CVE-2022-26452

CVE-2022-26452 affects the isp component, describing a use-after-free caused by improper locking. The vulnerability enables local escalation of privilege with System execution privileges required and does not require user interaction. The available connected documents consistently cite a patch id...

PT-2022-17886 · Vdec Fmt · Vdec Fmt

Name of the Vulnerable Software and Affected Versions: vdec fmt affected versions not specified Description: The issue is related to a possible use after free due to improper locking in vdec fmt. This could lead to local escalation of privilege, with System execution privileges needed. User...

PT-2022-17863 · Isp · Isp

Name of the Vulnerable Software and Affected Versions: isp affected versions not specified Description: The issue is related to a possible use after free due to improper locking, which could lead to local escalation of privilege. System execution privileges are needed for exploitation, and user...

MediaTek 芯片安全漏洞

MediaTek Inc. is the world's fourth largest fab semiconductor company and a market leader in mobile devices, smart home applications, wireless connectivity technologies and IoT products, with approximately 1.5 billion devices with MediaTek chips built into them hitting the market around the world...

Linux kernel denial of service vulnerability (CNVD-2022-68087)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A denial of service vulnerability exists in the Linux kernel that stems from improper locking, a race condition flaw has been found in the Linux kernel sound subsystem, which m...

Design/Logic Flaw

In ambiot amb1sdk aka SDK for Ameba1 before 2022-06-20 on Realtek RTL8195AM devices before 284241d70308ff2519e40afd7b284ba892c730a3, the timer task and RX task would be locked when there are frequent and continuous Wi-Fi connection with four-way handshake failures in Soft AP mode...

CVE-2022-3303

A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTLDSPSYNC ioctl. A privileged local user root or member of the audio group could use this flaw to crash the system, resulting in a denial...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A denial of service vulnerability exists in the Linux kernel that stems from improper locking, a race condition flaw has been found in the Linux kernel sound subsystem, which m...

CVE-2022-3303

CVE-2022-3303 is a race-condition vulnerability in the Linux kernel sound subsystem (SNDCTL_DSP_SYNC ioctl) that can cause a NULL pointer dereference and denial of service via a locally privileged user. The issue affects the Linux kernel’s sound code path and can crash the system, potentially ena...

CVE-2022-34326

In ambiot amb1sdk aka SDK for Ameba1 before 2022-06-20 on Realtek RTL8195AM devices before 284241d70308ff2519e40afd7b284ba892c730a3, the timer task and RX task would be locked when there are frequent and continuous Wi-Fi connection with four-way handshake failures in Soft AP mode...

FreeBSD Kernel Netmap Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of FreeBSD Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

GSD-2022-1006221 powerpc/pci: Fix get_phb_number() locking

powerpc/pci: Fix getphbnumber locking This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.291 by commit...

GSD-2022-1006114 powerpc/pci: Fix get_phb_number() locking

powerpc/pci: Fix getphbnumber locking This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.256 by commit...

GSD-2022-1005975 powerpc/pci: Fix get_phb_number() locking

powerpc/pci: Fix getphbnumber locking This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.211 by commit ccb0a42d3f40c436295e0fef57ab613ae5b925a...

GSD-2022-1005742 rxrpc: Fix locking in rxrpc's sendmsg

rxrpc: Fix locking in rxrpc's sendmsg This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.140 by commit...

GSD-2022-1005502 powerpc/pci: Fix get_phb_number() locking

powerpc/pci: Fix getphbnumber locking This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.63 by commit 1d9e75c3d8cdf7c96a94cb77450d4ee070279e6...

PT-2022-34479 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.14.291 Description: The issue concerns a locking problem in the get phb number function. The actual impact and potential for attack have not been proven yet. Recommendations: For versions prior to v4.14.291,...

PT-2022-34372 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.19.256 Description: The issue concerns a locking problem in the get phb number function. The actual impact and potential for attack have not been proven yet. Recommendations: For versions prior to v4.19.256,...

PT-2022-34000 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 4.15 through 5.10.139 Description: The issue concerns a locking problem in the rxrpc's sendmsg function. The actual impact and potential for attack have not been proven yet. Recommendations: For Linux Kernel versions 4.1...

PT-2022-34233 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.211 Description: The issue concerns a locking problem in the get phb number function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to...