TencentOS Server 4: firefox (TSSA-2025:0616)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0616 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

SUSE CVE-2004-0964

Buffer overflow in Zinf 2.2.1 on Windows, and other older versions for Linux, allows remote attackers or local users to execute arbitrary code via certain values in a .pls file...

PT-2022-35389 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.75 Description: The issue concerns a send buffer overflow in NFSv3 READDIR. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to v5.15.75,...

PT-2022-33765 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.63 Description: The issue is related to a potential buffer overflow caused by the snprintf function in the ASoC: SOF: Intel: hda driver. The actual impact and attack plausibility have not yet been proven...

PT-2022-33325 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.4 Description: The issue is related to the smb3 protocol, where the check for xattr value length is performed earlier. The actual impact and attack plausibility have not yet been proven. Recommendations: F...

Vulnerability fixed in VMWare Tools

VMWare has fixed a vulnerability in VMWare Tools. A malicious person with user privileges in a virtual machine VM can exploit the vulnerability to grant himself elevated privileges and execute code with local administrator privileges in the vulnerable virtual machine. As far as is known, the...

AZL-9120 CVE-2022-27666 affecting package kernel for versions less than 5.15.32.1-3

A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat...

Linux kernel 资源管理错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in versions of Linux kernel prior to 5.2, which leads to the execution of arbitrary code and escalation of privileges in the kernel context...

Linux kernel denial of service vulnerability (CNVD-2019-45881)

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A denial of service vulnerability exists in Linux kernel versions prior to 5.4.2. The vulnerability stems from...

kernel: rds-ping cause kernel panic

The rdsibxmit function in net/rds/ibsend.c in the Reliable Datagram Sockets RDS protocol implementation in the Linux kernel 3.7.4 and earlier allows local users to cause a denial of service BUGON and kernel panic by establishing an RDS connection with the source IP address equal to the IPoIB...

kernel: Unix sockets kernel panic

The scmdestroy function in net/core/scm.c in the Linux kernel 2.6.27.4, 2.6.26, and earlier makes indirect recursive calls to itself through calls to the fput function, which allows local users to cause a denial of service panic via vectors related to sending an SCMRIGHTS message through a UNIX...

kernel Race condition in mincore can cause "ps -ef" to hang

The mincore function in the Linux kernel before 2.4.33.6 does not properly lock access to user space, which has unspecified impact and attack vectors, possibly related to a deadlock...