EUVD-2022-25015

Malicious code in bioql PyPI...

Use After Free

Linux Kernel is vulnerable to use after free. The vulnerability exists in nfcmrvlnciunregisterdev in main.c which allows a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Ubuntu 20.04 LTS : Linux kernel (Azure CVM) vulnerabilities (USN-5582-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5582-1 advisory. Arthur Mongodin discovered that the netfilter subsystem in the Linux kernel did not properly perform data validation. A local attacker could use this to...

EulerOS 2.0 SP10 : kernel (EulerOS-SA-2022-2257)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Insufficient control flow management for the IntelR 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enable...

Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-5560-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5560-1 advisory. Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter...

SUSE SLES12 Security Update : kernel (SUSE-SU-2022:2629-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2629-1 advisory. - In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-fre...

SUSE SLES15 Security Update : kernel (Live Patch 2 for SLE 15 SP3) (SUSE-SU-2022:2262-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2262-1 advisory. - Integer Overflow or Wraparound vulnerability in iouring of Linux Kernel allows local attacker to cause memory corruption and...

Ubuntu 16.04 ESM : Linux kernel vulnerabilities (USN-5500-1)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5500-1 advisory. Eric Biederman discovered that the cgroup process migration implementation in the Linux kernel did not perform permission checks correctly in some...

SUSE SLES15 Security Update : kernel (Live Patch 28 for SLE 15 SP1) (SUSE-SU-2022:2206-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:2206-1 advisory. - A flaw in Linux Kernel found in nfcmrvlnciunregisterdev in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when n...

SUSE SLES12 Security Update : kernel (Live Patch 23 for SLE 12 SP4) (SUSE-SU-2022:2217-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2022:2217-1 advisory. - A flaw in Linux Kernel found in nfcmrvlnciunregisterdev in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non...

SUSE SLES12 Security Update : kernel (Live Patch 31 for SLE 12 SP5) (SUSE-SU-2022:2195-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2022:2195-1 advisory. - A flaw in Linux Kernel found in nfcmrvlnciunregisterdev in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non...

SUSE SLES12 Security Update : kernel (Live Patch 24 for SLE 12 SP5) (SUSE-SU-2022:2194-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2022:2194-1 advisory. - A flaw in Linux Kernel found in nfcmrvlnciunregisterdev in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non...

A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine.

...

Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on upstream 5.15.41 and fixes at least the following security issues: A flaw was found in unrestricted eBPF usage by the BPFBTFLOAD, leading to a possible out-of-bounds memory write in the Linux kernel BPF subsystem due to the way a user loads BTF. This flaw allo...

CVE-2022-1734

A flaw in Linux Kernel found in nfcmrvlnciunregisterdev in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine...

Design/Logic Flaw

A flaw in Linux Kernel found in nfcmrvlnciunregisterdev in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine...

CVE-2022-1734

A flaw in Linux Kernel found in nfcmrvlnciunregisterdev in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine...

CVE-2022-1734

A flaw in Linux Kernel found in nfcmrvlnciunregisterdev in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine...

CVE-2022-1734

CVE-2022-1734 affects the Linux kernel nfcmrvl NFC driver (drivers/nfc/nfcmrvl/main.c). The flaw is a use-after-free caused by a race between the cleanup path and firmware download, allowing memory corruption with local access (read/write) and potentially denial of service or privilege escalation...

CVE-2022-1734

A flaw in Linux Kernel found in nfcmrvlnciunregisterdev in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine...