Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Thermal: Intel: PowerClamp: Fixing a mismatch in the get function for maxIdle. KASAN reported this issue. 444.853098 BUG: KASAN: Global-out-of-bounds access in paramgetint+0x77/0x90 444.853111 A size 4 value was read from the...

CVE-2022-50814

In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/zip - fix mismatch in get/set sglsgenr KASAN reported this Bug: 17619.659757 BUG: KASAN: global-out-of-bounds in paramgetint+0x34/0x60 17619.673193 Read of size 4 at addr fffff01332d7ed00 by task readall/1507958...

UBUNTU-CVE-2022-50814

In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/zip - fix mismatch in get/set sglsgenr KASAN reported this Bug: 17619.659757 BUG: KASAN: global-out-of-bounds in paramgetint+0x34/0x60 17619.673193 Read of size 4 at addr fffff01332d7ed00 by task readall/1507958...

CVE-2022-50814

CVE-2022-50814 affects the Linux kernel crypto driver hisilicon/zip, where a mismatch in the sgl_sge_nr variable (type u16) occurs when reading/writing via param_get/set_int, triggering a KASAN global-out-of-bounds read. The documented fix is to replace param_get/set_int with param_get/set_ushort...

EUVD-2022-39487

Malicious code in bioql PyPI...

SUSE CVE-2023-52794

In the Linux kernel, the following vulnerability has been resolved: thermal: intel: powerclamp: fix mismatch in get function for maxidle KASAN reported this 444.853098 BUG: KASAN: global-out-of-bounds in paramgetint+0x77/0x90 444.853111 Read of size 4 at addr ffffffffc16c9220 by task cat/2105...

kernel: use-after-free after failed devlink reload in devlink_param_get

A flaw was found in the Netlink device interface implementation in the Linux kernel that improperly handled certain error conditions, leading to a use-after-free issue with some network device drivers. A local attacker with admin access to the network device could use this to cause a denial of...

The vulnerability of the devlink_param_set/devlink_param_get function (net/core/devlink.c) in the Linux operating system’s IPsec kernel component, which allows a attacker to execute arbitrary code

The vulnerability of the devlinkparamset/devlinkparamget function net/core/devlink.c in the Linux kernel of the IPsec component is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

CVE-2021-31655

Cross Site Scripting XSS vulnerability in TRENDnet TV-IP110WN V1.2.2.64 V1.2.2.65 V1.2.2.68 via the profile parameter. in a GET request in view.cgi...