7 matches found
kernel: tcindex: use-after-free vulnerability in traffic control index filter allows privilege escalation
A use-after-free vulnerability was found in the traffic control index filter tcindex in the Linux kernel. The imperfect hash area can be updated while packets are traversing. This issue could allow a local attacker to cause a use-after-free problem, leading to privilege escalation...
USN-6070-1 linux-azure-fde-5.15, linux-raspi vulnerabilities
It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the...
OESA-2023-1251 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: An out-of-boundsOOB memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfxkms.c in GPU component in the Linux kernel with device file '/dev/dri/renderD128 or Dxxx'. This flaw allows a local attacker...
The vulnerability of the indexing filter of the traffic control system tcindex (net/sched/cls_tcindex.c) in the Linux operating system allows a hacker to increase their privileges.
The vulnerability of the indexing filter in the tcindex traffic control system net/sched/clstcindex.c in the Linux operating system is related to improper handling of filters, resulting in the re-release of previously released memory. Exploiting this vulnerability can allow an attacker to increas...
OESA-2023-1197 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return...
USN-5977-1 linux-oem-6.0 vulnerabilities
It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-1281 It was discovered that the KVM VMX...
Important: kernel
Issue Overview: A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM L0 advertising eIBRS support to L1. An attacker at L...