Page 239 of 2753 results (0.007 seconds)

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation. A race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread. We recommend upgrading past commit e2b706c691905fe78468c361aaabc719d0a496f1. Una vulnerabilidad de use after free en el componente ipv4: igmp del kernel de Linux se puede explotar para lograr una escalada de privilegios local. Se puede aprovechar una condición de ejecución para provocar que un temporizador se registre por error en un objeto bloqueado de lectura de RCU que es liberado por otro subproceso. Recomendamos actualizar el commit anterior e2b706c691905fe78468c361aaabc719d0a496f1. A race condition has been discovered in the Linux kernel's Internet Group Management Protocol (IGMP) implementation. • http://packetstormsecurity.com/files/177029/Kernel-Live-Patch-Security-Notice-LSN-0100-1.html https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=e2b706c691905fe78468c361aaabc719d0a496f1 https://kernel.dance/e2b706c691905fe78468c361aaabc719d0a496f1 https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html https://access.redhat.com/security/cve/CVE-2023-6932 https://bugzilla.redhat.com/show_bug.cgi?id=2255283 • CWE-416: Use After Free •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

sec_attest_info in drivers/accel/habanalabs/common/habanalabs_ioctl.c in the Linux kernel through 6.6.5 allows an information leak to user space because info->pad0 is not initialized. sec_attest_info en drivers/accel/habanalabs/common/habanalabs_ioctl.c en el kernel de Linux hasta 6.6.5 permite una fuga de información al espacio del usuario porque info->pad0 no está inicializado. • https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a9f07790a4b2250f0140e9a61c7f842fd9b618c7 https://lists.freedesktop.org/archives/dri-devel/2023-November/431772.html •

CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0

An out-of-bounds memory access flaw was found in the io_uring SQ/CQ rings functionality in the Linux kernel. This issue could allow a local user to crash the system. Se encontró una falla de acceso a memoria fuera de los límites en la funcionalidad de anillos io_uring SQ/CQ en el kernel de Linux. Este problema podría permitir que un usuario local bloquee el sistema. __io_uaddr_map() in io_uring suffers from dangerous handling of the multi-page region. • http://packetstormsecurity.com/files/176405/io_uring-__io_uaddr_map-Dangerous-Multi-Page-Handling.html https://access.redhat.com/security/cve/CVE-2023-6560 https://bugzilla.redhat.com/show_bug.cgi?id=2253249 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AU4NHBDEDLRW33O76Y6LFECEYNQET5GZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UCQIPFUQXKXRCH5Y4RP3C5NK4IHNBNVK https://patchwork.kernel.org/project/io-uring/patch/20231130194633.649319&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-823: Use of Out-of-range Pointer Offset •

CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0

A null pointer dereference vulnerability was found in nft_dynset_init() in net/netfilter/nft_dynset.c in nf_tables in the Linux kernel. This issue may allow a local attacker with CAP_NET_ADMIN user privilege to trigger a denial of service. Se encontró una vulnerabilidad de desreferencia de puntero nulo en nft_dynset_init() en net/netfilter/nft_dynset.c en nf_tables en el kernel de Linux. Este problema puede permitir que un atacante local con privilegios de usuario CAP_NET_ADMIN active una denegación de servicio. • https://access.redhat.com/errata/RHSA-2024:2394 https://access.redhat.com/errata/RHSA-2024:2950 https://access.redhat.com/errata/RHSA-2024:3138 https://access.redhat.com/security/cve/CVE-2023-6622 https://bugzilla.redhat.com/show_bug.cgi?id=2253632 https://github.com/torvalds/linux/commit/3701cd390fd731ee7ae8b8006246c8db82c72bea https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAOVK2F3ALGKYIQ5IOMAYEC2DGI7BWAW https://lists.fedoraproject.org/archives/list/package-announce& • CWE-476: NULL Pointer Dereference •

CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0

Closing of an event channel in the Linux kernel can result in a deadlock. This happens when the close is being performed in parallel to an unrelated Xen console action and the handling of a Xen console interrupt in an unprivileged guest. The closing of an event channel is e.g. triggered by removal of a paravirtual device on the other side. As this action will cause console messages to be issued on the other side quite often, the chance of triggering the deadlock is not neglectable. Note that 32-bit Arm-guests are not affected, as the 32-bit Linux kernel on Arm doesn't use queued-RW-locks, which are required to trigger the issue (on Arm32 a waiting writer doesn't block further readers to get the lock). El cierre de un canal de eventos en el kernel de Linux puede provocar un punto muerto. Esto sucede cuando el cierre se realiza en paralelo a una acción de la consola Xen no relacionada y al manejo de una interrupción de la consola Xen en un invitado sin privilegios. El cierre de un canal de eventos se desencadena, por ejemplo, al retirar un dispositivo paravirtual del otro lado. • https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html https://xenbits.xenproject.org/xsa/advisory-441.html • CWE-400: Uncontrolled Resource Consumption •