4536 matches found
GSD-2022-1004644 usb: gadget: lpc32xx_udc: Fix refcount leak in lpc32xx_udc_probe
usb: gadget: lpc32xxudc: Fix refcount leak in lpc32xxudcprobe This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.124 by commit...
GSD-2022-1004480 scsi: ibmvfc: Allocate/free queue resource only during probe/remove
scsi: ibmvfc: Allocate/free queue resource only during probe/remove This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.51 by commit...
GSD-2022-1004395 net: stmmac: fix leaks in probe
net: stmmac: fix leaks in probe This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.56 by commit f4bd3202a2b4194ab6c0ce61628095d54f994db4, it...
GSD-2022-1004350 tcp: Fix a data-race around sysctl_tcp_probe_threshold.
tcp: Fix a data-race around sysctltcpprobethreshold. This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.58 by commit...
GSD-2022-1004294 usb: gadget: lpc32xx_udc: Fix refcount leak in lpc32xx_udc_probe
usb: gadget: lpc32xxudc: Fix refcount leak in lpc32xxudcprobe This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.6 by commit...
GSD-2022-1004279 scsi: ibmvfc: Allocate/free queue resource only during probe/remove
scsi: ibmvfc: Allocate/free queue resource only during probe/remove This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.8 by commit...
GSD-2022-1004175 net: stmmac: fix leaks in probe
net: stmmac: fix leaks in probe This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.13 by commit dd91bc60f305610401b2196bedb573693d6c8e46, it...
CVE-2022-36890
Jenkins Deployer Framework Plugin 85.v1d1888e8c021 and earlier does not restrict the name of files in methods implementing form validation, allowing attackers with Item/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system...
SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2022:2422-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2422-1 advisory. - Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in...
[SECURITY] Fedora 35 Update: httprobe-0.1.2-6.fc35
Take a list of domains and probe for working HTTP and HTTPS servers...
CVE-2022-30591
quic-go through 0.27.0 allows remote attackers to cause a denial of service CPU consumption via a Slowloris variant in which incomplete QUIC or HTTP/3 requests are sent. This occurs because mtudiscoverer.go misparses the MTU Discovery service and consequently overflows the probe timer. NOTE: the...
DEBIAN-CVE-2022-30591
quic-go through 0.27.0 allows remote attackers to cause a denial of service CPU consumption via a Slowloris variant in which incomplete QUIC or HTTP/3 requests are sent. This occurs because mtudiscoverer.go misparses the MTU Discovery service and consequently overflows the probe timer. NOTE: the...
CVE-2022-30591
quic-go through 0.27.0 allows remote attackers to cause a denial of service CPU consumption via a Slowloris variant in which incomplete QUIC or HTTP/3 requests are sent. This occurs because mtudiscoverer.go misparses the MTU Discovery service and consequently overflows the probe timer. NOTE: the...
CVE-2022-30591
quic-go through 0.27.0 allows remote attackers to cause a denial of service CPU consumption via a Slowloris variant in which incomplete QUIC or HTTP/3 requests are sent. This occurs because mtudiscoverer.go misparses the MTU Discovery service and consequently overflows the probe timer. NOTE: the...
GSD-2022-1003983 phy: qcom-qmp: fix struct clk leak on probe errors
phy: qcom-qmp: fix struct clk leak on probe errors This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.283 by commit...
GSD-2022-1003980 phy: qcom-qmp: fix reset-controller leak on probe errors
phy: qcom-qmp: fix reset-controller leak on probe errors This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.283 by commit...
GSD-2022-1003882 phy: qcom-qmp: fix reset-controller leak on probe errors
phy: qcom-qmp: fix reset-controller leak on probe errors This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.247 by commit...
GSD-2022-1003864 phy: qcom-qmp: fix struct clk leak on probe errors
phy: qcom-qmp: fix struct clk leak on probe errors This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.247 by commit...
GSD-2022-1003841 tcp: fix tcp_mtup_probe_success vs wrong snd_cwnd
tcp: fix tcpmtupprobesuccess vs wrong sndcwnd This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.247 by commit...
GSD-2022-1003772 thermal/drivers/broadcom: Fix potential NULL dereference in sr_thermal_probe
thermal/drivers/broadcom: Fix potential NULL dereference in srthermalprobe This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.198 by commit...