Ubuntu 16.04 ESM / 18.04 LTS : Linux kernel vulnerabilities (USN-5515-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5515-1 advisory. Eric Biederman discovered that the cgroup process migration implementation in the Linux kernel did not perform permission checks correctly in...

EulerOS 2.0 SP9 : busybox (EulerOS-SA-2022-1988)

According to the versions of the busybox package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR record's value to a VT compatible...

EulerOS 2.0 SP9 : busybox (EulerOS-SA-2022-1958)

According to the versions of the busybox package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR record's value to a VT compatible...

GSD-2022-1004014 drm/rockchip: vop: fix possible null-ptr-deref in vop_bind()

drm/rockchip: vop: fix possible null-ptr-deref in vopbind This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.283 by commit...

GSD-2022-1003917 drm/rockchip: vop: fix possible null-ptr-deref in vop_bind()

drm/rockchip: vop: fix possible null-ptr-deref in vopbind This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.247 by commit...

GSD-2022-1003630 mtd: rawnand: cadence: fix possible null-ptr-deref in cadence_nand_dt_probe()

mtd: rawnand: cadence: fix possible null-ptr-deref in cadencenanddtprobe This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.121 by commit...

GSD-2022-1003624 drm/rockchip: vop: fix possible null-ptr-deref in vop_bind()

drm/rockchip: vop: fix possible null-ptr-deref in vopbind This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.121 by commit...

GSD-2022-1003490 iommu/arm-smmu: fix possible null-ptr-deref in arm_smmu_device_probe()

iommu/arm-smmu: fix possible null-ptr-deref in armsmmudeviceprobe This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.122 by commit...

GSD-2022-1003420 mtd: rawnand: cadence: fix possible null-ptr-deref in cadence_nand_dt_probe()

mtd: rawnand: cadence: fix possible null-ptr-deref in cadencenanddtprobe This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.46 by commit...

GSD-2022-1003416 mtd: rawnand: intel: fix possible null-ptr-deref in ebu_nand_probe()

mtd: rawnand: intel: fix possible null-ptr-deref in ebunandprobe This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.46 by commit...

GSD-2022-1003130 drm/rockchip: vop: fix possible null-ptr-deref in vop_bind()

drm/rockchip: vop: fix possible null-ptr-deref in vopbind This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.14 by commit...

GSD-2022-1003051 pinctrl: renesas: rzn1: Fix possible null-ptr-deref in sh_pfc_map_resources()

pinctrl: renesas: rzn1: Fix possible null-ptr-deref in shpfcmapresources This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.14 by commit...

GSD-2022-1003048 pinctrl: renesas: core: Fix possible null-ptr-deref in sh_pfc_map_resources()

pinctrl: renesas: core: Fix possible null-ptr-deref in shpfcmapresources This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.14 by commit...

GSD-2022-1003020 iwlwifi: mei: fix potential NULL-ptr deref

iwlwifi: mei: fix potential NULL-ptr deref This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.14 by commit...

GSD-2022-1002945 amt: fix possible null-ptr-deref in amt_rcv()

amt: fix possible null-ptr-deref in amtrcv This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.15 by commit...

GSD-2022-1002916 iommu/arm-smmu: fix possible null-ptr-deref in arm_smmu_device_probe()

iommu/arm-smmu: fix possible null-ptr-deref in armsmmudeviceprobe This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.15 by commit...

GSD-2022-1002782 mtd: rawnand: cadence: fix possible null-ptr-deref in cadence_nand_dt_probe()

mtd: rawnand: cadence: fix possible null-ptr-deref in cadencenanddtprobe This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.3 by commit...

GSD-2022-1002702 mfd: davinci_voicecodec: Fix possible null-ptr-deref davinci_vc_probe()

mfd: davincivoicecodec: Fix possible null-ptr-deref davincivcprobe This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.3 by commit...

SUSE: Security Advisory (SUSE-SU-2022:2083-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

move_elements can double-free objects on panic

Affected versions of scratchpad used ptr::read to read elements while calling a user provided function f on them. Since the pointer read duplicates ownership, a panic inside the user provided f function could cause a double free when unwinding. The flaw was fixed in commit 891561bea by removing t...