15 matches found
EUVD-2022-54634
Malicious code in bioql PyPI...
CVE-2022-49599 tcp: Fix data-races around sysctl_tcp_l3mdev_accept.
In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctltcpl3mdevaccept. While reading sysctltcpl3mdevaccept, it can be changed concurrently. Thus, we need to add READONCE to its readers...
CVE-2022-49594 tcp: Fix a data-race around sysctl_tcp_mtu_probe_floor.
In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctltcpmtuprobefloor. While reading sysctltcpmtuprobefloor, it can be changed concurrently. Thus, we need to add READONCE to its reader...
CVE-2022-49587
The CVE-2022-49587 entry concerns a data-race in the Linux kernel related to reading sysctl_tcp_notsent_lowat, which could be modified concurrently. The fix is to add READ_ONCE() to the reader, addressing a sysctl data-race in the tcp stack. The vulnerability is rated with CVSS v3.1 metrics indic...
CVE-2022-49575
In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctltcpthinlineartimeouts. While reading sysctltcpthinlineartimeouts, it can be changed concurrently. Thus, we need to add READONCE to its reader...
CVE-2022-49572 tcp: Fix data-races around sysctl_tcp_slow_start_after_idle.
In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctltcpslowstartafteridle. While reading sysctltcpslowstartafteridle, it can be changed concurrently. Thus, we need to add READONCE to its readers...
USN-5779-1 linux-azure, linux-azure-5.15, linux-azure-fde vulnerabilities
It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Jann Horn discovered that the...
USN-5779-1: Linux kernel (Azure) vulnerabilities
It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Jann Horn discovered that the...
USN-5756-3 linux-azure, linux-azure-5.4 vulnerabilities
Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-427...
USN-5755-2 linux-gcp-5.15, linux-gke, linux-gke-5.15 vulnerabilities
It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Jann Horn discovered that the...
USN-5755-2: Linux kernel vulnerabilities
It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Jann Horn discovered that the...
USN-5757-2 linux-aws-hwe, linux-gcp, linux-hwe, linux-oracle vulnerabilities
Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-427...
USN-5756-1 linux, linux-aws, linux-aws-5.4, linux-gcp, linux-gcp-5.4, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerabilities
Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-427...
USN-5755-1 linux, linux-aws, linux-aws-5.15, linux-gcp, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-intel-iotg, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-oracle, linux-oracle-5.15, linux-raspi vulnerabilities
It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Jann Horn discovered that the...
USN-5754-1: Linux kernel vulnerabilities
It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 It was discovered that a memory...