Page 378 of 4025 results (0.018 seconds)

CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 5

It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0. Se descubrió que la implementación del filtro cls_route en el kernel de Linux no eliminaba un filtro antiguo de la tabla hash antes de liberarlo si su identificador tenía el valor 0. A use-after-free flaw was found in route4_change in the net/sched/cls_route.c filter implementation in the Linux kernel. This flaw allows a local user to crash the system and possibly lead to a local privilege escalation problem. This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. • https://github.com/Markakd/CVE-2022-2588 https://github.com/veritas501/CVE-2022-2588 https://github.com/BassamGraini/CVE-2022-2588 https://github.com/PolymorphicOpcode/CVE-2022-2588 https://github.com/dom4570/CVE-2022-2588 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2588 https://lore.kernel.org/netdev/20220809170518.164662-1-cascardo@canonical.com/T/#u https://ubuntu.com/security/notices/USN-5557-1 https://ubuntu.com/security/notices/USN-5560-1 https:/&#x • CWE-415: Double Free CWE-416: Use After Free •

CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 2

It was discovered that a nft object or expression could reference a nft set on a different nft table, leading to a use-after-free once that table was deleted. Se descubrió que un objeto o expresión nft podía hacer referencia a un conjunto nft en una tabla nft diferente, lo que generaba un use-after-free una vez que se eliminaba esa tabla. A use-after-free flaw was found in nf_tables cross-table in the net/netfilter/nf_tables_api.c function in the Linux kernel. This flaw allows a local, privileged attacker to cause a use-after-free problem at the time of table deletion, possibly leading to local privilege escalation. This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. • https://github.com/aels/CVE-2022-2586-LPE https://github.com/sniper404ghostxploit/CVE-2022-2586 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2586 https://lore.kernel.org/netfilter-devel/20220809170148.164591-1-cascardo@canonical.com/T/#t https://ubuntu.com/security/notices/USN-5557-1 https://ubuntu.com/security/notices/USN-5560-1 https://ubuntu.com/security/notices/USN-5560-2 https://ubuntu.com/security/notices/USN-5562-1 https://ubuntu.com/security/notices&# • CWE-416: Use After Free •

CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0

Linux deployments of StorageGRID (formerly StorageGRID Webscale) versions 11.6.0 through 11.6.0.2 deployed with a Linux kernel version less than 4.7.0 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to view limited metrics information and modify alert email recipients and content. Las implantaciones en Linux de StorageGRID (anteriormente conocido como StorageGRID Webscale) versiones 11.6.0 hasta 11.6.0.2 implantadas con una versión del kernel de Linux inferior a 4.7.0 son susceptibles de una vulnerabilidad que podría permitir a un atacante remoto no autenticado visualizar información de métricas limitada y modificar los destinatarios y el contenido de los correos electrónicos de alerta • https://security.netapp.com/advisory/NTAP-20220808-0001 •

CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 2

The Linux kernel before 5.18.13 lacks a certain clear operation for the block starting symbol (.bss). This allows Xen PV guest OS users to cause a denial of service or gain privileges. El kernel de Linux versiones anteriores a 5.18.13, carece de una determinada operación de borrado para el símbolo de inicio de bloque (.bss). Esto permite a usuarios del SO huésped Xen PV causar una denegación de servicio o conseguir privilegios • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.18.13 https://github.com/sickcodes/security/blob/master/advisories/SICK-2022-128.md https://github.com/torvalds/linux/commit/74a0032b8524ee2bd4443128c0bf9775928680b0 https://github.com/torvalds/linux/commit/96e8fc5818686d4a1591bb6907e7fdb64ef29884 https://security.netapp.com/advisory/ntap-20220901-0003 https://sick.codes/sick-2022-128 •

CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0

An information leak flaw was found in NFS over RDMA in the net/sunrpc/xprtrdma/rpc_rdma.c in the Linux Kernel. This flaw allows an attacker with normal user privileges to leak kernel information. Se ha encontrado un fallo de filtrado de información en NFS sobre RDMA en el archivo net/sunrpc/xprtrdma/rpc_rdma.c en el Kernel de Linux. Este fallo permite a un atacante privilegiado de usuario normales filtrar información del kernel • https://access.redhat.com/security/cve/CVE-2022-0812 https://bugzilla.redhat.com/show_bug.cgi?id=2058361 https://bugzilla.redhat.com/show_bug.cgi?id=2058955 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=912288442cb2f431bf3c8cb097a5de83bc6dbac1 https://security.netapp.com/advisory/ntap-20230427-0011 https://ubuntu.com/security/CVE-2022-0812 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •