Page 204 of 2902 results (0.011 seconds)

CVSS: 7.1EPSS: 0%CPEs: 14EXPL: 0

A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information. • http://packetstormsecurity.com/files/175072/Kernel-Live-Patch-Security-Notice-LSN-0098-1.html http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html https://access.redhat.com/errata/RHSA-2024:0412 https://access.redhat.com/errata/RHSA-2024:0431 https://access.redhat.com/errata/RHSA-2024:0432 https://access.redhat.com/errata/RHSA-2024:0439 https://access.redhat.com/errata/RHSA-2024:0448 https://access.redhat.com/errata/RHSA-2024:0575 https:// • CWE-416: Use After Free •

CVSS: 6.4EPSS: 0%CPEs: 4EXPL: 0

A use-after-free flaw was found in nfc_llcp_find_local in net/nfc/llcp_core.c in NFC in the Linux kernel. This flaw allows a local user with special privileges to impact a kernel information leak issue. • https://access.redhat.com/security/cve/CVE-2023-3863 https://bugzilla.redhat.com/show_bug.cgi?id=2225126 https://github.com/torvalds/linux/commit/6709d4b7bc2e079241fdef15d1160581c5261c10 https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html https://security.netapp.com/advisory/ntap-20240202-0002 https://www.debian.org/security/2023/dsa-5480 https://www.debian.org/security/2023/dsa-5492 • CWE-416: Use After Free •

CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1

A deadlock flaw was found in the Linux kernel’s BPF subsystem. This flaw allows a local user to potentially crash the system. • https://access.redhat.com/security/cve/CVE-2023-0160 https://bugzilla.redhat.com/show_bug.cgi?id=2159764 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ed17aa92dc56 https://lore.kernel.org/all/CABcoxUayum5oOqFMMqAeWuS8+EzojquSOSyDA3J_2omY=2EeAg@mail.gmail.com • CWE-667: Improper Locking CWE-833: Deadlock •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

An issue was discovered in set_con2fb_map in drivers/video/fbdev/core/fbcon.c in the Linux kernel before 6.2.12. Because an assignment occurs only for the first vc, the fbcon_registered_fb and fbcon_display arrays can be desynchronized in fbcon_mode_deleted (the con2fb_map points at the old fb_info). A memory corruption flaw was found in set_con2fb_map in drivers/video/fbdev/core/fbcon.c in the Framebuffer Console in the Linux kernel. This flaw allows a local attacker to crash the system, leading to a denial of service. • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.2.12 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=fffb0b52d5258554c645c966c6cbef7de50b851d https://access.redhat.com/security/cve/CVE-2023-38409 https://bugzilla.redhat.com/show_bug.cgi?id=2230042 • CWE-129: Improper Validation of Array Index CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0

A flaw was found in the subsequent get_user_pages_fast in the Linux kernel’s interface for symmetric key cipher algorithms in the skcipher_recvmsg of crypto/algif_skcipher.c function. This flaw allows a local user to crash the system. • https://access.redhat.com/security/cve/CVE-2023-3108 https://bugzilla.redhat.com/show_bug.cgi?id=2221472 https://github.com/torvalds/linux/commit/9399f0c51489ae8c16d6559b82a452fdc1895e91 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •