Page 309 of 2784 results (0.007 seconds)

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0

A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. In this flaw, a local attacker with a user privilege may impact system Confidentiality. This flaw affects kernel versions prior to 5.14 rc1. Se ha encontrado una vulnerabilidad de uso de memoria previamente liberada en la función rtsx_usb_ms_drv_remove en el archivo drivers/memstick/host/rtsx_usb_ms.c en memstick en el kernel de Linux. En este fallo, un atacante local con un privilegio de usuario puede afectar a la confidencialidad del sistema. • https://bugzilla.redhat.com/show_bug.cgi?id=2044561 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=42933c8aa14be1caa9eda41f65cde8a3a95d3e39 https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html https://www.debian.org/security/2022/dsa-5095 https://www.debian.org/security/2022/dsa-5096 • CWE-416: Use After Free •

CVSS: 3.3EPSS: 0%CPEs: 4EXPL: 0

An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should occur, but the server instead returns uninitialized data in the file descriptor. Se ha detectado un problema en el archivo fs/nfs/dir.c en el kernel de Linux versiones anteriores a 5.16.5. Si una aplicación establece la bandera O_DIRECTORY, y trata de abrir un archivo regular, la función nfs_atomic_open() lleva a cabo una búsqueda regular. • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.5 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ac795161c93699d600db16c1a8cc23a65a1eceaf https://github.com/torvalds/linux/commit/ab0fc21bc7105b54bafd85bd8b82742f9e68898a https://github.com/torvalds/linux/commit/ac795161c93699d600db16c1a8cc23a65a1eceaf https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html https://lore.kernel.org/all/67d6a536-9027&# • CWE-755: Improper Handling of Exceptional Conditions CWE-908: Use of Uninitialized Resource •

CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0

A vulnerability was found in the Linux kernel's eBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A local attacker with the permissions to insert eBPF code to the kernel can use this to leak internal kernel memory details defeating some of the exploit mitigations in place for the kernel. This flaws affects kernel versions < v5.16-rc6 Se encontró una vulnerabilidad en el verificador eBPF del kernel de Linux cuando son manejados estructuras de datos internas. Las ubicaciones de memoria interna podían ser devueltas al espacio de usuario. • https://bugzilla.redhat.com/show_bug.cgi?id=2041547 • CWE-755: Improper Handling of Exceptional Conditions •

CVSS: 7.4EPSS: 0%CPEs: 35EXPL: 0

A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software that relies on UDP source port randomization are indirectly affected as well. Se encontró un fallo en el procesamiento de los errores ICMP recibidos (fragmento ICMP necesario y redireccionamiento ICMP) en la funcionalidad del kernel de Linux que permite la capacidad de escanear rápidamente los puertos UDP abiertos. Este fallo permite a un usuario remoto fuera de la ruta de acceso omitir efectivamente la aleatorización del puerto de origen UDP. • https://bugzilla.redhat.com/show_bug.cgi?id=2014230 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.15-rc6&id=4785305c05b25a242e5314cc821f54ade4c18810 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.15-rc6&id=6457378fe796815c973f631a1904e147d6ee33b1 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/ipv4/route.c?h=v5.15-rc6&id=67d6d681e15b578c1725bad8ad079e05d1c48a8e https://git.kernel.org/pub/scm/linux/ke • CWE-330: Use of Insufficiently Random Values •

CVSS: 7.0EPSS: 0%CPEs: 7EXPL: 3

A use-after-free flaw was found in nci_request in net/nfc/nci/core.c in NFC Controller Interface (NCI) in the Linux kernel. This flaw could allow a local attacker with user privileges to cause a data race problem while the device is getting removed, leading to a privilege escalation problem. Se encontró un fallo de uso de memoria previamente liberada en la función nci_request en el archivo net/nfc/nci/core.c en NFC Controller Interface (NCI) en el kernel de Linux. este fallo podría permitir a un atacante local con privilegios de usuario causar un problema de carrera de datos mientras es retirado el dispositivo, conllevando a un problema de escalada de privilegios • http://www.openwall.com/lists/oss-security/2022/06/01/2 http://www.openwall.com/lists/oss-security/2022/06/04/2 http://www.openwall.com/lists/oss-security/2022/06/07/2 https://bugzilla.redhat.com/show_bug.cgi?id=2036682 https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=3e3b5dfcd16a3e254aab61bd1e8c417dd4503102 https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=48b71a9e66c2eab60564b1b1c85f4928ed04e406 https://git.kernel.org/pub • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •