16 results (0.015 seconds)

CVSS: 7.5EPSS: 0%CPEs: 27EXPL: 0

A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service. Se encontró una falla en el controlador NVMe del kernel de Linux. Este problema puede permitir que un actor malicioso no autenticado envíe un conjunto de paquetes TCP manipulados cuando usa NVMe sobre TCP, lo que lleva al controlador NVMe a una desreferencia del puntero NULL en el controlador NVMe, lo que provoca pánico en el kernel y una denegación de servicio. • https://access.redhat.com/errata/RHSA-2024:0723 https://access.redhat.com/errata/RHSA-2024:0724 https://access.redhat.com/errata/RHSA-2024:0725 https://access.redhat.com/errata/RHSA-2024:0881 https://access.redhat.com/errata/RHSA-2024:0897 https://access.redhat.com/errata/RHSA-2024:1248 https://access.redhat.com/errata/RHSA-2024:2094 https://access.redhat.com/errata/RHSA-2024:3810 https://access.redhat.com/security/cve/CVE-2023-6536 https://bugzilla.redhat.com/show • CWE-476: NULL Pointer Dereference •

CVSS: 7.5EPSS: 0%CPEs: 27EXPL: 0

A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service. Se encontró una falla en el controlador NVMe del kernel de Linux. Este problema puede permitir que un actor malicioso no autenticado envíe un conjunto de paquetes TCP manipulados cuando usa NVMe sobre TCP, lo que lleva al controlador NVMe a una desreferencia del puntero NULL en el controlador NVMe, lo que provoca pánico en el kernel y una denegación de servicio. • https://access.redhat.com/errata/RHSA-2024:0723 https://access.redhat.com/errata/RHSA-2024:0724 https://access.redhat.com/errata/RHSA-2024:0725 https://access.redhat.com/errata/RHSA-2024:0881 https://access.redhat.com/errata/RHSA-2024:0897 https://access.redhat.com/errata/RHSA-2024:1248 https://access.redhat.com/errata/RHSA-2024:2094 https://access.redhat.com/errata/RHSA-2024:3810 https://access.redhat.com/security/cve/CVE-2023-6535 https://bugzilla.redhat.com/show • CWE-476: NULL Pointer Dereference •

CVSS: 7.5EPSS: 0%CPEs: 27EXPL: 0

A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a denial of service. Se encontró una falla en el controlador NVMe del kernel de Linux. Este problema puede permitir que un actor malicioso no autenticado envíe un conjunto de paquetes TCP manipulados cuando usa NVMe sobre TCP, lo que lleva al controlador NVMe a una desreferencia del puntero NULL en el controlador NVMe y provoca un pánico en el kernel y una denegación de servicio. • https://access.redhat.com/errata/RHSA-2024:0723 https://access.redhat.com/errata/RHSA-2024:0724 https://access.redhat.com/errata/RHSA-2024:0725 https://access.redhat.com/errata/RHSA-2024:0881 https://access.redhat.com/errata/RHSA-2024:0897 https://access.redhat.com/errata/RHSA-2024:1248 https://access.redhat.com/errata/RHSA-2024:2094 https://access.redhat.com/errata/RHSA-2024:3810 https://access.redhat.com/security/cve/CVE-2023-6356 https://bugzilla.redhat.com/show • CWE-476: NULL Pointer Dereference •

CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 0

A use-after-free flaw was found in the Linux kernel’s Netfilter functionality when adding a rule with NFTA_RULE_CHAIN_ID. This flaw allows a local user to crash or escalate their privileges on the system. Se encontró una falla de use-after-free en la funcionalidad Netfilter del kernel de Linux al agregar una regla con NFTA_RULE_CHAIN_ID. Esta falla permite a un usuario local bloquear o escalar sus privilegios en el sistema. • https://access.redhat.com/errata/RHSA-2023:5069 https://access.redhat.com/errata/RHSA-2023:5091 https://access.redhat.com/errata/RHSA-2023:5093 https://access.redhat.com/errata/RHSA-2023:7382 https://access.redhat.com/errata/RHSA-2023:7389 https://access.redhat.com/errata/RHSA-2023:7411 https://access.redhat.com/security/cve/CVE-2023-4147 https://bugzilla.redhat.com/show_bug.cgi?id=2225239 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/&# • CWE-416: Use After Free •

CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 1

A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possible kernel crash and denial of service. • http://www.openwall.com/lists/oss-security/2023/08/10/1 http://www.openwall.com/lists/oss-security/2023/08/10/3 https://access.redhat.com/errata/RHSA-2023:6583 https://access.redhat.com/errata/RHSA-2023:6901 https://access.redhat.com/errata/RHSA-2023:7077 https://access.redhat.com/errata/RHSA-2024:0412 https://access.redhat.com/errata/RHSA-2024:0575 https://access.redhat.com/security/cve/CVE-2023-3772 https://bugzilla.redhat.com/show_bug.cgi?id=2218943 https&# • CWE-476: NULL Pointer Dereference •