Page 336 of 2760 results (0.022 seconds)

CVSS: 7.0EPSS: 0%CPEs: 4EXPL: 0

A use-after-free flaw was found in mm/mempolicy.c in the memory management subsystem in the Linux Kernel. This issue is caused by a race between mbind() and VMA-locked page fault, and may allow a local attacker to crash the system or lead to a kernel information leak. • https://access.redhat.com/security/cve/CVE-2023-4611 https://bugzilla.redhat.com/show_bug.cgi?id=2227244 https://www.spinics.net/lists/stable-commits/msg310136.html • CWE-416: Use After Free •

CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0

A memory leak flaw was found in nft_set_catchall_flush in net/netfilter/nf_tables_api.c in the Linux Kernel. This issue may allow a local attacker to cause double-deactivations of catchall elements, which can result in a memory leak. • https://access.redhat.com/security/cve/CVE-2023-4569 https://bugzilla.redhat.com/show_bug.cgi?id=2235470 https://patchwork.ozlabs.org/project/netfilter-devel/patch/20230812110526.49808-1-fw@strlen.de https://www.debian.org/security/2023/dsa-5492 • CWE-401: Missing Release of Memory after Effective Lifetime CWE-402: Transmission of Private Resources into a New Sphere ('Resource Leak') •

CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0

A NULL pointer dereference flaw was found in vmxnet3_rq_cleanup in drivers/net/vmxnet3/vmxnet3_drv.c in the networking sub-component in vmxnet3 in the Linux Kernel. This issue may allow a local attacker with normal user privilege to cause a denial of service due to a missing sanity check during cleanup. • https://access.redhat.com/errata/RHSA-2024:0412 https://access.redhat.com/errata/RHSA-2024:1250 https://access.redhat.com/errata/RHSA-2024:1306 https://access.redhat.com/errata/RHSA-2024:1367 https://access.redhat.com/errata/RHSA-2024:1382 https://access.redhat.com/errata/RHSA-2024:2006 https://access.redhat.com/errata/RHSA-2024:2008 https://access.redhat.com/security/cve/CVE-2023-4459 https://bugzilla.redhat.com/show_bug.cgi?id=2219268 https://github.com/torvalds/ • CWE-476: NULL Pointer Dereference •

CVSS: 6.7EPSS: 0%CPEs: 3EXPL: 0

A use-after-free flaw was found in btrfs_get_dev_args_from_path in fs/btrfs/volumes.c in btrfs file-system in the Linux Kernel. This flaw allows a local attacker with special privileges to cause a system crash or leak internal kernel information • https://access.redhat.com/security/cve/CVE-2023-4394 https://bugzilla.redhat.com/show_bug.cgi?id=2219263 https://patchwork.kernel.org/project/linux-btrfs/patch/20220815151606.3479183-1-r33s3n6@gmail.com • CWE-400: Uncontrolled Resource Consumption CWE-416: Use After Free •

CVSS: 7.1EPSS: 0%CPEs: 12EXPL: 0

A use-after-free flaw was found in vmxnet3_rq_alloc_rx_buf in drivers/net/vmxnet3/vmxnet3_drv.c in VMware's vmxnet3 ethernet NIC driver in the Linux Kernel. This issue could allow a local attacker to crash the system due to a double-free while cleaning up vmxnet3_rq_cleanup_all, which could also lead to a kernel information leak problem. Se encontró una falla de use-after-free en vmxnet3_rq_alloc_rx_buf en drivers/net/vmxnet3/vmxnet3_drv.c en el controlador NIC Ethernet vmxnet3 de VMware en el kernel de Linux. Este problema podría permitir que un atacante local bloquee el sistema debido a una doble liberación mientras se limpia vmxnet3_rq_cleanup_all, lo que también podría provocar un problema de fuga de información del kernel. • https://access.redhat.com/security/cve/CVE-2023-4387 https://bugzilla.redhat.com/show_bug.cgi?id=2219270 https://github.com/torvalds/linux/commit/9e7fef9521e73ca8afd7da9e58c14654b02dfad8 • CWE-416: Use After Free •