CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-36557 – kernel: race condition between the VT_DISALLOCATE ioctl and closing/opening of ttys, causing a use-after-free in con_shutdown().
https://notcve.org/view.php?id=CVE-2020-36557
21 Jul 2022 — A race condition in the Linux kernel before 5.6.2 between the VT_DISALLOCATE ioctl and closing/opening of ttys could lead to a use-after-free. Una condición de carrera en el kernel de Linux versiones anteriores a 5.6.2 entre el ioctl VT_DISALLOCATE y el cierre/apertura de ttys podría conllevar a un uso de memoria previamente liberada A use-after-free flaw was found in the Linux kernel’s Virtual Terminal subsystem in how a user calls the VT_DISALLOCATE ioctl during the closing/opening of ttys. This flaw allo... • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.2 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36558 – kernel: race condition in VT_RESIZEX ioctl when vc_cons[i].d is already NULL leading to NULL pointer dereference
https://notcve.org/view.php?id=CVE-2020-36558
21 Jul 2022 — A race condition in the Linux kernel before 5.5.7 involving VT_RESIZEX could lead to a NULL pointer dereference and general protection fault. Una condición de carrera en el kernel de Linux versiones anteriores a 5.5.7, involucrando a VT_RESIZEX podría conllevar a una desviación del puntero NULL y un fallo de protección general A NULL pointer dereference flaw was found in the Linux kernel’s Virtual Terminal subsystem was found in how a user calls the VT_RESIZEX ioctl. This flaw allows a local user to crash t... • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.5.7 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-476: NULL Pointer Dereference •
CVSS: 6.7EPSS: 0%CPEs: 8EXPL: 0CVE-2021-33655 – kernel: malicious data for FBIOPUT_VSCREENINFO ioctl may cause OOB write memory
https://notcve.org/view.php?id=CVE-2021-33655
18 Jul 2022 — When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds. Cuando son enviados datos maliciosos al kernel mediante ioctl cmd FBIOPUT_VSCREENINFO, el kernel escribirá memoria fuera de límites An out-of-bounds write flaw was found in the Linux kernel’s framebuffer-based console driver functionality in the way a user triggers ioctl FBIOPUT_VSCREENINFO with malicious data. This flaw allows a local user to crash or potentially escalate their privileges on the sy... • http://www.openwall.com/lists/oss-security/2022/07/19/2 • CWE-787: Out-of-bounds Write •
CVSS: 7.2EPSS: 0%CPEs: 5EXPL: 0CVE-2021-33656 – kernel: when setting font with malicious data by ioctl PIO_FONT, kernel will write memory out of bounds
https://notcve.org/view.php?id=CVE-2021-33656
18 Jul 2022 — When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds. Cuando es establecida la fuente con datos maliciosos por ioctl cmd PIO_FONT, el kernel escribirá memoria fuera de límites An out-of-bounds write flaw was found in the Linux kernel’s console driver functionality in the way a user triggers the ioctl PIO_FONT with malicious data. This flaw allows a local user to crash or potentially escalate their privileges on the system. Red Hat Advanced Cluster Management for ... • http://www.openwall.com/lists/oss-security/2022/07/19/3 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-2380 – Ubuntu Security Notice USN-6014-1
https://notcve.org/view.php?id=CVE-2022-2380
13 Jul 2022 — The Linux kernel was found vulnerable out of bounds memory access in the drivers/video/fbdev/sm712fb.c:smtcfb_read() function. The vulnerability could result in local attackers being able to crash the kernel. En el kernel de Linux se encontró un acceso a memoria vulnerable fuera de límites en la función drivers/video/fbdev/sm712fb.c:smtcfb_read(). La vulnerabilidad podría resultar en que atacantes locales pudieran bloquear el kernel Xuewei Feng, Chuanpu Fu, Qi Li, Kun Sun, and Ke Xu discovered that the TCP ... • https://git.kernel.org/pub/scm/linux/kernel/git/deller/linux-fbdev.git/commit/?h=for-next&id=bd771cf5c4254511cc4abb88f3dab3bd58bdf8e8 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0CVE-2022-2991 – Linux Kernel LightNVM Subsystem Heap-based Overflow Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-2991
11 Jul 2022 — A heap-based buffer overflow was found in the Linux kernel's LightNVM subsystem. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. This vulnerability allows a local attacker to escalate privileges and execute arbitrary code in the context of the kernel. The attacker must first obtain the ability to execute high-privileged code on the target system to exploit this vulnerability. Se encontró un desbordamiento de bú... • https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/drivers/lightnvm/Kconfig?h=v5.10.114&id=549209caabc89f2877ad5f62d11fca5c052e0e8 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 17EXPL: 0CVE-2022-2318 – Ubuntu Security Notice USN-6014-1
https://notcve.org/view.php?id=CVE-2022-2318
06 Jul 2022 — There are use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c of linux that allow attackers to crash linux kernel without any privileges. Se presentan vulnerabilidades de uso de memoria previamente liberada causadas por el manejador del temporizador en el archivo net/rose/rose_timer.c de linux que permiten a atacantes bloquear el kernel de linux sin ningún privilegio Xuewei Feng, Chuanpu Fu, Qi Li, Kun Sun, and Ke Xu discovered that the TCP implementation in the Linux kernel did ... • https://github.com/torvalds/linux/commit/9cc02ede696272c5271a401e4f27c262359bc2f6 • CWE-416: Use After Free •
CVSS: 7.1EPSS: 0%CPEs: 22EXPL: 0CVE-2022-33742 – Ubuntu Security Notice USN-5668-1
https://notcve.org/view.php?id=CVE-2022-33742
05 Jul 2022 — Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn't allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backe... • http://www.openwall.com/lists/oss-security/2022/07/05/6 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.1EPSS: 0%CPEs: 22EXPL: 0CVE-2022-33741 – Ubuntu Security Notice USN-5572-1
https://notcve.org/view.php?id=CVE-2022-33741
05 Jul 2022 — Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn't allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backe... • http://www.openwall.com/lists/oss-security/2022/07/05/6 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.1EPSS: 0%CPEs: 22EXPL: 0CVE-2022-33740 – Ubuntu Security Notice USN-5572-1
https://notcve.org/view.php?id=CVE-2022-33740
05 Jul 2022 — Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn't allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backe... • http://www.openwall.com/lists/oss-security/2022/07/05/6 • CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer •