EUVD-2022-33328

Malicious code in bioql PyPI...

CVE-2022-49928 SUNRPC: Fix null-ptr-deref when xps sysfs alloc failed

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix null-ptr-deref when xps sysfs alloc failed There is a null-ptr-deref when xps sysfs alloc failed: BUG: KASAN: null-ptr-deref in sysfsdocreatelinksd+0x40/0xd0 Read of size 8 at addr 0000000000000030 by task gssproxy/45...

kernel: use after free in SUNRPC subsystem

A use-after-free flaw was found in the Linux kernel’s net/sunrpc/xprt.c function in the Remote Procedure Call SunRPC protocol. This flaw allows a local attacker to crash the system, leading to a kernel information leak issue...

Oracle Linux 9 : kernel (ELSA-2022-8267)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-8267 advisory. - posix-cpu-timers: Cleanup CPU timers before freeing them during exec Wander Lairson Costa 2116968 CVE-2022-2585 - fix race between exititimers and...

RHEL 9 : kernel (RHSA-2022:8267)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:8267 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: off-path attacker may inject data or...

kernel: use after free in SUNRPC subsystem

A use-after-free flaw was found in the Linux kernel’s net/sunrpc/xprt.c function in the Remote Procedure Call SunRPC protocol. This flaw allows a local attacker to crash the system, leading to a kernel information leak issue...

Ubuntu 20.04 LTS : Linux kernel (Azure CVM) vulnerabilities (USN-5582-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5582-1 advisory. Arthur Mongodin discovered that the netfilter subsystem in the Linux kernel did not properly perform data validation. A local attacker could use this to...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-5566-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5566-1 advisory. Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a rout...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-5544-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5544-1 advisory. It was discovered that the Atheros ath9k wireless device driver in the Linux kernel did not properly handle some error conditions, leading to...

Debian DSA-5161-1 : linux - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5161 advisory. Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2022-0494 Th...

Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on upstream 5.15.41 and fixes at least the following security issues: A flaw was found in unrestricted eBPF usage by the BPFBTFLOAD, leading to a possible out-of-bounds memory write in the Linux kernel BPF subsystem due to the way a user loads BTF. This flaw allo...

The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state.

...

CVE-2022-28893

The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xsxprtfree before ensuring that sockets are in the intended state...

DEBIAN-CVE-2022-28893

The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xsxprtfree before ensuring that sockets are in the intended state...

CVE-2022-28893

The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xsxprtfree before ensuring that sockets are in the intended state...

AZL-9332 CVE-2022-28893 affecting package kernel for versions less than 5.15.41.1-1

The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xsxprtfree before ensuring that sockets are in the intended state...

UBUNTU-CVE-2022-28893

The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xsxprtfree before ensuring that sockets are in the intended state...

Code injection

The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xsxprtfree before ensuring that sockets are in the intended state...