Lucene search
+L

63 matches found

Prion
Prion
added 2024/02/29 6:15 a.m.19 views

Race condition

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix race condition between session lookup and expire Thread A + Thread B ksmbdsessionlookup | smb2sesssetup sess = xaload | | | xaerase&conn-sessions, sess-id; | | ksmbdsessiondestroysess -- kfreesess | // UAF! |...

6.7AI score0.0018EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2024/02/29 6:15 a.m.35 views

CVE-2023-52480

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix race condition between session lookup and expire Thread A + Thread B ksmbdsessionlookup | smb2sesssetup sess = xaload | | | xaerase&conn-sessions, sess-id; | | ksmbdsessiondestroysess -- kfreesess | // UAF! |...

7CVSS6.4AI score0.0018EPSS
Exploits0References4
OSV
OSV
added 2024/02/29 6:15 a.m.6 views

UBUNTU-CVE-2023-52480

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix race condition between session lookup and expire Thread A + Thread B ksmbdsessionlookup | smb2sesssetup sess = xaload | | | xaerase&conn-sessions, sess-id; | | ksmbdsessiondestroysess -- kfreesess | // UAF! |...

7CVSS6.2AI score0.0018EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/02/29 5:43 a.m.17 views

CVE-2023-52480 ksmbd: fix race condition between session lookup and expire

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix race condition between session lookup and expire Thread A + Thread B ksmbdsessionlookup | smb2sesssetup sess = xaload | | | xaerase&conn-sessions, sess-id; | | ksmbdsessiondestroysess -- kfreesess | // UAF! |...

6.7AI score0.0018EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/02/29 5:43 a.m.33 views

CVE-2023-52480 ksmbd: fix race condition between session lookup and expire

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix race condition between session lookup and expire Thread A + Thread B ksmbdsessionlookup | smb2sesssetup sess = xaload | | | xaerase&conn-sessions, sess-id; | | ksmbdsessiondestroysess -- kfreesess | // UAF! |...

9.4AI score0.0018EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/10/04 12:0 a.m.9 views

PT-2023-9489 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a race condition between session lookup and expire in the ksmbd component of the Linux kernel. This can lead to a use-after-free UAF condition, potentially...

9.8CVSS6.5AI score0.17442EPSS
Exploits0References167
RedHat Linux
RedHat Linux
added 2023/04/05 7:42 p.m.49 views

Important: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...

7.9CVSS7.2AI score0.03702EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2023/04/05 2:8 p.m.45 views

Important: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

7.9CVSS7.2AI score0.0788EPSS
Exploits15References5
RedHat Linux
RedHat Linux
added 2023/04/05 2:8 p.m.11 views

ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF

A use-after-free flaw was found in sndctlelemread in sound/core/control.c in Advanced Linux Sound Architecture ALSA subsystem in the Linux kernel. In this flaw a normal privileged, local attacker may impact the system due to a locking issue in the compat path, leading to a kernel information leak...

7.9CVSS6.6AI score0.03702EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/04/04 9:11 a.m.9 views

ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF

A use-after-free flaw was found in sndctlelemread in sound/core/control.c in Advanced Linux Sound Architecture ALSA subsystem in the Linux kernel. In this flaw a normal privileged, local attacker may impact the system due to a locking issue in the compat path, leading to a kernel information leak...

7.9CVSS6.6AI score0.03702EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/04/04 6:59 a.m.10 views

ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF

A use-after-free flaw was found in sndctlelemread in sound/core/control.c in Advanced Linux Sound Architecture ALSA subsystem in the Linux kernel. In this flaw a normal privileged, local attacker may impact the system due to a locking issue in the compat path, leading to a kernel information leak...

7.9CVSS6.6AI score0.03702EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/03/27 8:33 a.m.10 views

ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF

A use-after-free flaw was found in sndctlelemread in sound/core/control.c in Advanced Linux Sound Architecture ALSA subsystem in the Linux kernel. In this flaw a normal privileged, local attacker may impact the system due to a locking issue in the compat path, leading to a kernel information leak...

7.9CVSS6.6AI score0.03702EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/03/27 8:13 a.m.10 views

ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF

A use-after-free flaw was found in sndctlelemread in sound/core/control.c in Advanced Linux Sound Architecture ALSA subsystem in the Linux kernel. In this flaw a normal privileged, local attacker may impact the system due to a locking issue in the compat path, leading to a kernel information leak...

7.9CVSS6.6AI score0.03702EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:6 a.m.4 views

SUSE CVE-2019-19318

In the Linux kernel 5.3.11, mounting a crafted btrfs image twice can cause an rwsemdownwriteslowpath use-after-free because in rwsemcanspinonowner in kernel/locking/rwsem.c rwsemownerflags returns an already freed pointer,...

5.5CVSS6.6AI score0.00645EPSS
Exploits1References15
OSV
OSV
added 2023/01/17 6:55 p.m.14 views

GSD-2023-1001230 ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF

ALSA: pcm: Move rwsem lock inside sndctlelemread to prevent UAF This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.163 by commit...

7.2AI score
Exploits0
Positive Technologies
Positive Technologies
added 2021/10/08 12:0 a.m.11 views

PT-2021-6407 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.15.3 Description: The issue is related to the use of memory after it has been freed in the Linux kernel, specifically in the fs/quota/quota tree.c component. This occurs when checking the block number in the...

9.8CVSS7.5AI score0.89063EPSS
Exploits327References1528
BDU FSTEC
BDU FSTEC
added 2020/03/18 12:0 a.m.6 views

Vulnerability of the rwsem_down_write_slowpath function (kernel/locking/rwsem.c) in the Linux operating system’s kernel, allowing a hacker to cause a service failure

The vulnerability of the rwsemdownwriteslowpath function in the Linux kernel’s locking/rwsem.c file relates to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.5AI score0.00645EPSS
Exploits1References13Affected Software2
Positive Technologies
Positive Technologies
added 2020/02/24 12:0 a.m.12 views

PT-2020-1812 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions 3.16 through 5.5.6 Description: An issue in the Linux kernel leads to an out-of-bounds read because the FDC index is not checked for errors before assigning it. This issue is related to the set fdc function in...

10CVSS7.6AI score0.78684EPSS
Exploits173References1556
UbuntuCve
UbuntuCve
added 2019/11/28 12:15 a.m.27 views

CVE-2019-19318

In the Linux kernel 5.3.11, mounting a crafted btrfs image twice can cause an rwsemdownwriteslowpath use-after-free because in rwsemcanspinonowner in kernel/locking/rwsem.c rwsemownerflags returns an already freed pointer,...

4.4CVSS6.7AI score0.00645EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2019/05/14 8:48 p.m.111 views

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support, Red Hat Enterprise Linux 7.3 Telco Extended Update Support, and Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impac...

5.9CVSS7AI score0.01553EPSS
Exploits0References6
Rows per page
Query Builder