Page 388 of 2724 results (0.026 seconds)

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

afu_mmio_region_get_by_offset in drivers/fpga/dfl-afu-region.c in the Linux kernel through 6.1.12 has an integer overflow. • https://bugzilla.suse.com/show_bug.cgi?id=1208518 https://patchwork.kernel.org/project/linux-fpga/patch/20230206054326.89323-1-k1rh4.lee%40gmail.com https://security.netapp.com/advisory/ntap-20230406-0002 • CWE-190: Integer Overflow or Wraparound •

CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0

A use-after-free flaw was found in the Linux kernel’s SGI GRU driver in the way the first gru_file_unlocked_ioctl function is called by the user, where a fail pass occurs in the gru_check_chiplet_assignment function. This flaw allows a local user to crash or potentially escalate their privileges on the system. • https://bugzilla.redhat.com/show_bug.cgi?id=2132640 https://github.com/torvalds/linux/commit/643a16a0eb1d6ac23744bb6e90a00fc21148a9dc https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html https://lore.kernel.org/all/20221019031445.901570-1-zyytlz.wz%40163.com https://security.netapp.com/advisory/ntap-20230406-0005 https://www.spinics.net/lists/kernel/msg4518970.html • CWE-416: Use After Free •

CVSS: 7.0EPSS: 0%CPEs: 2EXPL: 0

A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 ("net: sched: fix race condition in qdisc_graft()") not applied yet, then kernel could be affected. • https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html https://lore.kernel.org/all/20221018203258.2793282-1-edumazet%40google.com https://access.redhat.com/security/cve/CVE-2023-0590 https://bugzilla.redhat.com/show_bug.cgi?id=2165741 • CWE-416: Use After Free •

CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0

A memory leak flaw and potential divide by zero and Integer overflow was found in the Linux kernel V4L2 and vivid test code functionality. This issue occurs when a user triggers ioctls, such as VIDIOC_S_DV_TIMINGS ioctl. This could allow a local user to crash the system if vivid test code enabled. • https://bugzilla.redhat.com/show_bug.cgi?id=2166287 • CWE-20: Improper Input Validation CWE-190: Integer Overflow or Wraparound CWE-369: Divide By Zero CWE-401: Missing Release of Memory after Effective Lifetime •

CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 2

The Linux kernel through 6.1.9 has a Use-After-Free in bigben_remove in drivers/hid/hid-bigbenff.c via a crafted USB device because the LED controllers remain registered for too long. • http://www.openwall.com/lists/oss-security/2023/02/02/1 http://www.openwall.com/lists/oss-security/2023/11/05/1 https://bugzilla.suse.com/show_bug.cgi?id=1207560 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=27d2a2fd844ec7da70d19fabb482304fd1e0595b https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=76ca8da989c7d97a7f76c75d475fe95a584439d7 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9fefb6201c4f8dd9f58c581b2a66e5cde2 • CWE-416: Use After Free •