CBL Mariner 2.0 Security Update: kernel (CVE-2022-2318)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-2318 advisory. - There are use-after-free vulnerabilities caused by timer handler in net/rose/rosetimer.c of linux that allow...

Ubuntu 18.04 LTS : Linux kernel (AWS) vulnerabilities (USN-5682-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5682-1 advisory. It was discovered that the BPF verifier in the Linux kernel did not properly handle internal data structures. A local attacker could use this to expose...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-5668-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5668-1 advisory. It was discovered that the BPF verifier in the Linux kernel did not properly handle internal data structures. A local attacker could use this...

Ubuntu 20.04 LTS : Linux kernel (GKE) vulnerabilities (USN-5648-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5648-1 advisory. It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of-...

Ubuntu 22.04 LTS : Linux kernel (Oracle) vulnerabilities (USN-5640-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5640-1 advisory. It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of-...

Important: kernel

Issue Overview: There are use-after-free vulnerabilities caused by timer handler in net/rose/rosetimer.c of linux that allow attackers to crash linux kernel without any privileges. CVE-2022-2318 Linux disk/nic frontends data leaks This CNA information record relates to multiple CVEs; the text...

CVE-2022-2318

There are use-after-free vulnerabilities caused by timer handler in net/rose/rosetimer.c of linux that allow attackers to crash linux kernel without any privileges...

Design/Logic Flaw

There are use-after-free vulnerabilities caused by timer handler in net/rose/rosetimer.c of linux that allow attackers to crash linux kernel without any privileges...

CVE-2022-2318

CVE-2022-2318 is a use-after-free vulnerability in the Linux kernel's Rose (net/rose/rose_timer.c) timer handler that can cause denial of service (crash) with local privileges. Connected advisories confirm the vulnerability affects Linux kernel releases and note fixed versions: Debian security ad...

CVE-2022-2318

There are use-after-free vulnerabilities caused by timer handler in net/rose/rosetimer.c of linux that allow attackers to crash linux kernel without any privileges...