89 matches found
CVE-2022-2318
CVE-2022-2318 is a use-after-free vulnerability in the Linux kernel's Rose (net/rose/rose_timer.c) timer handler that can cause denial of service (crash) with local privileges. Connected advisories confirm the vulnerability affects Linux kernel releases and note fixed versions: Debian security ad...
CVE-2022-2318
There are use-after-free vulnerabilities caused by timer handler in net/rose/rosetimer.c of linux that allow attackers to crash linux kernel without any privileges...
PT-2022-5551 · Linux +5 · Linux +5
Name of the Vulnerable Software and Affected Versions: linux affected versions not specified Description: The issue is related to use-after-free vulnerabilities caused by a timer handler in the net/rose/rose timer.c component of the Linux kernel. This allows attackers to crash the Linux kernel...
PT-2021-8031 · Linux +4 · Linux Kernel +4
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.4 Description: A use-after-free vulnerability has been identified in the Linux kernel. The issue arises when the ipv4 mib exit net function is called before tcp sk exit batch during the destruction of a net...
ACRN post-release reuse vulnerability (CNVD-2021-49149)
ACRN is an open source project released by the Linux Foundation, which is a hypervisor designed for IoT and embedded devices. A post-release reuse vulnerability exists in the polling timer handler in ACRN related to devicemodel/hw/pci/virtio/.c. The vulnerability is not known. No detailed...
Design/Logic Flaw
The polling timer handler in ACRN before 2.5 has a use-after-free for a freed virtio device, related to devicemodel/hw/pci/virtio/.c...
CVE-2021-36144
CVE-2021-36144 affects the ACRN hypervisor prior to 2.5. The issue is described as a use-after-free involving a freed virtio device in the polling timer handler, within devicemodel/hw/pci/virtio/*.c. The connected sources confirm this root cause and timeline, but do not provide exploitation detai...
ACRN 资源管理错误漏洞
ACRN is an open source project released by the Linux Foundation, which is a hypervisor designed for IoT and embedded devices. A post-release reuse vulnerability exists in the polling timer handler in ACRN related to devicemodel/hw/pci/virtio/.c. The vulnerability is not known. No detailed...
PT-2024-11352 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a possible use-after-free in the nicstar cleanup function. The problem arises because the del timer function does not wait for the timer handler to finish, whic...