9 matches found
SUSE-SU-2026:21360-1 Security update for libraw
This update for libraw fixes the following issues: - CVE-2026-5342: crafted TIFF/NEF file can cause an out-of-bounds read bsc1261499. - CVE-2026-20884: integer overflow vulnerability in the deflatedngloadraw bsc1261671. - CVE-2026-20889: heap-based buffer overflow vulnerability in the...
CVE-2022-50433 efi: ssdt: Don't free memory if ACPI table was loaded successfully
In the Linux kernel, the following vulnerability has been resolved: efi: ssdt: Don't free memory if ACPI table was loaded successfully Amadeusz reports KASAN use-after-free errors introduced by commit 3881ee0b1edc "efi: avoid efivars layer when loading SSDTs from variables". The problem appears t...
CVE-2021-46938
In the Linux kernel, the following vulnerability has been resolved: dm rq: fix double free of blkmqtagset in dev remove after table load fails When loading a device-mapper table for a request-based mapped device, and the allocation/initialization of the blkmqtagset for the device fails, a followi...
kernel: lockdown: bypass through ACPI write via efivar_ssdt
A flaw was found in how the ACPI table loading through the EFI variable and the related efivarssdt boot option was handled when the Linux kernel was locked down. This flaw allows a root privileged local user to circumvent the kernel lockdown restrictions. The highest threat from this vulnerabilit...
kernel: lockdown: bypass through ACPI write via acpi_configfs
A flaw was found in how the ACPI table loading through acpiconfigfs was handled when the kernel was locked down. This flaw allows a root privileged local user to circumvent the kernel lockdown restrictions. The highest threat from this vulnerability is to data confidentiality and integrity as wel...
CVE-2020-15780
A flaw was found in how the ACPI table loading through acpiconfigfs was handled when the kernel was locked down. This flaw allows a root privileged local user to circumvent the kernel lockdown restrictions. The highest threat from this vulnerability is to data confidentiality and integrity as wel...
CVE-2019-20908
A flaw was found in how the ACPI table loading through the EFI variable and the related efivarssdt boot option was handled when the Linux kernel was locked down. This flaw allows a root privileged local user to circumvent the kernel lockdown restrictions. The highest threat from this vulnerabilit...
USN-3762-1: Linux kernel vulnerabilities
It was discovered that the VirtIO subsystem in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to possibly expose sensitive information kernel memory. CVE-2018-1118 Seunghun Han discovered an information leak in the ACPI handling code in the...
Ubuntu: Security Advisory (USN-3762-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...