Lucene search
K

217 matches found

RedHat Linux
RedHat Linux
added 2023/03/27 8:38 a.m.5 views

kernel: tun: avoid double free in tun_free_netdev

A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the registernetdevice function fails NETDEVREGISTER notifier. This flaw allows a local user to crash or potentially escalate their privileges on the system...

7.8CVSS6.7AI score0.00456EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/03/27 8:15 a.m.2 views

kernel: tun: avoid double free in tun_free_netdev

A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the registernetdevice function fails NETDEVREGISTER notifier. This flaw allows a local user to crash or potentially escalate their privileges on the system...

7.8CVSS6.7AI score0.00456EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/03/27 8:13 a.m.3 views

kernel: tun: avoid double free in tun_free_netdev

A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the registernetdevice function fails NETDEVREGISTER notifier. This flaw allows a local user to crash or potentially escalate their privileges on the system...

7.8CVSS6.7AI score0.00456EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/03/27 8:7 a.m.11 views

kernel: tun: avoid double free in tun_free_netdev

A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the registernetdevice function fails NETDEVREGISTER notifier. This flaw allows a local user to crash or potentially escalate their privileges on the system...

7.8CVSS6.7AI score0.00456EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:28 a.m.4 views

SUSE CVE-2014-3535

include/linux/netdevice.h in the Linux kernel before 2.6.36 incorrectly uses macros for netdevprintk and its related logging implementation, which allows remote attackers to cause a denial of service NULL pointer dereference and system crash by sending invalid packets to a VxLAN interface...

7.8CVSS7.7AI score0.0415EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:29 a.m.4 views

SUSE CVE-2018-7191

In the tun subsystem in the Linux kernel before 4.13.14, devgetvalidname is not called before registernetdevice. This allows local users to cause a denial of service NULL pointer dereference and panic via an ioctlTUNSETIFF call with a dev name containing a / character. This is similar to...

5.5CVSS6.4AI score0.00654EPSS
Exploits1References16
OSV
OSV
added 2022/09/17 12:21 a.m.8 views

GSD-2022-1005719 net/sched: fix netdevice reference leaks in attach_default_qdiscs()

net/sched: fix netdevice reference leaks in attachdefaultqdiscs This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.142 by commit...

7.2AI score
Exploits0
Positive Technologies
Positive Technologies
added 2022/09/17 12:0 a.m.4 views

PT-2022-33977 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.142 Description: A potential issue exists in the Linux Kernel related to netdevice reference leaks in the attach default qdiscs function. The actual impact and attack plausibility have not yet been proven...

7.3AI score
Exploits0References1
OSV
OSV
added 2022/09/16 11:55 p.m.11 views

GSD-2022-1005406 net/sched: fix netdevice reference leaks in attach_default_qdiscs()

net/sched: fix netdevice reference leaks in attachdefaultqdiscs This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.66 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/09/16 11:23 p.m.10 views

GSD-2022-1004983 net/sched: fix netdevice reference leaks in attach_default_qdiscs()

net/sched: fix netdevice reference leaks in attachdefaultqdiscs This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.8 by commit...

7.2AI score
Exploits0
Positive Technologies
Positive Technologies
added 2022/01/01 12:0 a.m.10 views

PT-2025-8055

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue has been resolved in the Linux kernel. The problem occurs when ref tracker dir init is called, and the struct ref tracker dir is marked as dead. To detect this...

7.8CVSS6.4AI score0.00234EPSS
Exploits0References18
Positive Technologies
Positive Technologies
added 2021/12/17 12:0 a.m.10 views

PT-2021-8138 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The vulnerability is related to a double-free issue in the tun free netdev function. This issue can be exploited to execute arbitrary code and elevate privileges. The problem arises fr...

7.8CVSS7.7AI score0.08555EPSS
Exploits13References1756
Positive Technologies
Positive Technologies
added 2021/06/17 12:0 a.m.7 views

PT-2024-11245

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak vulnerability has been resolved in the Linux kernel. The issue was caused by a missing free netdev call in the mkiss close function, which led to a memory leak when the mki...

5.5CVSS6.6AI score0.00226EPSS
Exploits0
OSV
OSV
added 2019/05/17 5:29 a.m.1 views

DEBIAN-CVE-2018-7191

In the tun subsystem in the Linux kernel before 4.13.14, devgetvalidname is not called before registernetdevice. This allows local users to cause a denial of service NULL pointer dereference and panic via an ioctlTUNSETIFF call with a dev name containing a / character. This is similar to...

5.5CVSS6AI score0.00654EPSS
Exploits1References1
Oracle linux
Oracle linux
added 2017/05/26 12:0 a.m.90 views

kernel security, bug fix, and enhancement update

3.10.0-514.21.1.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-514.21.1 - kernel sched/core: Fix an SMP ordering race in trytowakeup vs...

9.3CVSS7.4AI score0.17827EPSS
Exploits18
Prion
Prion
added 2014/09/28 7:55 p.m.19 views

Null pointer dereference

include/linux/netdevice.h in the Linux kernel before 2.6.36 incorrectly uses macros for netdevprintk and its related logging implementation, which allows remote attackers to cause a denial of service NULL pointer dereference and system crash by sending invalid packets to a VxLAN interface...

7.8CVSS6.9AI score0.0415EPSS
Exploits1References5Affected Software1
Debian CVE
Debian CVE
added 2014/09/28 7:0 p.m.28 views

CVE-2014-3535

include/linux/netdevice.h in the Linux kernel before 2.6.36 incorrectly uses macros for netdevprintk and its related logging implementation, which allows remote attackers to cause a denial of service NULL pointer dereference and system crash by sending invalid packets to a VxLAN interface...

7.8CVSS8AI score0.0415EPSS
Exploits1
Rows per page
Query Builder