AlmaLinux 9 : kernel-rt (ALSA-2023:0979)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:0979 advisory. - An out-of-bounds memory access flaw was found in the Linux kernel Intel's iSMT SMBus host controller driver in the way a user triggers the...

RHEL 9 : kernel (RHSA-2023:0951)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0951 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: use-after-free caused by...

kernel: stack overflow in do_proc_dointvec and proc_skip_spaces

A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system...

Slackware Linux 15.0 kernel-generic Multiple Vulnerabilities (SSA:2023-048-01)

The version of kernel-generic installed on the remote host is prior to 5.15.94 / 5.15.94smp. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-048-01 advisory. - A flaw was found in the KVM's AMD nested virtualization SVM. A malicious L1 guest could purposely fa...

SUSE CVE-2022-4378

A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system...

Ubuntu 22.10 : Linux kernel (Raspberry Pi) vulnerabilities (USN-5832-1)

The remote Ubuntu 22.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5832-1 advisory. Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a...

Amazon Linux 2 : kernel (ALASKERNEL-5.10-2023-025)

The version of kernel installed on the remote host is prior to 5.10.162-141.675. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2023-025 advisory. A vulnerability classified as problematic has been found in Linux Kernel. This affects the function...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-5814-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5814-1 advisory. Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use...

Ubuntu 20.04 LTS : Linux kernel (OEM) vulnerabilities (USN-5809-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5809-1 advisory. Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause...

A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system.

...

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2023-12017)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12017 advisory. - proc: procskipspaces shouldn't think it is working on C strings Linus Torvalds Orabug: 34882775 CVE-2022-4378 - proc: avoid integer type confusi...

Oracle Linux 7 : Unbreakable Enterprise kernel-container (ELSA-2023-12006)

The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2023-12006 advisory. - proc: procskipspaces shouldn't think it is working on C strings Linus Torvalds Orabug: 34882780 CVE-2022-4378 - proc: avoid integer type confusion in...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2023-12008)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12008 advisory. - proc: procskipspaces shouldn't think it is working on C strings Linus Torvalds Orabug: 34882779 CVE-2022-4378 - proc: avoid integer type confusi...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2023-12009)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12009 advisory. - proc: procskipspaces shouldn't think it is working on C strings Linus Torvalds Orabug: 34882779 CVE-2022-4378 - proc: avoid integer type confusi...

Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2023-12007)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-12007 advisory. - proc: procskipspaces shouldn't think it is working on C strings Linus Torvalds Orabug: 34882780 CVE-2022-4378 - proc: avoid integer type confusion in...

DEBIAN-CVE-2022-4378

A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system...

CVE-2022-4378

A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system...

UBUNTU-CVE-2022-4378

A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system...

CVE-2022-4378

CVE-2022-4378 is a Linux kernel stack overflow flaw in the SYSCTL subsystem triggered by how a user changes certain kernel parameters, allowing a local user to crash the system or potentially escalate privileges. Public advisories (ALSA and CloudLinux entries) confirm the issue affects stack over...

CVE-2022-4378

A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system...