CVE-2022-1943

A flaw out of bounds memory write in the Linux kernel UDF file system functionality was found in the way user triggers some file operation which triggers udfwritefi. A local user could use this flaw to crash the system or potentially...

CVE-2022-1943

A flaw out of bounds memory write in the Linux kernel UDF file system functionality was found in the way user triggers some file operation which triggers udfwritefi. A local user could use this flaw to crash the system or potentially...

CVE-2022-1943

An out-of-bounds memory write flaw was found in the Linux kernel’s UDF file system functionality in the way a user triggers some file operations, which triggers udfwritefi. This flaw allows a local user to crash or potentially escalate their privileges on the system. Mitigation To mitigate this...

CVE-2022-30785

A file handle created in fuselibopendir, and later used in fuselibreaddir, enables arbitrary memory read and write operations in NTFS-3G through 2021.8.22 when using libfuse-lite...

CVE-2022-30785

NTFS-3G contains a local memory read/write vulnerability triggered by a file handle created in fuse_lib_opendir and later used in fuse_lib_readdir when using libfuse-lite. The issue affects NTFS-3G up to 2021.8.22 (through libfuse-lite) and can enable arbitrary memory access. Public exploit detai...

CVE-2022-30785

A file handle created in fuselibopendir, and later used in fuselibreaddir, enables arbitrary memory read and write operations in NTFS-3G through 2021.8.22 when using libfuse-lite...

Oracle Linux 8 : kernel (ELSA-2022-1988)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-1988 advisory. - netfilter: nftablesoffload: incorrect flow offload action array size Florian Westphal 2056728 CVE-2022-25636 - RDMA/cma: Do not change...

Rocky Linux 8 : kernel (RLSA-2022:1988)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:1988 advisory. - An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls...

CVE-2021-26348

Failure to flush the Translation Lookaside Buffer TLB of the I/O memory management unit IOMMU may lead an IO device to write to memory it should not be able to access, resulting in a potential loss of integrity...

kernel: joydev: zero size passed to joydev_handle_JSIOCSBTNMAP()

An out-of-bounds memory write flaw was found in the Linux kernel’s joystick devices subsystem, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to...

kernel: joydev: zero size passed to joydev_handle_JSIOCSBTNMAP()

An out-of-bounds memory write flaw was found in the Linux kernel’s joystick devices subsystem, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to...

AMD EPYC DRTM UApp 安全漏洞

AMD EPYC is an x86 architecture server microprocessor product line from AMD Semiconductor, known in Chinese as "霄龙", which utilizes the Zen microarchitecture. A security vulnerability exists in the AMD EPYC DRTM UApp. The vulnerability arises from a partial initialization of the DRTM UApp, which...

NewStart CGSL CORE 5.05 / MAIN 5.05 : libldb Vulnerability (NS-SA-2022-0027)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has libldb packages installed that are affected by a vulnerability: - A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash o...

CVE-2022-28738

A double free was found in the Regexp compiler in Ruby 3.x before 3.0.4 and 3.1.x before 3.1.2. If a victim attempts to create a Regexp from untrusted user input, an attacker may be able to write to unexpected memory locations...

CVE-2022-28738

Ruby 3.x before 3.0.4 and 3.1.x before 3.1.2 contains a double-free in the Regexp compiler when compiling a Regexp from untrusted user input, potentially allowing memory corruption. The issue is fixed in Ruby 3.0.4 and 3.1.2+; affected releases include Ruby 3.x up to those pre-fix versions. Sever...

Huawei EulerOS: Security Advisory for xorg-x11-server (EulerOS-SA-2022-1689)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Vulnerability (NS-SA-2022-0015)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel packages installed that are affected by a vulnerability: - An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl...

NewStart CGSL MAIN 6.02 : kernel Vulnerability (NS-SA-2022-0068)

The remote NewStart CGSL host, running version MAIN 6.02, has kernel packages installed that are affected by a vulnerability: - An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP...

CVE-2022-27470

SDLttf v2.0.18 and below was discovered to contain an arbitrary memory write via the function TTFRenderTextSolid. This vulnerability is triggered via a crafted TTF file...

DEBIAN-CVE-2022-27470

SDLttf v2.0.18 and below was discovered to contain an arbitrary memory write via the function TTFRenderTextSolid. This vulnerability is triggered via a crafted TTF file...