_restore()
virtio: use virtiodeviceready in virtiodevicerestore This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.2 by commit...
CVE-2022-28796
jbd2journalwaitupdates in fs/jbd2/transaction.c in the Linux kernel before 5.17.1 has a use-after-free caused by a transactiont race condition...
GSD-2022-1000676 ASoC: max9759: fix underflow in speaker_gain_control_put()
ASoC: max9759: fix underflow in speakergaincontrolput This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.8 by commit...
GSD-2022-1000416 powerpc/fixmap: Fix VM debug warning on unmap
powerpc/fixmap: Fix VM debug warning on unmap This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.24 by commit...
In __f2fs_setxattr in fs/f2fs/xattr.c in the Linux kernel through 5.15.11 there is an out-of-bounds memory access when an inode has an invalid last xattr entry.
...
GSD-2021-1002537 i2c: virtio: disable timeout handling
i2c: virtio: disable timeout handling This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.6 by commit cc432b0727ce404cc13e8f6b5ce29f412c3f9f1f...
UVI-2021-1002022 media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt()
media: firewire: firedtv-avc: fix a buffer overflow in avccapmt This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.158 by commit...
Code injection
In intelpmudrainpebsnhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs, userspace applications such as perf-fuzzer can cause a system crash because the PEBS status in a PEBS record is mishandled, aka CID-d88d05a9e0b6...
AZL-6541 CVE-2021-28964 affecting package kernel for versions less than 5.10.78.1-1
A race condition was discovered in getoldroot in fs/btrfs/ctree.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service BUG because of a lack of locking on an extent buffer before a cloning operation, aka CID-dbcc7d57bffc...
Vulnerability in gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c (BSC #1171982) of the Linux kernel, related to reading beyond the buffer data boundary, allowing an attacker to cause a service failure.
The vulnerability in drivers/usb/gadget/configfs.c BSC 1171982 of the Linux kernel relates to reading beyond the buffer data boundary. Exploiting this vulnerability can allow an attacker to cause service failures remotely...