2295 matches found
kernel: net/sched: sch_qfq component can be exploited if in qfq_change_agg function happens qfq_enqueue overhead
An out-of-bounds memory write flaw was found in qfqchangeagg in net/sched/schqfq.c in the Traffic Control QoS subsystem in the Linux kernel. This flaw allows a local user to crash or potentially escalate their privileges on the system...
kernel: net/sched: sch_qfq component can be exploited if in qfq_change_agg function happens qfq_enqueue overhead
An out-of-bounds memory write flaw was found in qfqchangeagg in net/sched/schqfq.c in the Traffic Control QoS subsystem in the Linux kernel. This flaw allows a local user to crash or potentially escalate their privileges on the system...
Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2024-488)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-488 advisory. In the Linux kernel, the following vulnerability has been resolved: iouring/afunix: disable sending iouring over sockets CVE-2023-52654 In the Linux kernel, the following vulnerability has been...
Fedora 39 : mingw-jasper (2024-f53b383648)
The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-f53b383648 advisory. Backport fix for CVE-2023-51257. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...
CVE-2024-0646
An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination. This flaw allows a local user to crash or potentially escalate their privileges on the system...
CVE-2024-0646
An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination. This flaw allows a local user to crash or potentially escalate their privileges on the system...
DEBIAN-CVE-2024-0646
An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination. This flaw allows a local user to crash or potentially escalate their privileges on the system...
AZL-34873 CVE-2024-0646 affecting package kernel for versions less than 6.6.35.1-4
An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination. This flaw allows a local user to crash or potentially escalate their privileges on the system...
Design/Logic Flaw
An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination. This flaw allows a local user to crash or potentially escalate their privileges on the system...
CVE-2024-0646
An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination. This flaw allows a local user to crash or potentially escalate their privileges on the system. Mitigation To...
CVE-2024-0646 Kernel: ktls overwrites readonly memory pages when using function splice with a ktls socket as destination
An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination. This flaw allows a local user to crash or potentially escalate their privileges on the system...
CVE-2024-0646
CVE-2024-0646 describes an out-of-bounds memory write in the Linux kernel’s Transport Layer Security path, occurring when a user calls a splice function with a ktls socket as the destination. The issue could allow a local user to crash the system or potentially escalate privileges. Connected advi...
CVE-2024-0646
An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination. This flaw allows a local user to crash or potentially escalate their privileges on the system...
SUSE CVE-2023-51257
An invalid memory write issue in Jasper-Software Jasper v.4.1.1 and before allows a local attacker to execute arbitrary code...
AZL-33325 CVE-2023-51257 affecting package jasper for versions less than 2.0.32-4
An invalid memory write issue in Jasper-Software Jasper v.4.1.1 and before allows a local attacker to execute arbitrary code...
AZL-34807 CVE-2023-51257 affecting package jasper for versions less than 4.2.1-1
An invalid memory write issue in Jasper-Software Jasper v.4.1.1 and before allows a local attacker to execute arbitrary code...
CVE-2023-51257
An invalid memory write issue in Jasper-Software Jasper v.4.1.1 and before allows a local attacker to execute arbitrary code...
Input validation
An invalid memory write issue in Jasper-Software Jasper v.4.1.1 and before allows a local attacker to execute arbitrary code...
UBUNTU-CVE-2023-51257
An invalid memory write issue in Jasper-Software Jasper v.4.1.1 and before allows a local attacker to execute arbitrary code...
CVE-2023-51257
CVE-2023-51257 affects Jasper-Software Jasper up to v4.1.1 (and related Jasper packages). The root cause is an invalid memory write in jas_icc.c:1333:23, enabling a local attacker to execute arbitrary code. Connected advisories show multiple vendors packaging patched Jasper releases and recommend...