39 matches found
Medium: kernel
Issue Overview: drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stexqueuecommandlck lacks a memset for the PASSTHRUCMD case. CVE-2022-40768 Affected Packages: kernel Note: This advisory is applicable to Amazon...
Important: kernel
Issue Overview: A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function securityinodealloc to fail with following call to function nilfsmdtdestroy. A local user could use this flaw to crash the system or potentially escalate their privileges on the...
Updated kernel packages fix security vulnerabilities
This kernel update is based on upstream 5.15.74 and fixes at least the following security issues: A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root host user-level application to crash the host kernel by creating a confidential guest VM...
The vulnerability of the stex_queuecommand_lck() function in Linux operating systems allows a hacker to gain unauthorized access to protected information.
The vulnerability of the stexqueuecommandlck function in Linux operating systems is related to the disclosure of information in the erroneous data area. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case.
...
DEBIAN-CVE-2022-40768
drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stexqueuecommandlck lacks a memset for the PASSTHRUCMD case...
AZL-10978 CVE-2022-40768 affecting package kernel for versions less than 5.15.82.1-1
drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stexqueuecommandlck lacks a memset for the PASSTHRUCMD case...
CVE-2022-40768
drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stexqueuecommandlck lacks a memset for the PASSTHRUCMD case...
UBUNTU-CVE-2022-40768
drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stexqueuecommandlck lacks a memset for the PASSTHRUCMD case...
PT-2022-4893 · Linux +6 · Linux Kernel +6
Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 5.19.9 Description: The issue is related to the stex queuecommand lck function in the Linux kernel, which is associated with the disclosure of information in an error data area. This can allow an attacker to gain...
Logic Flaw Vulnerability in STeX Exchange ICO
The STeX Exchange ICO STE is an Ether-based digital currency. An integer overflow vulnerability exists in the 'sell' function in STE's smart contract implementation. An attacker could exploit this vulnerability to prevent the seller from accessing the assets due to the exchange...
CVE-2018-14088
An issue was discovered in a smart contract implementation for STeX White List STEWL, an Ethereum token. The contract has an integer overflow. If the owner sets the value of amount to a large number then the "amount 1000000000000000" will cause an integer overflow in withdrawToFounders...
Integer overflow
An issue was discovered in a smart contract implementation for STeX White List STEWL, an Ethereum token. The contract has an integer overflow. If the owner sets the value of amount to a large number then the "amount 1000000000000000" will cause an integer overflow in withdrawToFounders...
CVE-2018-14088
The CVE-2018-14088 issue affects the STeX White List (STE(WL)) Ethereum token smart contract. A vulnerability in withdrawToFounders() arises from an integer overflow when the owner sets amount to a large value, causing amount * 1000000000000000 to overflow. The available sources confirm the overf...
STeX White List Integer Overflow Vulnerability
STeX White List STEWL is an Ether-based digital currency. An integer overflow vulnerability exists in the 'withdrawToFounders' function in the smart contract implementation of STEWL. No detailed vulnerability details are provided at this time...
CVE-2018-13198
The sell function of a smart contract implementation for STeX Exchange ICO STE, an Ethereum token, has an integer overflow in which "amount sellPrice" can be zero, consequently reducing a seller's assets...
Integer overflow
The sell function of a smart contract implementation for STeX Exchange ICO STE, an Ethereum token, has an integer overflow in which "amount sellPrice" can be zero, consequently reducing a seller's assets...
CVE-2018-13198
The CVE-2018-13198 entry concerns a smart contract vulnerability in the STeX Exchange ICO (STE) on Ethereum. The issue is an integer overflow in the sell function, where multiplication of amount by sellPrice can result in zero, thereby reducing a seller’s assets. Documents confirm the affected co...
CVE-2018-13198
The sell function of a smart contract implementation for STeX Exchange ICO STE, an Ethereum token, has an integer overflow in which "amount sellPrice" can be zero, consequently reducing a seller's assets...