Page 414 of 2849 results (0.021 seconds)

CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0

drivers/infiniband/core/ucma.c in the Linux kernel through 4.17.11 allows ucma_leave_multicast to access a certain data structure after a cleanup step in ucma_process_join, which allows attackers to cause a denial of service (use-after-free). drivers/infiniband/core/ucma.c en el kernel de Linux hasta la versión 4.17.11 permite que ucma_leave_multicast acceda a cierta estructura de datos tras un paso de limpieza en ucma_process_join, lo que permite que los atacantes provoquen una denegación de servicio (uso de memoria previamente liberada). A flaw was found in the Linux Kernel in the ucma_leave_multicast() function in drivers/infiniband/core/ucma.c which allows access to a certain data structure after freeing it in ucma_process_join(). This allows an attacker to cause a use-after-free bug and to induce kernel memory corruption, leading to a system crash or other unspecified impact. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cb2595c1393b4a5211534e6f0a0fbad369e21ad8 https://access.redhat.com/errata/RHSA-2019:0831 https://access.redhat.com/errata/RHSA-2019:2029 https://access.redhat.com/errata/RHSA-2019:2043 https://github.com/torvalds/linux/commit/cb2595c1393b4a5211534e6f0a0fbad369e21ad8 https://lists.debian.org/debian-lts-announce/2018/10/msg00003.html https://usn.ubuntu.com/3797-1 https://usn.ubuntu.com/3797-2 https://usn.ubuntu.com/38 • CWE-416: Use After Free •

CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 1

An issue was discovered in the Linux kernel through 4.17.10. There is a use-after-free in try_merge_free_space() when mounting a crafted btrfs image, because of a lack of chunk type flag checks in btrfs_check_chunk_valid in fs/btrfs/volumes.c. Se ha descubierto un problema en el kernel de Linux hasta la versión 4.17.10. Existe un uso de memoria previamente liberada en try_merge_free_space() cuando se monta una imagen btrfs manipulada debido a una falta de verificaciones de flags de tipos de chunks en btrfs_check_chunk_valid en fs/btrfs/volumes.c. • http://www.securityfocus.com/bid/104917 https://bugzilla.kernel.org/show_bug.cgi?id=199839 https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html https://patchwork.kernel.org/patch/10503099 https://usn.ubuntu.com/3932-1 https://usn.ubuntu.com/3932-2 https://usn.ubuntu.com/4094-1 https://usn.ubuntu.com/4118-1 • CWE-416: Use After Free •

CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 1

An issue was discovered in the Linux kernel through 4.17.10. There is out-of-bounds access in write_extent_buffer() when mounting and operating a crafted btrfs image, because of a lack of verification that each block group has a corresponding chunk at mount time, within btrfs_read_block_groups in fs/btrfs/extent-tree.c. Se ha descubierto un problema en el kernel de Linux hasta la versión 4.17.10. Existe un acceso fuera de límites en write_extent_buffer() cuando se monta y opera una imagen btrfs manipulada debido a una falta de verificación de que cada grupo de bloques tenga su chunk correspondiente en el momento de montaje en btrfs_read_block_groups en fs/btrfs/extent-tree.c. • http://www.securityfocus.com/bid/104917 https://bugzilla.kernel.org/show_bug.cgi?id=199837 https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html https://patchwork.kernel.org/patch/10503415 https://usn.ubuntu.com/3932-1 https://usn.ubuntu.com/3932-2 https://usn.ubuntu.com/4094-1 https://usn.ubuntu.com/4118-1 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •

CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 1

An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in btrfs_root_node() when mounting a crafted btrfs image, because of a lack of chunk block group mapping validation in btrfs_read_block_groups in fs/btrfs/extent-tree.c, and a lack of empty-tree checks in check_leaf in fs/btrfs/tree-checker.c. Se ha descubierto un problema en el kernel de Linux hasta la versión 4.17.10. Hay una desreferencia de puntero no válido en btrfs_root_node() cuando se monta una imagen btrfs manipulada, debido a la falta de validación de mapeo de grupos de bloques de chunks en btrfs_read_block_groups en fs/btrfs/extent-tree.c y una falta de comprobaciones de árboles vacíos en check_leaf en fs/btrfs/tree-checker.c. • http://www.securityfocus.com/bid/104917 https://bugzilla.kernel.org/show_bug.cgi?id=199847 https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html https://patchwork.kernel.org/patch/10503403 https://patchwork.kernel.org/patch/10503413 https://usn.ubuntu.com/3932-1 https://usn.ubuntu.com/3932-2 https://usn.ubuntu.com/4094-1& • CWE-476: NULL Pointer Dereference •

CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0

An issue was discovered in the Linux kernel through 4.17.10. There is an out-of-bounds access in __remove_dirty_segment() in fs/f2fs/segment.c when mounting an f2fs image. Se ha descubierto un problema en el kernel de Linux hasta la versión 4.17.10. Existe un acceso fuera de límites en __remove_dirty_segment() en fs/f2fs/segment.c cuando se monta una imagen f2fs. • http://www.securityfocus.com/bid/104917 https://bugzilla.kernel.org/show_bug.cgi?id=200419 https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html https://usn.ubuntu.com/3932-1 https://usn.ubuntu.com/3932-2 https://usn.ubuntu.com/4094-1 https://usn.ubuntu.com/4118-1 • CWE-476: NULL Pointer Dereference •