Page 404 of 4656 results (0.013 seconds)

CVSS: 4.6EPSS: 0%CPEs: 26EXPL: 0

In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic). En el kernel de Linux versiones hasta 5.15.2, la función mwifiex_usb_recv en el archivo drivers/net/wireless/marvell/mwifiex/usb.c permite a un atacante (que puede conectar un dispositivo USB diseñado) causar una denegación de servicio (skb_over_panic) A denial of service flaw was found in mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c in the usb subsystem of the Linux kernel. This is due to a missing clean-up for a malfunctioning usb device with an unknown recv_type. • https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=04d80663f67ccef893061b49ec8a42ff7045ae84 https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X24M7KDC4OJOZNS3RDSYC7ELNELOLQ2N https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YODMYMGZYDXQKGJGX7TJG4XV4L5YLLBD https://patchwork.kernel.org/projec • CWE-459: Incomplete Cleanup •

CVSS: 5.5EPSS: 0%CPEs: 32EXPL: 2

A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). This vulnerability is similar with the older CVE-2019-18808. Se ha encontrado un fallo de pérdida de memoria en el kernel de Linux en la función ccp_run_aes_gcm_cmd() en el archivo drivers/crypto/ccp/ccp-ops.c, que permite a atacantes causar una denegación de servicio (consumo de memoria). Esta vulnerabilidad es similar a la anterior CVE-2019-18808 A flaw was found in the Linux kernel. A memory leak in the ccp-ops crypto driver can allow attackers to cause a denial of service. • http://www.openwall.com/lists/oss-security/2021/09/14/1 https://bugzilla.redhat.com/show_bug.cgi?id=2000627 https://github.com/torvalds/linux/commit/505d9dcb0f7ddf9d075e729523a33d38642ae680 https://kernel.googlesource.com/pub/scm/linux/kernel/git/herbert/crypto-2.6/+/505d9dcb0f7ddf9d075e729523a33d38642ae680%5E%21/#F0 https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7BLLVKYAIETEORUPTFO3TR3C33ZPFXQM https: • CWE-401: Missing Release of Memory after Effective Lifetime •

CVSS: 7.8EPSS: 0%CPEs: 25EXPL: 0

A flaw was found in the Linux kernel. A use-after-free vulnerability in the NFC stack can lead to a threat to confidentiality, integrity, and system availability. Se ha encontrado un fallo en el kernel de Linux. Una vulnerabilidad de uso de memoria previamente liberada en la pila NFC puede conllevar a una amenaza a la confidencialidad, integridad y disponibilidad del sistema • https://bugzilla.redhat.com/show_bug.cgi?id=2000585 https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html https://security.netapp.com/advisory/ntap-20220318-0007 https://www.debian.org/security/2022/dsa-5096 • CWE-416: Use After Free •

CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 1

An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c. Se ha detectado un problema en el kernel de Linux versiones anteriores a 5.14.15. Se presenta un fallo de índice de matriz fuera de límites en la función detach_capi_ctr en el archivo drivers/isdn/capi/kcapi.c An improper validation of an array index and out of bounds memory read in the Linux kernel's Integrated Services Digital Network (ISDN) functionality was found in the way users call ioctl CMTPCONNADD. A local user could use this flaw to crash the system or starve the resources causing denial of service. • http://www.openwall.com/lists/oss-security/2021/11/05/1 https://bugzilla.redhat.com/show_bug.cgi?id=2013180 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.15 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1f3e2e97c003f80c4b087092b225c8787ff91e4d https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html https://lore.kernel.org/netdev/CAFcO6XOvGQrRTaTkaJ0p3zR7y7nrAWD79r48 • CWE-125: Out-of-bounds Read •

CVSS: 4.7EPSS: 0%CPEs: 13EXPL: 0

A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose() handler could happen if removing device (that is not common to remove video card physically without power-off, but same happens if "unbind" the driver). Se ha encontrado una vulnerabilidad en el kernel de Linux, en la que un uso de memoria previamente liberada en el manejador postclose() de nouveau podría ocurrir si se quita el dispositivo (que no es común quitar la tarjeta de vídeo físicamente sin apagar, pero lo mismo ocurre si se "desvincula" el controlador) • https://bugzilla.redhat.com/show_bug.cgi?id=1901726 https://lore.kernel.org/dri-devel/20201103194912.184413-2-jcline%40redhat.com https://lore.kernel.org/dri-devel/20201103194912.184413-3-jcline%40redhat.com https://lore.kernel.org/dri-devel/20201103194912.184413-4-jcline%40redhat.com https://www.oracle.com/security-alerts/cpujul2022.html https://access.redhat.com/security/cve/CVE-2020-27820 https://lore.kernel.org/dri-devel/20201103194912.184413-2-jcline@redhat.com https://lore.kernel.org • CWE-416: Use After Free •