112 matches found
kernel: use-after-free in net/atm/ioctl.c
A use-after-free flaw was found in the Linux kernel's net/atm/ioctl.c ATM networking technology driver: dovccioctl in net/atm/ioctl.c is vulnerable to use-after-free due to a race condition in vccrecvmsg. This issue can allow an attacker to possibly gain unauthorized access, escalate privileges, ...
DEBIAN-CVE-2023-52789
In the Linux kernel, the following vulnerability has been resolved: tty: vcc: Add check for kstrdup in vccprobe Add check for the return value of kstrdup and return the error, if it fails in order to avoid NULL pointer dereference...
UBUNTU-CVE-2023-52789
In the Linux kernel, the following vulnerability has been resolved: tty: vcc: Add check for kstrdup in vccprobe Add check for the return value of kstrdup and return the error, if it fails in order to avoid NULL pointer dereference...
CVE-2023-52789 tty: vcc: Add check for kstrdup() in vcc_probe()
In the Linux kernel, the following vulnerability has been resolved: tty: vcc: Add check for kstrdup in vccprobe Add check for the return value of kstrdup and return the error, if it fails in order to avoid NULL pointer dereference...
CVE-2023-52789 tty: vcc: Add check for kstrdup() in vcc_probe()
In the Linux kernel, the following vulnerability has been resolved: tty: vcc: Add check for kstrdup in vccprobe Add check for the return value of kstrdup and return the error, if it fails in order to avoid NULL pointer dereference...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a data validation vulnerability in the tty:vcc module...
kernel: use-after-free in net/atm/ioctl.c
A use-after-free flaw was found in the Linux kernel's net/atm/ioctl.c ATM networking technology driver: dovccioctl in net/atm/ioctl.c is vulnerable to use-after-free due to a race condition in vccrecvmsg. This issue can allow an attacker to possibly gain unauthorized access, escalate privileges, ...
OESA-2024-1085 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: A flaw was found in the Bluetooth subsystem of the Linux kernel. A race condition between the btsockrecvmsg and btsockioctl functions could lead to a use-after-free on a socket buffer "skb". This flaw allows a local user to cause...
OESA-2024-1084 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: A flaw was found in the Bluetooth subsystem of the Linux kernel. A race condition between the btsockrecvmsg and btsockioctl functions could lead to a use-after-free on a socket buffer "skb". This flaw allows a local user to cause...
OESA-2024-1083 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: A flaw was found in the Bluetooth subsystem of the Linux kernel. A race condition between the btsockrecvmsg and btsockioctl functions could lead to a use-after-free on a socket buffer "skb". This flaw allows a local user to cause...
An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg race condition.
...
CVE-2023-51780
An issue was discovered in the Linux kernel before 6.6.8. dovccioctl in net/atm/ioctl.c has a use-after-free because of a vccrecvmsg race condition...
CVE-2023-51780
An issue was discovered in the Linux kernel before 6.6.8. dovccioctl in net/atm/ioctl.c has a use-after-free because of a vccrecvmsg race condition...
UBUNTU-CVE-2023-51780
An issue was discovered in the Linux kernel before 6.6.8. dovccioctl in net/atm/ioctl.c has a use-after-free because of a vccrecvmsg race condition...
CVE-2022-48020
Vinteo VCC v2.36.4 was discovered to contain a reflected cross-site scripting XSS vulnerability via the conference parameter. This vulnerability allows attackers to inject arbitrary code which will be executed by the victim user's browser...
CVE-2022-48020
Vinteo VCC v2.36.4 was discovered to contain a reflected cross-site scripting XSS vulnerability via the conference parameter. This vulnerability allows attackers to inject arbitrary code which will be executed by the victim user's browser...
Cross site scripting
Vinteo VCC v2.36.4 was discovered to contain a reflected cross-site scripting XSS vulnerability via the conference parameter. This vulnerability allows attackers to inject arbitrary code which will be executed by the victim user's browser...
CVE-2022-48020
Vinteo VCC v2.36.4 was discovered to contain a reflected cross-site scripting XSS vulnerability via the conference parameter. This vulnerability allows attackers to inject arbitrary code which will be executed by the victim user's browser...
Vinteo VCC 跨站脚本漏洞
Vinteo VCC is a video conferencing application from Vinteo. A security vulnerability exists in Vinteo VCC version v2.36.4, which stems from the discovery of a cross-site scripting XSS vulnerability contained via the conference parameter. An attacker can exploit the vulnerability to inject arbitra...
CVE-2022-48020
CVE-2022-48020 affects Vinteo VCC v2.36.4. The vulnerability is a reflected cross-site scripting (XSS) flaw exposed via the conference parameter, allowing an attacker to inject code that runs in the victim’s browser. According to the sources, the attack is network-based with low attack complexity...