137 matches found
USN-6777-3 linux-gcp vulnerabilities
Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service system crash. CVE-2023-47233 Several...
CLSA-2024-1716270232 Fix of 48 CVEs
CVE-url: https://ubuntu.com/security/CVE-2023-47233 - wifi: brcmfmac: Fix use-after-free bug in brcmfcfg80211detach CVE-url: https://ubuntu.com/security/CVE-2023-52601 - jfs: Fix memleak in dbAdjCtl CVE-url: https://ubuntu.com/security/CVE-2024-26801 - Bluetooth: Avoid potential use-after-free in...
Ubuntu: Security Advisory (USN-6777-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6777-2: Linux kernel (Azure) vulnerabilities
Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service system crash. CVE-2023-47233 Several...
USN-6766-3: Linux kernel (AWS) vulnerabilities
It was discovered that the Open vSwitch implementation in the Linux kernel could overflow its stack during recursive action operations under certain conditions. A local attacker could use this to cause a denial of service system crash. CVE-2024-1151 Sander Wiebing, Alvise de Faveri Tron, Herbert...
USN-6778-1 linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities
Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service system crash. CVE-2023-47233 Several...
USN-6767-1: Linux kernel vulnerabilities
Chenyuan Yang discovered that the RDS Protocol implementation in the Linux kernel contained an out-of-bounds read vulnerability. An attacker could use this to possibly cause a denial of service system crash. CVE-2024-23849 Several security issues were discovered in the Linux kernel. An attacker...
USN-6767-1 linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-iot, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux-xilinx-zynqmp vulnerabilities
Chenyuan Yang discovered that the RDS Protocol implementation in the Linux kernel contained an out-of-bounds read vulnerability. An attacker could use this to possibly cause a denial of service system crash. CVE-2024-23849 Several security issues were discovered in the Linux kernel. An attacker...
The vulnerabilities of the llcp_sock_connect() and llcp_sock_bind() functions in the NFC subsystem of Linux kernel allow attackers to cause service failures or disclose protected information.
The vulnerability of the llcpsockconnect and llcpsockbind functions in the NFC subsystem of Linux kernel is related to the use of memory after it is freed, resulting in the same object being assigned to two different sockets. Exploiting this vulnerability can allow an attacker to cause a service...
PT-2023-35263 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.164 Description: The issue is related to the pn533 usb send frame function in the Linux Kernel's NFC subsystem, where it does not wait for out urb's completion. This could potentially lead to security...
PT-2023-35313 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.229 Description: The issue is related to the pn533 usb send frame function in the Linux Kernel's NFC subsystem, specifically the pn533 driver. It involves waiting for out urb's completion. The actual impact...
PT-2023-34907 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.19.270 Description: The issue is related to the pn533 usb send frame function in the Linux Kernel's NFC subsystem, where it does not wait for out urb's completion. This could potentially lead to security...
PT-2023-34867 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.164 Description: The issue is related to the pn533 usb send frame function in the Linux Kernel's NFC subsystem, specifically with the pn533 driver. It involves waiting for the completion of out urb in this...
PT-2023-34891 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.229 Description: The issue is related to the pn533 usb send frame function in the Linux Kernel's NFC subsystem, where it does not wait for out urb's completion. This could potentially lead to security...
PT-2023-34834 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.89 Description: The issue is related to the pn533 usb send frame function in the Linux Kernel's NFC subsystem, specifically the pn533 driver. It involves waiting for out urb's completion. The actual impact...
PT-2023-33286 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.159 Description: The issue concerns a bounds check in the nfc target arrays within the nci component of the NFC subsystem. It was introduced in version v3.4 and fixed in version v5.10.159. The actual impac...
USN-5582-1: Linux kernel (Azure CVM) vulnerabilities
Arthur Mongodin discovered that the netfilter subsystem in the Linux kernel did not properly perform data validation. A local attacker could use this to escalate privileges in certain situations. CVE-2022-34918 Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux...
USN-5560-1: Linux kernel vulnerabilities
Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...
USN-5518-1: Linux kernel vulnerabilities
It was discovered that the eBPF implementation in the Linux kernel did not properly prevent writes to kernel objects in BPFBTFLOAD commands. A privileged local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-0500 It was discovered tha...
USN-5513-1: Linux kernel (AWS) vulnerabilities
Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. CVE-2021-3609 Likang Luo discovered that a race condition existed in the Bluetoo...