Page 25 of 226 results (0.041 seconds)

CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0

The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. This affects kernel/bpf/core.c and net/core/filter.c. El subsistema BPF en el kernel de Linux versiones anteriores a 4.17, maneja inapropiadamente las situaciones con un salto largo sobre una secuencia de instrucciones donde las instrucciones internas requieren expansiones sustanciales en múltiples instrucciones BPF, conllevando a un desbordamiento. Esto afecta a los archivos kernel/bpf/core.c y net/core/filter.c • http://packetstormsecurity.com/files/165477/Kernel-Live-Patch-Security-Notice-LSN-0083-1.html https://github.com/torvalds/linux/commit/050fad7c4534c13c8eb1d9c2ba66012e014773cb https://security.netapp.com/advisory/ntap-20211229-0005 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 6.5EPSS: 0%CPEs: 44EXPL: 0

A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and the attacker can send packets with spoofed IP addresses. Se ha encontrado un fallo en la pila SCTP de Linux. Un atacante ciego puede ser capaz de matar una asociación SCTP existente mediante trozos no válidos si el atacante conoce las direcciones IP y los números de puerto que están siendo usados y el atacante puede enviar paquetes con direcciones IP falsas • https://bugzilla.redhat.com/show_bug.cgi?id=2000694 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=32f8807a48ae55be0e76880cfe8607a18b5bb0df https://github.com/torvalds/linux/commit/32f8807a48ae55be0e76880cfe8607a18b5bb0df https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html https://security.netapp.com/advisory/ntap-20221007-0001 https://ubuntu.com/security/CVE-2021-3772 https://www.debian.org/security/2022/dsa-5096 https://www.oracle.com/security-alerts/cp • CWE-354: Improper Validation of Integrity Check Value •

CVSS: 6.7EPSS: 0%CPEs: 20EXPL: 1

In the Linux kernel through 5.15.2, hw_atl_utils_fw_rpc_wait in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an attacker (who can introduce a crafted device) to trigger an out-of-bounds write via a crafted length value. En el kernel de Linux versiones hasta 5.15.2, la función hw_atl_utils_fw_rpc_wait en el archivo drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c permite a un atacante (que puede introducir un dispositivo diseñado) desencadenar una escritura fuera de límites por medio de un valor de longitud diseñado An out-of-bounds write flaw was found in the Linux kernel’s Aquantia AQtion Ethernet card Atlantic driver in the way the ethernet card provides malicious input to the driver. This flaw allows a local user to emulate the networking device and crash the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. • https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=b922f622592af76b57cbc566eaeccda0b31a3496 https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X24M7KDC4OJOZNS3RDSYC7ELNELOLQ2N https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YODMYMGZYDXQKGJGX7TJG4XV4L5YLLBD https://lore.kernel.org/netdev/163698540868.13805.17800408021782408762.git-patchwork-notify%40kernel.org/T https&# • CWE-787: Out-of-bounds Write •

CVSS: 4.6EPSS: 0%CPEs: 26EXPL: 0

In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic). En el kernel de Linux versiones hasta 5.15.2, la función mwifiex_usb_recv en el archivo drivers/net/wireless/marvell/mwifiex/usb.c permite a un atacante (que puede conectar un dispositivo USB diseñado) causar una denegación de servicio (skb_over_panic) A denial of service flaw was found in mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c in the usb subsystem of the Linux kernel. This is due to a missing clean-up for a malfunctioning usb device with an unknown recv_type. • https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=04d80663f67ccef893061b49ec8a42ff7045ae84 https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X24M7KDC4OJOZNS3RDSYC7ELNELOLQ2N https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YODMYMGZYDXQKGJGX7TJG4XV4L5YLLBD https://patchwork.kernel.org/projec • CWE-459: Incomplete Cleanup •

CVSS: 7.5EPSS: 0%CPEs: 13EXPL: 1

GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms. GNU Multiple Precision Arithmetic Library (GMP) versiones hasta 6.2.1, presenta un desbordamiento de enteros mpz/inp_raw.c y un desbordamiento de búfer resultante por medio de una entrada diseñada, conllevando a un fallo de segmentación en plataformas de 32 bits A flaw was found in gmp. An integer overflow vulnerability could allow an attacker to input an integer value leading to a crash. The highest threat from this vulnerability is to system availability. • http://seclists.org/fulldisclosure/2022/Oct/8 http://www.openwall.com/lists/oss-security/2022/10/13/3 https://bugs.debian.org/994405 https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e https://lists.debian.org/debian-lts-announce/2021/12/msg00001.html https://security.gentoo.org/glsa/202309-13 https://security.netapp.com/advisory/ntap-20221111-0001 https://access.redhat.com/security/cve/CVE-2021-43618&# • CWE-190: Integer Overflow or Wraparound •