Page 336 of 3678 results (0.028 seconds)

CVSS: 4.4EPSS: 0%CPEs: 3EXPL: 0

CVE-2022-0168 – kernel: smb2_ioctl_query_info NULL pointer dereference

https://notcve.org/view.php?id=CVE-2022-0168

A denial of service (DOS) issue was found in the Linux kernel’s smb2_ioctl_query_info function in the fs/cifs/smb2ops.c Common Internet File System (CIFS) due to an incorrect return from the memdup_user function. This flaw allows a local, privileged (CAP_SYS_ADMIN) attacker to crash the system. Se encontró un problema de denegación de servicio (DOS) en la función smb2_ioctl_query_info del kernel de Linux en el archivo fs/cifs/smb2ops.c Common Internet File System (CIFS) debido a un retorno incorrecto de la función memdup_user. Este fallo permite a un atacante local privilegiado (CAP_SYS_ADMIN) bloquear el sistema. • https://access.redhat.com/security/cve/CVE-2022-0168 https://bugzilla.redhat.com/show_bug.cgi?id=2037386 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d6f5e358452479fa8a773b5c6ccc9e4ec5a20880 • CWE-476: NULL Pointer Dereference •

CVSS: 7.5EPSS: 0%CPEs: 17EXPL: 0

CVE-2022-1199

https://notcve.org/view.php?id=CVE-2022-1199

A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating amateur radio from the user space, resulting in a null-ptr-deref vulnerability and a use-after-free vulnerability. Se ha encontrado un fallo en el kernel de Linux. Este fallo permite a un atacante bloquear el kernel de Linux al simular la radioafición desde el espacio de usuario, resultando en una vulnerabilidad null-ptr-deref y una vulnerabilidad de uso de memoria previamente liberada • https://access.redhat.com/security/cve/CVE-2022-1199 https://bugzilla.redhat.com/show_bug.cgi?id=2070694 https://github.com/torvalds/linux/commit/4e0f718daf97d47cf7dec122da1be970f145c809 https://github.com/torvalds/linux/commit/71171ac8eb34ce7fe6b3267dce27c313ab3cb3ac https://github.com/torvalds/linux/commit/7ec02f5ac8a5be5a3f20611731243dc5e1d9ba10 https://security.netapp.com/advisory/ntap-20221228-0006 https://www.openwall.com/lists/oss-security/2022/04/02/5 • CWE-416: Use After Free CWE-476: NULL Pointer Dereference •

CVSS: 7.0EPSS: 0%CPEs: 24EXPL: 2

CVE-2022-1734

https://notcve.org/view.php?id=CVE-2022-1734

A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine. Un fallo en el Kernel de Linux encontrado en nfcmrvl_nci_unregister_dev() en el archivo drivers/nfc/nfcmrvl/main.c puede conllevar a un uso de memoria previamente liberada de lectura o escritura cuando no está sincronizado entre la rutina de limpieza y la rutina de descarga del firmware • http://www.openwall.com/lists/oss-security/2022/06/05/4 http://www.openwall.com/lists/oss-security/2022/06/09/1 https://github.com/torvalds/linux/commit/d270453a0d9ec10bb8a802a142fb1b3601a83098 https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html https://security.netapp.com/advisory/ntap-20220707-0007 https://www.debian.org/security/2022/dsa-5173 • CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 24EXPL: 2

CVE-2022-1679 – kernel: use-after-free in ath9k_htc_probe_device() could cause an escalation of privileges

https://notcve.org/view.php?id=CVE-2022-1679

A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system. Se ha encontrado un fallo de uso de memoria previamente liberada en el controlador del adaptador inalámbrico Atheros del kernel de Linux en la forma en que un usuario fuerza la función ath9k_htc_wait_for_target a fallar con algunos mensajes de entrada. Este fallo permite a un usuario local bloquear o escalar potencialmente sus privilegios en el sistema • https://github.com/EkamSinghWalia/-Detection-and-Mitigation-for-CVE-2022-1679 https://github.com/ov3rwatch/Detection-and-Mitigation-for-CVE-2022-1679 https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html https://lore.kernel.org/lkml/87ilqc7jv9.fsf%40kernel.org/t https://security.netapp.com/advisory/ntap-20220629-0007 https://access.redhat.com/security/cve/CVE-2022-1679 https://bugzilla.redhat.com/show_bug • CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 27EXPL: 1

CVE-2022-30594 – kernel: Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option

https://notcve.org/view.php?id=CVE-2022-30594

The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag. El kernel de Linux versiones anteriores a 5.17.2, maneja inapropiadamente los permisos de seccomp. La ruta de código PTRACE_SEIZE permite a atacantes omitir las restricciones previstas al establecer el flag PT_SUSPEND_SECCOMP A flaw was found in the Linux kernel. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag, possibly disabling seccomp. • http://packetstormsecurity.com/files/167386/Kernel-Live-Patch-Security-Notice-LSN-0086-1.html http://packetstormsecurity.com/files/170362/Linux-PT_SUSPEND_SECCOMP-Permission-Bypass-Ptracer-Death-Race.html https://bugs.chromium.org/p/project-zero/issues/detail?id=2276 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17.2 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ee1fee900537b5d9560e9f937402de5ddc8412f3 https://github.com/torvalds/linux/commit/ee1fee900537b5d9560e9f937402de • CWE-276: Incorrect Default Permissions CWE-862: Missing Authorization •