1534 matches found
CVE-2024-36957
In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: avoid off-by-one read from userspace We try to access count + 1 byte from userspace with memdupuserbuffer, count + 1. However, the userspace only provides buffer of count bytes and only these count bytes are verifie...
CVE-2024-36899
In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: Fix use after free in lineinfochangednotify The use-after-free issue occurs as follows: when the GPIO chip device file is being closed by invoking gpiochrdevrelease, watchedlines is freed by bitmapfree, but the...
UBUNTU-CVE-2024-36957
In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: avoid off-by-one read from userspace We try to access count + 1 byte from userspace with memdupuserbuffer, count + 1. However, the userspace only provides buffer of count bytes and only these count bytes are verifie...
CVE-2024-36957 octeontx2-af: avoid off-by-one read from userspace
In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: avoid off-by-one read from userspace We try to access count + 1 byte from userspace with memdupuserbuffer, count + 1. However, the userspace only provides buffer of count bytes and only these count bytes are verifie...
CVE-2024-36957 octeontx2-af: avoid off-by-one read from userspace
In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: avoid off-by-one read from userspace We try to access count + 1 byte from userspace with memdupuserbuffer, count + 1. However, the userspace only provides buffer of count bytes and only these count bytes are verifie...
CVE-2024-36957 octeontx2-af: avoid off-by-one read from userspace
In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: avoid off-by-one read from userspace We try to access count + 1 byte from userspace with memdupuserbuffer, count + 1. However, the userspace only provides buffer of count bytes and only these count bytes are verifie...
CVE-2024-36899 gpiolib: cdev: Fix use after free in lineinfo_changed_notify
In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: Fix use after free in lineinfochangednotify The use-after-free issue occurs as follows: when the GPIO chip device file is being closed by invoking gpiochrdevrelease, watchedlines is freed by bitmapfree, but the...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the octeontx2-af module avoiding reads from userspace one by one...
kernel: netfilter: nf_tables: disallow anonymous set with timeout flag
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: disallow anonymous set with timeout flag Anonymous sets are never used with timeout from userspace, reject this. Exception to this rule is NFTSETEVAL to ensure legacy meters still work...
SUSE CVE-2021-47360
In the Linux kernel, the following vulnerability has been resolved: binder: make sure fd closes complete During BCFREEBUFFER processing, the BINDERTYPEFDA object cleanup may close 1 or more fds. The close operations are completed using the task work mechanism -- which means the thread needs to...
USN-6777-4: Linux kernel (HWE) vulnerabilities
Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service system crash. CVE-2023-47233 Several...
USN-6777-4 linux-aws-hwe vulnerabilities
Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service system crash. CVE-2023-47233 Several...
kernel: netfilter: nf_tables: disallow anonymous set with timeout flag
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: disallow anonymous set with timeout flag Anonymous sets are never used with timeout from userspace, reject this. Exception to this rule is NFTSETEVAL to ensure legacy meters still work...
SUSE CVE-2021-47272
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Bail from dwc3gadgetexit if dwc-gadget is NULL There exists a possible scenario in which dwc3gadgetinit can fail: during during host - peripheral mode switch in dwc3setmode, and a pending gadget driver fails to...
Ubuntu 16.04 LTS : Linux kernel (HWE) vulnerabilities (USN-6777-4)
The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6777-4 advisory. Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use-...
CVE-2021-47326
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority for the following reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
kernel: KVM: information leak in KVM_GET_DEBUGREGS ioctl on 32-bit systems
A flaw was found in KVM. When calling the KVMGETDEBUGREGS ioctl, on 32-bit systems, there might be some uninitialized portions of the kvmdebugregs structure that could be copied to userspace, causing an information leak...
USN-6777-3: Linux kernel (GCP) vulnerabilities
Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service system crash. CVE-2023-47233 Several...
USN-6777-3 linux-gcp vulnerabilities
Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service system crash. CVE-2023-47233 Several...
CVE-2023-52861
In CVE-2023-52861, the Linux kernel DRM bridge it66121 had a NULL pointer dereference when no monitor is connected and the sound card is opened from userspace. The fix returns an empty EDID buffer (zeros) to the sound framework when no connector is attached, preventing the dereference and its pot...