Page 328 of 3985 results (0.018 seconds)

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0

CVE-2021-26931

https://notcve.org/view.php?id=CVE-2021-26931

An issue was discovered in the Linux kernel 2.6.39 through 5.10.16, as used in Xen. Block, net, and SCSI backends consider certain errors a plain bug, deliberately causing a kernel crash. For errors potentially being at least under the influence of guests (such as out of memory conditions), it isn't correct to assume a plain bug. Memory allocations potentially causing such crashes occur only when Linux is running in PV mode, though. This affects drivers/block/xen-blkback/blkback.c and drivers/xen/xen-scsiback.c. • http://xenbits.xen.org/xsa/advisory-362.html https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3194a1746e8aabe86075fd3c5e7cf1f4632d7f16 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5a264285ed1cd32e26d9de4f3c8c6855e467fd63 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7c77474b2d22176d2bfb592ec74e0f2cb71352c9 https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html https://lists.debian.org/debian-lts-announce/2021/03/m • CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

CVE-2020-12362 – kernel: Integer overflow in Intel(R) Graphics Drivers

https://notcve.org/view.php?id=CVE-2020-12362

Integer overflow in the firmware for some Intel(R) Graphics Drivers for Windows * before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable an escalation of privilege via local access. Un desbordamiento de enteros en el firmware para algunos Intel® Graphics Drivers para Windows* versiones anteriores a 26.20.100.7212 y versiones anteriores a 5.5 del kernel de Linux, puede permitir a un usuario privilegiado habilitar potencialmente una escalada de privilegios por medio de un acceso local A flaw was found in the Linux kernel. An integer overflow in the firmware for some Intel(R) Graphics Drivers may allow a privileged user to potentially enable an escalation of privilege via local access. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. • https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html https://access.redhat.com/security/cve/CVE-2020-12362 https://bugzilla.redhat.com/show_bug.cgi?id=1930246 • CWE-190: Integer Overflow or Wraparound •

CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0

CVE-2020-12363 – kernel: Improper input validation in some Intel(R) Graphics Drivers

https://notcve.org/view.php?id=CVE-2020-12363

Improper input validation in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access. Una comprobación inapropiada de la entrada en algunos Intel® Graphics Drivers para Windows* versiones anteriores a 26.20.100.7212 y versiones anteriores a 5.5 del kernel de Linux, puede permitir a un usuario privilegiado habilitar potencialmente una denegación de servicio por medio de un acceso local A flaw was found in the Linux kernel. Improper input validation in some Intel(R) Graphics Drivers may allow a privileged user to potentially enable a denial of service via local access. • https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html https://access.redhat.com/security/cve/CVE-2020-12363 https://bugzilla.redhat.com/show_bug.cgi?id=1930249 • CWE-20: Improper Input Validation •

CVSS: 7.0EPSS: 0%CPEs: 2EXPL: 0

CVE-2021-3348 – kernel: Use-after-free in ndb_queue_rq() in drivers/block/nbd.c

https://notcve.org/view.php?id=CVE-2021-3348

nbd_add_socket in drivers/block/nbd.c in the Linux kernel through 5.10.12 has an ndb_queue_rq use-after-free that could be triggered by local attackers (with access to the nbd device) via an I/O request at a certain point during device setup, aka CID-b98e762e3d71. En la función nbd_add_socket en el archivo drivers/block/nbd.c en el kernel de Linux versiones hasta 5.10.12, presenta un uso de la memoria previamente liberada de ndb_queue_rq que podría ser desencadenado por atacantes locales (con acceso al dispositivo nbd) por medio de una petición de E/S en un punto determinado durante la configuración del dispositivo, también se conoce como CID-b98e762e3d71 A use after free flaw in the Linux kernel network block device (NBD) subsystem was found in the way user calls an ioctl NBD_SET_SOCK at a certain point during device setup. • http://www.openwall.com/lists/oss-security/2021/02/01/1 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b98e762e3d71e893b221f871825dc64694cfb258 https://lists.debian.org/debian-lts-announce/2021/03/msg00035.html https://www.openwall.com/lists/oss-security/2021/01/28/3 https://access.redhat.com/security/cve/CVE-2021-3348 https://bugzilla.redhat.com/show_bug.cgi?id=1921958 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1

CVE-2021-3347 – kernel: Use after free via PI futex state

https://notcve.org/view.php?id=CVE-2021-3347

An issue was discovered in the Linux kernel through 5.10.11. PI futexes have a kernel stack use-after-free during fault handling, allowing local users to execute code in the kernel, aka CID-34b1a1ce1458. Se detectó un problema en el kernel de Linux versiones hasta 5.10.11. Los futexes de PI presentan un uso de la memoria previamente liberada de la pila del kernel durante el manejo de fallos, permitiendo a usuarios locales ejecutar código en el kernel, también se conoce como CID-34b1a1ce1458 A flaw was found in the Linux kernel. A use-after-free memory flaw in the Fast Userspace Mutexes functionality allowing a local user to crash the system or escalate their privileges on the system. • http://www.openwall.com/lists/oss-security/2021/01/29/4 http://www.openwall.com/lists/oss-security/2021/01/29/5 http://www.openwall.com/lists/oss-security/2021/02/01/4 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=04b79c55201f02ffd675e1231d731365e335c307 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=12bb3f7f1b03d5913b3f9d4236a488aa7774dfe9 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/ • CWE-416: Use After Free •