EUVD-2022-45787

Malicious code in bioql PyPI...

Fedora 35 : kernel (2022-b948fc3cfb)

The remote Fedora 35 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-b948fc3cfb advisory. The 101/201/301 builds of the 5.19.15 kernel contain fixes for some wireless network vulnerabilities and a couple of important arm bug fixes. ---- T...

Ubuntu 22.04 LTS : Linux kernel (Azure CVM) vulnerabilities (USN-5752-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5752-1 advisory. David Bouman and Billy Jheng Bing Jhong discovered that a race condition existed in the iouring subsystem in the Linux kernel, leading to a use- after-fr...

Ubuntu 22.10 : Linux kernel vulnerabilities (USN-5700-1)

The remote Ubuntu 22.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5700-1 advisory. David Bouman and Billy Jheng Bing Jhong discovered that a race condition existed in the iouring subsystem in the Linux kernel, leading to a use- after-free...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-5691-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5691-1 advisory. David Bouman and Billy Jheng Bing Jhong discovered that a race condition existed in the iouring subsystem in the Linux kernel, leading to a...

SUSE-SU-2022:3628-1 Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-1504002411 fixes several issues. The following security issues were fixed: - CVE-2022-41674: Fixed buffer overflow that can be triggered by injected WLAN frames bsc1203994. - CVE-2022-42719: Fixed use-after-free in the mac80211 stack when parsing a...

SUSE-SU-2022:3607-1 Security update for the Linux Kernel (Live Patch 30 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-15020024129 fixes several issues. The following security issues were fixed: - CVE-2022-41674: Fixed buffer overflow that can be triggered by injected WLAN frames bsc1203994. - CVE-2022-42719: Fixed use-after-free in the mac80211 stack when parsing a...

SUSE SLES15 Security Update : kernel (Live Patch 2 for SLE 15 SP4) (SUSE-SU-2022:3605-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3605-1 advisory. This update for the Linux Kernel 5.14.21-1504002418 fixes several issues. The following security issues were fixed: - CVE-2022-41674: Fixed...

SUSE-SU-2022:3601-1 Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-1504002421 fixes several issues. The following security issues were fixed: - CVE-2022-41674: Fixed buffer overflow that can be triggered by injected WLAN frames bsc1203994. - CVE-2022-42719: Fixed use-after-free in the mac80211 stack when parsing a...

[ASA-202210-3] linux-lts: multiple issues

Arch Linux Security Advisory ASA-202210-3 ========================================= Severity: Critical Date : 2022-10-14 CVE-ID : CVE-2022-41674 CVE-2022-42719 CVE-2022-42720 CVE-2022-42721 CVE-2022-42722 Package : linux-lts Type : multiple issues Remote : Yes Link :...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel versions 5.1 through 5.19.14, which stems from a list management vulnerability handled by BSS in the mac80211 stack that could b...

CVE-2022-42721

CVE-2022-42721 is a local, WLAN-frame–triggered vulnerability in the Linux kernel mac80211/BSS handling (linked-list corruption in net/wireless/scan.c; cfg80211_add_nontrans_list) affecting 5.1–5.19.x prior to 5.19.16. Exploitation could enable code execution via crafted frames; patches exist in ...

CVE-2022-42721

A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers able to inject WLAN frames to corrupt a linked list and, in turn, potentially execute code...