Lucene search
K

141 matches found

RedHat Linux
RedHat Linux
added 2024/01/25 8:13 a.m.3 views

kernel: net/sched: sch_qfq component can be exploited if in qfq_change_agg function happens qfq_enqueue overhead

An out-of-bounds memory write flaw was found in qfqchangeagg in net/sched/schqfq.c in the Traffic Control QoS subsystem in the Linux kernel. This flaw allows a local user to crash or potentially escalate their privileges on the system...

7.8CVSS6.7AI score0.00274EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/01/23 5:33 p.m.2 views

kernel: net/sched: sch_qfq component can be exploited if in qfq_change_agg function happens qfq_enqueue overhead

An out-of-bounds memory write flaw was found in qfqchangeagg in net/sched/schqfq.c in the Traffic Control QoS subsystem in the Linux kernel. This flaw allows a local user to crash or potentially escalate their privileges on the system...

7.8CVSS6.7AI score0.00274EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/01/11 12:0 a.m.6 views

PT-2024-1091 · D Link · D-Link Dcs-8300Lhv2

Name of the Vulnerable Software and Affected Versions: D-Link DCS-8300LHV2 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DCS-8300LHV2 IP cameras. Although authentication is required to exploi...

8CVSS7.6AI score0.01707EPSS
Exploits0References8
Amazon
Amazon
added 2023/12/04 12:0 a.m.10 views

Medium: virtuoso-opensource

Issue Overview: An issue in the libcmalloc component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements. CVE-2023-31607 An issue in the dfeunitcolloci component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Deni...

7.5CVSS7.6AI score0.00905EPSS
Exploits19
RedHat Linux
RedHat Linux
added 2023/11/21 3:12 p.m.5 views

kernel: net/sched: sch_qfq component can be exploited if in qfq_change_agg function happens qfq_enqueue overhead

An out-of-bounds memory write flaw was found in qfqchangeagg in net/sched/schqfq.c in the Traffic Control QoS subsystem in the Linux kernel. This flaw allows a local user to crash or potentially escalate their privileges on the system...

7.8CVSS6.7AI score0.00274EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/11/14 3:24 p.m.3 views

kernel: net/sched: sch_qfq component can be exploited if in qfq_change_agg function happens qfq_enqueue overhead

An out-of-bounds memory write flaw was found in qfqchangeagg in net/sched/schqfq.c in the Traffic Control QoS subsystem in the Linux kernel. This flaw allows a local user to crash or potentially escalate their privileges on the system...

7.8CVSS6.7AI score0.00274EPSS
Exploits0References5
Amazon
Amazon
added 2023/11/01 12:0 a.m.8 views

Important: kernel-livepatch-4.14.322-244.539

Issue Overview: A use-after-free vulnerability in the Linux kernel's net/sched: clsfw component can be exploited to achieve local privilege escalation. When fwchange is called on an existing filter, the whole tcfresult struct is always copied into the new instance of the filter. This causes a...

7.8CVSS6.6AI score0.00549EPSS
Exploits2
BDU FSTEC
BDU FSTEC
added 2023/09/19 12:0 a.m.4 views

The vulnerability of the qfq_dequeue() function in the net/sched/sch_plug.c module of the Linux kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information, or enhance their privileges.

The vulnerability of the qfqdequeue function in the net/sched/schplug.c module of the Linux kernel is related to the use of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information, or t...

7.8CVSS6.5AI score0.00396EPSS
Exploits1References14Affected Software4
Microsoft CVE
Microsoft CVE
added 2023/09/15 7:0 a.m.8 views

Use-after-free in Linux kernel's net/sched: sch_qfq component

...

7.8CVSS6.9AI score0.00396EPSS
Exploits1
OSV
OSV
added 2023/09/12 8:15 p.m.1 views

DEBIAN-CVE-2023-4921

A use-after-free vulnerability in the Linux kernel's net/sched: schqfq component can be exploited to achieve local privilege escalation. When the plug qdisc is used as a class of the qfq qdisc, sending network packets triggers use-after-free in qfqdequeue due to the incorrect .peek handler of...

7.8CVSS6.5AI score0.00396EPSS
Exploits1References1
Amazon
Amazon
added 2023/08/07 12:0 a.m.4 views

Important: kernel

Issue Overview: An issue in "Zen 2" CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information. CVE-2023-20593 An out-of-bounds write vulnerability in the Linux kernel's net/sched: schqfq component can be exploited to achieve local...

7.8CVSS6.8AI score0.0616EPSS
Exploits2
OSV
OSV
added 2023/07/21 9:15 p.m.1 views

DEBIAN-CVE-2023-3611

An out-of-bounds write vulnerability in the Linux kernel's net/sched: schqfq component can be exploited to achieve local privilege escalation. The qfqchangeagg function in net/sched/schqfq.c allows an out-of-bounds write because lmax is updated according to packet sizes without bounds checks. We...

7.8CVSS6.5AI score0.00274EPSS
Exploits0References1
OSV
OSV
added 2023/07/21 9:15 p.m.3 views

UBUNTU-CVE-2023-3611

An out-of-bounds write vulnerability in the Linux kernel's net/sched: schqfq component can be exploited to achieve local privilege escalation. The qfqchangeagg function in net/sched/schqfq.c allows an out-of-bounds write because lmax is updated according to packet sizes without bounds checks. We...

7.8CVSS7AI score0.00274EPSS
Exploits0References27
Positive Technologies
Positive Technologies
added 2023/05/09 12:0 a.m.2 views

PT-2025-13367 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to the fixed version Description: A use-after-free issue has been identified in the Linux kernel, specifically in the sch taprio component. This issue occurs when a taprio qdisc is installed with an invalid TCA RAT...

8.8CVSS7.2AI score0.03882EPSS
Exploits20References690
Openbugbounty
Openbugbounty
added 2023/03/11 8:40 a.m.15 views

crosby-on-eden.cumbria.sch.uk Cross Site Scripting vulnerability OBB-3217584

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Exploits0
Positive Technologies
Positive Technologies
added 2023/02/13 12:0 a.m.1 views

PT-2023-35013 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.9 Description: A potential issue exists in the Linux Kernel, specifically in the sch taprio component of the net/sched module. The problem is related to a possible use-after-free scenario. The actual impact...

7.3AI score
Exploits0References1
OSV
OSV
added 2023/01/17 9:15 p.m.7 views

AZL-13050 CVE-2022-47929 affecting package kernel for versions less than 5.15.92.1-1

In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service system crash via a crafted traffic control configuration that is set up with "tc qdisc" and "tc class" commands. This affects qdiscgraft in...

5.5CVSS6.6AI score0.00964EPSS
Exploits1References1
OSV
OSV
added 2023/01/17 9:15 p.m.1 views

DEBIAN-CVE-2022-47929

In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service system crash via a crafted traffic control configuration that is set up with "tc qdisc" and "tc class" commands. This affects qdiscgraft in...

5.5CVSS6.2AI score0.00964EPSS
Exploits1References1
OSV
OSV
added 2023/01/12 7:15 a.m.1 views

DEBIAN-CVE-2023-23454

cbqclassify in net/sched/schcbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service slab-out-of-bounds read because of type confusion non-negative numbers can sometimes indicate a TCACTSHOT condition rather than valid classification results...

5.5CVSS6.2AI score0.00312EPSS
Exploits0References1
Openbugbounty
Openbugbounty
added 2022/12/11 9:51 a.m.15 views

redhill.bromley.sch.uk Cross Site Scripting vulnerability OBB-3094333

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Rows per page
Query Builder