36 matches found
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15
A issue was discovered in the Linux kernel before version 5.19. In the pxa3xxgcuwrite function in drivers/video/fbdev/pxa3xx-gcu.c, the count parameter has a type conflict between sizet and int, which causes an integer overflow and bypasses the size check. Additionally, since this parameter is us...
USN-6007-1: Linux kernel (GCP) vulnerabilities
It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...
SUSE CVE-2022-39842
An issue was discovered in the Linux kernel before 5.19. In pxa3xxgcuwrite in drivers/video/fbdev/pxa3xx-gcu.c, the count parameter has a type conflict of sizet versus int, causing an integer overflow and bypassing the size check. After that, because it is used as the third argument to...
USN-5865-1: Linux kernel (Azure) vulnerabilities
It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 V4L2 implementation in the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-20369 Pawan Kumar Gupta, Alyssa Milburn, Ami...
USN-5862-1: Linux kernel (Qualcomm Snapdragon) vulnerabilities
It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 V4L2 implementation in the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-20369 Pawan Kumar Gupta, Alyssa Milburn, Ami...
USN-5861-1: Linux kernel (Dell300x) vulnerabilities
It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Tamás Koczka discovered that th...
Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-5854-1)
The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5854-1 advisory. It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 V4L2 implementation in the Linux kernel. A local attacker...
Ubuntu 18.04 LTS : Linux kernel (Qualcomm Snapdragon) vulnerabilities (USN-5862-1)
The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5862-1 advisory. It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 V4L2 implementation in the Linux kernel. A local attacker...
ASB-A-245928838
In pxa3xxgcuwrite of pxa3xx-gcu.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
USN-5791-3 linux-azure-5.4, linux-azure-fde vulnerabilities
It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-20421 David Leadbeater...
USN-5792-2: Linux kernel vulnerabilities
Mingwei Zhang discovered that the KVM implementation for AMD processors in the Linux kernel did not properly handle cache coherency with Secure Encrypted Virtualization SEV. A local attacker could possibly use this to cause a denial of service host system crash. CVE-2022-0171 It was discovered th...
Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-5792-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5792-1 advisory. Mingwei Zhang discovered that the KVM implementation for AMD processors in the Linux kernel did not properly handle cache coherency with Secu...
USN-5792-1: Linux kernel vulnerabilities
Mingwei Zhang discovered that the KVM implementation for AMD processors in the Linux kernel did not properly handle cache coherency with Secure Encrypted Virtualization SEV. A local attacker could possibly use this to cause a denial of service host system crash. CVE-2022-0171 It was discovered th...
Important: kernel
Issue Overview: In v4l2m2mquerybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Andro...
Important: kernel
Issue Overview: A use-after-free flaw was found in the Linux kernel's Unix socket Garbage Collection and iouring. This flaw allows a local user to crash or potentially escalate their privileges on the system. CVE-2022-2602 A flaw was found in hw. The unprotected alternative channel of return bran...
Important: kernel
Issue Overview: A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root host user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization SEV. CVE-2022-0171 A...
Updated kernel packages fix security vulnerabilities
This kernel update is based on upstream 5.15.74 and fixes at least the following security issues: A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root host user-level application to crash the host kernel by creating a confidential guest VM...
Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 5.15.74 and fixes at least the following security issues: A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root host user-level application to crash the host kernel by creating a confidential guest V...
OESA-2022-1985 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: A use-after-free flaw was found in fs/ext4/namei.c:dxinsertblock in the Linux kernel’s filesystem sub-component. This flaw allows a local attacker with a user privilege to cause a denial of service.CVE-2022-1184 An issue was...
OESA-2022-1927 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: An issue was discovered in the Linux kernel before 5.19. In pxa3xxgcuwrite in drivers/video/fbdev/pxa3xx-gcu.c, the count parameter has a type conflict of sizet versus int, causing an integer overflow and bypassing the size check...