Page 365 of 2760 results (0.023 seconds)

CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 0

Guests can trigger NIC interface reset/abort/crash via netback It is possible for a guest to trigger a NIC interface reset/abort/crash in a Linux based network backend by sending certain kinds of packets. It appears to be an (unwritten?) assumption in the rest of the Linux network stack that packet protocol headers are all contained within the linear section of the SKB and some NICs behave badly if this is not the case. This has been reported to occur with Cisco (enic) and Broadcom NetXtrem II BCM5780 (bnx2x) though it may be an issue with other NICs/drivers as well. In case the frontend is sending requests with split headers, netback will forward those violating above mentioned assumption to the networking core, resulting in said misbehavior. • http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html http://www.openwall.com/lists/oss-security/2022/12/07/2 https://lists.debian.org/debian-lts-announce/2022/12/msg00031.html https://lists.debian.org/debian-lts-announce/2022/12/msg00034.html https://xenbits.xenproject.org/xsa/advisory-423.txt • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •

CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0

Guests can trigger deadlock in Linux netback driver T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free the SKB of a packet dropped due to the XSA-392 handling (CVE-2022-42328). Additionally when dropping packages for other reasons the same deadlock could occur in case of netpoll being active for the interface the xen-netback driver is connected to (CVE-2022-42329). Los invitados pueden provocar un punto muerto en Linux netback driver T. Este registro de información CNA se relaciona con múltiples CVE; el texto explica qué aspectos/vulnerabilidades corresponden a cada CVE.] • http://www.openwall.com/lists/oss-security/2022/12/08/2 http://www.openwall.com/lists/oss-security/2022/12/08/3 http://www.openwall.com/lists/oss-security/2022/12/09/2 https://lists.debian.org/debian-lts-announce/2022/12/msg00031.html https://lists.debian.org/debian-lts-announce/2022/12/msg00034.html https://xenbits.xenproject.org/xsa/advisory-424.txt • CWE-667: Improper Locking •

CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 1

A race condition in the x86 KVM subsystem in the Linux kernel through 6.1-rc6 allows guest OS users to cause a denial of service (host OS crash or host OS memory corruption) when nested virtualisation and the TDP MMU are enabled. Una condición de carrera en el subsistema KVM x86 en el kernel de Linux hasta 6.1-rc6 permite a los usuarios del sistema operativo invitado provocar una denegación de servicio (caída del sistema operativo anfitrión o corrupción de la memoria del sistema operativo anfitrión) cuando la virtualización anidada y la MMU TDP están habilitadas. A flaw was found in the Linux kernel in the KVM. A race condition in direct_page_fault allows guest OS users to cause a denial of service (host OS crash or host OS memory corruption) when nested virtualization and the TDP MMU are enabled. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=47b0c2e4c220f2251fd8dcfbb44479819c715e15 https://access.redhat.com/security/cve/CVE-2022-45869 https://bugzilla.redhat.com/show_bug.cgi?id=2151317 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

A NULL pointer dereference issue was discovered in the Linux kernel in io_files_update_with_index_alloc. A local user could use this flaw to potentially crash the system causing a denial of service. Se descubrió un problema de desreferencia de puntero NULL en el kernel de Linux en io_files_update_with_index_alloc. Un usuario local podría utilizar esta falla para bloquear potencialmente el sistema y provocar una Denegación de Servicio (DoS). • https://github.com/torvalds/linux/commit/d785a773bed966a75ca1f11d108ae1897189975b https://lore.kernel.org/all/d5a19c1e-9968-e22e-5917-c3139c5e7e89%40kernel.dk • CWE-476: NULL Pointer Dereference •

CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 0

An issue was discovered in the Linux kernel through 6.0.10. l2cap_config_req in net/bluetooth/l2cap_core.c has an integer wraparound via L2CAP_CONF_REQ packets. Se descubrió un problema en el kernel de Linux hasta la versión 6.0.10. l2cap_config_req en net/bluetooth/l2cap_core.c tiene una envoltura de números enteros a través de paquetes L2CAP_CONF_REQ. An integer overflow flaw was found in the Linux kernel’s L2CAP bluetooth functionality in how a user generates malicious L2CAP_CONF_REQ packets. This flaw allows a local or bluetooth connection user to crash the system. • https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=ae4569813a6e931258db627cdfe50dfb4f917d5d https://lists.debian.org/debian-lts-announce/2023/03/msg00000.html https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NDAKCGDW6CQ6G3RZWYZJO454R3L5CTQB https://security.netapp.com/advisory/ntap-20230113-0008 https://www.debian.org/security/2023/dsa-5324 https://access.redhat.co • CWE-190: Integer Overflow or Wraparound •