77 matches found
CVE-2020-23595
Cross Site Request Forgery CSRF vulnerability in yzmcms version 5.6, allows remote attackers to escalate privileges and gain sensitive information sitemodel/add.html endpoint...
GSD-2023-1001894 perf/x86/amd: fix potential integer overflow on shift of a int
perf/x86/amd: fix potential integer overflow on shift of a int This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.9 by commit...
PT-2023-34970 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v5.6 through v6.1.8 Description: The issue is related to a potential integer overflow on shift of an int in the perf/x86/amd component. The actual impact and attack plausibility have not yet been proven. Recommendations:...
GSD-2023-1000676 uio: uio_dmem_genirq: Fix missing unlock in irq configuration
uio: uiodmemgenirq: Fix missing unlock in irq configuration This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...
GSD-2023-1000407 gpio: sifive: Fix refcount leak in sifive_gpio_probe
gpio: sifive: Fix refcount leak in sifivegpioprobe This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.19 by commit...
PT-2023-33547 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v5.6 through v6.0.17 Description: The issue is related to an out-of-bound write on action data.var ref idx. It was introduced in version v5.6 and fixed in version v6.0.18. The actual impact and attack plausibility have n...
GSD-2022-1008038 tracing: Fix memory leak in test_gen_synth_cmd() and test_empty_synth_event()
tracing: Fix memory leak in testgensynthcmd and testemptysynthevent This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.156 by commit...
GSD-2022-1007897 tracing: Fix memory leak in test_gen_synth_cmd() and test_empty_synth_event()
tracing: Fix memory leak in testgensynthcmd and testemptysynthevent This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.80 by commit...
GSD-2022-1007894 tracing: kprobe: Fix potential null-ptr-deref on trace_event_file in kprobe_event_gen_test_exit()
tracing: kprobe: Fix potential null-ptr-deref on traceeventfile in kprobeeventgentestexit This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15....
GSD-2022-1007760 io_uring: calculate CQEs from the user visible value
iouring: calculate CQEs from the user visible value This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.10 by commit...
PT-2022-35976 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v5.6 through v6.0.9 Description: A memory leak issue was discovered in the tracing component, specifically in the test gen synth cmd and test empty synth event functions. This issue was introduced in version v5.6 and is...
GSD-2022-1006532 dmaengine: ti: k3-udma-private: Fix refcount leak bug in of_xudma_dev_get()
dmaengine: ti: k3-udma-private: Fix refcount leak bug in ofxudmadevget This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.12 by commit...
GSD-2022-1006488 dmaengine: ti: k3-udma-private: Fix refcount leak bug in of_xudma_dev_get()
dmaengine: ti: k3-udma-private: Fix refcount leak bug in ofxudmadevget This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0 by commit...
GSD-2022-1005615 wireguard: allowedips: don't corrupt stack when detecting overflow
wireguard: allowedips: don't corrupt stack when detecting overflow This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.61 by commit...
GSD-2022-1005268 wireguard: allowedips: don't corrupt stack when detecting overflow
wireguard: allowedips: don't corrupt stack when detecting overflow This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.2 by commit...
GSD-2022-1004477 netfilter: use get_random_u32 instead of prandom
netfilter: use getrandomu32 instead of prandom This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.51 by commit...
GSD-2022-1003564 dmaengine: idxd: Fix the error handling path in idxd_cdev_register()
dmaengine: idxd: Fix the error handling path in idxdcdevregister This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.121 by commit...
GSD-2022-1003025 dmaengine: idxd: Fix the error handling path in idxd_cdev_register()
dmaengine: idxd: Fix the error handling path in idxdcdevregister This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.14 by commit...
GSD-2022-1001856 drm/amd/display: Add affected crtcs to atomic state for dsc mst unplug
drm/amd/display: Add affected crtcs to atomic state for dsc mst unplug This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.33 by commit...
GSD-2022-1001758 wireguard: socket: free skb in send6 when ipv6 is disabled
wireguard: socket: free skb in send6 when ipv6 is disabled This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.33 by commit...