Page 361 of 4005 results (0.069 seconds)

CVSS: 7.5EPSS: 0%CPEs: 17EXPL: 0

CVE-2022-1199

https://notcve.org/view.php?id=CVE-2022-1199

A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating amateur radio from the user space, resulting in a null-ptr-deref vulnerability and a use-after-free vulnerability. Se ha encontrado un fallo en el kernel de Linux. Este fallo permite a un atacante bloquear el kernel de Linux al simular la radioafición desde el espacio de usuario, resultando en una vulnerabilidad null-ptr-deref y una vulnerabilidad de uso de memoria previamente liberada • https://access.redhat.com/security/cve/CVE-2022-1199 https://bugzilla.redhat.com/show_bug.cgi?id=2070694 https://github.com/torvalds/linux/commit/4e0f718daf97d47cf7dec122da1be970f145c809 https://github.com/torvalds/linux/commit/71171ac8eb34ce7fe6b3267dce27c313ab3cb3ac https://github.com/torvalds/linux/commit/7ec02f5ac8a5be5a3f20611731243dc5e1d9ba10 https://security.netapp.com/advisory/ntap-20221228-0006 https://www.openwall.com/lists/oss-security/2022/04/02/5 • CWE-416: Use After Free CWE-476: NULL Pointer Dereference •

CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 1

CVE-2022-1204

https://notcve.org/view.php?id=CVE-2022-1204

A use-after-free flaw was found in the Linux kernel’s Amateur Radio AX.25 protocol functionality in the way a user connects with the protocol. This flaw allows a local user to crash the system. Se ha encontrado un fallo de uso de memoria previamente liberada en la funcionalidad del protocolo AX.25 de radioaficionados del kernel de Linux en la forma en que un usuario es conectado con el protocolo. Este fallo permite a un usuario local bloquear el sistema • https://access.redhat.com/security/cve/CVE-2022-1204 https://bugzilla.redhat.com/show_bug.cgi?id=2071051 https://security-tracker.debian.org/tracker/CVE-2022-1204 https://www.openwall.com/lists/oss-security/2022/04/02/2 • CWE-416: Use After Free •

CVSS: 7.0EPSS: 0%CPEs: 24EXPL: 2

CVE-2022-1734

https://notcve.org/view.php?id=CVE-2022-1734

A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine. Un fallo en el Kernel de Linux encontrado en nfcmrvl_nci_unregister_dev() en el archivo drivers/nfc/nfcmrvl/main.c puede conllevar a un uso de memoria previamente liberada de lectura o escritura cuando no está sincronizado entre la rutina de limpieza y la rutina de descarga del firmware • http://www.openwall.com/lists/oss-security/2022/06/05/4 http://www.openwall.com/lists/oss-security/2022/06/09/1 https://github.com/torvalds/linux/commit/d270453a0d9ec10bb8a802a142fb1b3601a83098 https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html https://security.netapp.com/advisory/ntap-20220707-0007 https://www.debian.org/security/2022/dsa-5173 • CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 28EXPL: 1

CVE-2022-29581 – kernel: use-after-free due to improper update of reference count in net/sched/cls_u32.c

https://notcve.org/view.php?id=CVE-2022-29581

Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions. Una vulnerabilidad de actualización inapropiada del recuento de referencias en net/sched del Kernel de Linux permite a un atacante local causar una escalada de privilegios a root. Este problema afecta a: Las versiones del Kernel de Linux anteriores a 5.18; la versión 4.14 y posteriores A use-after-free flaw was found in u32_change in net/sched/cls_u32.c in the network subcomponent of the Linux kernel. This flaw allows a local attacker to crash the system, cause a privilege escalation, and leak kernel information. • http://packetstormsecurity.com/files/167386/Kernel-Live-Patch-Security-Notice-LSN-0086-1.html http://packetstormsecurity.com/files/168191/Kernel-Live-Patch-Security-Notice-LSN-0089-1.html http://www.openwall.com/lists/oss-security/2022/05/18/2 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3db09e762dc79584a69c10d74a6b98f89a9979f8 https://kernel.dance/#3db09e762dc79584a69c10d74a6b98f89a9979f8 https://security.netapp.com/advisory/ntap-20220629-0005 https://www.debian.org/security • CWE-416: Use After Free CWE-911: Improper Update of Reference Count •

CVSS: 7.8EPSS: 0%CPEs: 24EXPL: 2

CVE-2022-1679 – kernel: use-after-free in ath9k_htc_probe_device() could cause an escalation of privileges

https://notcve.org/view.php?id=CVE-2022-1679

A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system. Se ha encontrado un fallo de uso de memoria previamente liberada en el controlador del adaptador inalámbrico Atheros del kernel de Linux en la forma en que un usuario fuerza la función ath9k_htc_wait_for_target a fallar con algunos mensajes de entrada. Este fallo permite a un usuario local bloquear o escalar potencialmente sus privilegios en el sistema • https://github.com/EkamSinghWalia/-Detection-and-Mitigation-for-CVE-2022-1679 https://github.com/ov3rwatch/Detection-and-Mitigation-for-CVE-2022-1679 https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html https://lore.kernel.org/lkml/87ilqc7jv9.fsf%40kernel.org/t https://security.netapp.com/advisory/ntap-20220629-0007 https://access.redhat.com/security/cve/CVE-2022-1679 https://bugzilla.redhat.com/show_bug • CWE-416: Use After Free •