PT-2022-35060 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.3 Description: The issue is related to some leaks in the probe function of the dwc3 core in the Linux Kernel's USB component. The actual impact and attack plausibility have not yet been proven...

PT-2022-35774 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.19.262 Description: A refcount leak bug was found in the qcom smsm probe function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to...

PT-2022-36756 · Git +1 · Util-Linux

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack-buffer-overflow crash. Technical details about the crash include the merge utf16be ascii, probe isoNUMBER, and superblock...

kernel: ASoC: rt711-sdca: fix kernel NULL pointer dereference when IO error

In the Linux kernel, the following vulnerability has been resolved: ASoC: rt711-sdca: fix kernel NULL pointer dereference when IO error The initial settings will be written before the codec probe function. But, the rt711-component doesn't be assigned yet. If IO error happened during initial...

kernel: RDMA/hfi1: Prevent use of lock before it is initialized

In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: Prevent use of lock before it is initialized If there is a failure during probe of hfi1 before the sdmamaplock is initialized, the call to hfi1freedevdata will attempt to use a lock that has not been initialized. If th...

kernel: memory leak in drivers/hid/hid-elo.c

A memory leak flaw was found in eloprobe in drivers/hid/hid-elo.c in the Human Interface Devices HID in the Linux kernel. This issue allows an attacker to cause a denial of service when hidparse in eloprobe fails...

CVE-2022-41552

Server-Side Request Forgery SSRF vulnerability in Hitachi Infrastructure Analytics Advisor on Linux Data Center Analytics, Analytics probe components, Hitachi Ops Center Analyzer on Linux Hitachi Ops Center Analyzer detail view, Hitachi Ops Center Analyzer probe components allows Server Side...

Code injection

It may be possible to gain some details of the deployment through a well-crafted attack. This may allow that data to be used to probe internal network services...

UBUNTU-CVE-2022-3577

An out-of-bounds memory write flaw was found in the Linux kernel’s Kid-friendly Wired Controller driver. This flaw allows a local user to crash or potentially escalate their privileges on the system. It is in bigbenprobe of drivers/hid/hid-bigbenff.c. The reason is incorrect assumption - bigben...

Security Bulletin: Vulnerability in Net-SNMP affects Netcool/OMNIbus SNMP Probe (CVE-2015-5621)

Summary Netcool/OMNIbus SNMP Probe is vulnerable to a denial of service, caused by Net-SNMP. Vulnerability Details CVEID: CVE-2015-5621 DESCRIPTION: Net-SNMP is vulnerable to a denial of service, caused by incompletely parsed varBind variables being left in the list of variables by the snmppdupar...

OESA-2022-1967 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free.CVE-2022-40307 A flaw use after free in the Linux kernel video4linux driver wa...

Unbreakable Enterprise kernel security update

5.4.17-2136.311.6 - Revert 'KVM: x86: Print error code in exception injection tracepoint iff valid' Sherry Yang Orabug: 34535896 5.4.17-2136.311.5 - netfilter: nftables: do not allow RULEID to refer to another chain Thadeu Lima de Souza Cascardo Orabug: 34495567 CVE-2022-2586 - netfilter: nftable...

CVE-2022-3239

A flaw use after free in the Linux kernel video4linux driver was found in the way user triggers em28xxusbprobe for the Empia 28xx based TV cards. A local user could use this flaw to crash the system or potentially escalate their privileges on the system...

UBUNTU-CVE-2022-3239

A flaw use after free in the Linux kernel video4linux driver was found in the way user triggers em28xxusbprobe for the Empia 28xx based TV cards. A local user could use this flaw to crash the system or potentially escalate their privileges on the system...

GSD-2022-1006171 bus: hisi_lpc: fix missing platform_device_put() in hisi_lpc_acpi_probe()

bus: hisilpc: fix missing platformdeviceput in hisilpcacpiprobe This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.256 by commit...

GSD-2022-1006161 media: tw686x: Register the irq at the end of probe

media: tw686x: Register the irq at the end of probe This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.256 by commit...

GSD-2022-1006029 wifi: libertas: Fix possible refcount leak in if_usb_probe()

wifi: libertas: Fix possible refcount leak in ifusbprobe This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.211 by commit...

GSD-2022-1005994 firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails

firmware: armscpi: Ensure scpiinfo is not assigned if the probe fails This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.211 by commit...

GSD-2022-1005713 misc: fastrpc: fix memory corruption on probe

misc: fastrpc: fix memory corruption on probe This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.142 by commit...

PT-2022-34284 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.211 Description: The issue is related to a refcount leak in the of flash probe versatile function. The actual impact and attack plausibility have not yet been proven. Recommendations: For versions prior to...