Lucene search
K

112 matches found

UbuntuCve
UbuntuCve
added 2022/08/25 12:0 a.m.32 views

CVE-2022-2959

A race condition was found in the Linux kernel's watch queue due to a missing lock in piperesizering. The specific flaw exists within the handling of pipe buffers. The issue results from the lack of proper locking when performing operations on an object. This flaw allows a local user to crash the...

7CVSS6.7AI score0.00361EPSS
Exploits0References8
Zero Day Initiative
Zero Day Initiative
added 2022/08/24 12:0 a.m.37 views

Linux Kernel Watch Queue Race Condition Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of pipe...

7.8CVSS3.1AI score0.00361EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2022/08/23 7:10 p.m.271 views

CVE-2022-2959

A race condition was found in the Linux kernel's watch queue due to a missing lock in the piperesizering. The race condition occurs when a thread uses ioctlIOCWATCHQUEUESETSIZE to resize the pipe buffer and free the old pipe buffer, while another thread uses keyctl to trigger a notification in th...

7CVSS1.9AI score0.00361EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/08/23 12:0 a.m.5 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from a security vulnerability that stems from a lack of locks in its watch queue's piperesizering causing a contention condition. The flaw allows a loc...

7CVSS6.5AI score0.00361EPSS
Exploits0References18
OSV
OSV
added 2022/04/24 10:4 p.m.7 views

GSD-2022-1002026 watch_queue: Free the page array when watch_queue is dismantled

watchqueue: Free the page array when watchqueue is dismantled This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.110 by commit...

7.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2022/04/22 4:44 p.m.107 views

Metasploit Weekly Wrap-Up

ManageEngine ADSelfService Plus Authenticated RCE This module is pretty exciting for us because it's for a vulnerability discovered by our very own Rapid7 researchers Jake Baines, Hernan Diaz, Andrew Iwamaye, and Dan Kelly. The vulnerability allowed for attackers to leverage the "custom script"...

7.1CVSS0.5AI score0.70479EPSS
Exploits14
Microsoft CVE
Microsoft CVE
added 2022/04/01 7:0 a.m.3 views

An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_queue event notification subsystem. This flaw can overwrite parts of the kernel state potentially allowing a local user to gain privileged access or cause a denial of service on the system.

...

7.8CVSS7.2AI score0.06197EPSS
Exploits10
ATTACKERKB
ATTACKERKB
added 2022/03/25 7:15 p.m.9 views

CVE-2022-0995

An out-of-bounds OOB memory write flaw was found in the Linux kernel’s watchqueue event notification subsystem. This flaw can overwrite parts of the kernel state, potentially allowing a local user to gain privileged access or cause a denial of service on the system...

7.8CVSS6.5AI score0.06197EPSS
Exploits10References7
OSV
OSV
added 2022/03/25 7:15 p.m.1 views

DEBIAN-CVE-2022-0995

An out-of-bounds OOB memory write flaw was found in the Linux kernel’s watchqueue event notification subsystem. This flaw can overwrite parts of the kernel state, potentially allowing a local user to gain privileged access or cause a denial of service on the system...

7.8CVSS6.2AI score0.06197EPSS
Exploits10References1
OSV
OSV
added 2022/03/25 7:15 p.m.2 views

UBUNTU-CVE-2022-0995

An out-of-bounds OOB memory write flaw was found in the Linux kernel’s watchqueue event notification subsystem. This flaw can overwrite parts of the kernel state, potentially allowing a local user to gain privileged access or cause a denial of service on the system...

7.8CVSS6.6AI score0.06197EPSS
Exploits10References12
CNNVD
CNNVD
added 2022/03/18 12:0 a.m.2 views

Linux kernel 缓冲区错误漏洞

Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. Linux kernel is vulnerable to an elevation of privilege vulnerability, which stems from watchqueue triggering a memory corruption in the Linux kernel that could be exploited by an attacker to gain elevat...

7.8CVSS5.8AI score0.06197EPSS
Exploits10References12
Positive Technologies
Positive Technologies
added 2022/02/02 12:0 a.m.5 views

PT-2022-2006

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.17-rc8 Description An out-of-bounds OOB memory write flaw exists in the watch queue event notification subsystem. This issue allows the overwriting of parts of the kernel state, which could enable a local user ...

7.8CVSS7.2AI score0.06197EPSS
Exploits10
Rows per page
Query Builder