Page 422 of 2837 results (0.033 seconds)

CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0

A flaw was found in the "Routing decision" classifier in the Linux kernel's Traffic Control networking subsystem in the way it handled changing of classification filters, leading to a use-after-free condition. This flaw allows unprivileged local users to escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Se ha encontrado un fallo en el clasificador "Routing decision" del subsistema de red Traffic Control del kernel de Linux en la forma en que administra el cambio de los filtros de clasificación, conllevando a una condición de uso de memoria previamente liberada. Este fallo permite a usuarios locales no privilegiados escalar sus privilegios en el sistema. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ef299cc3fa1a9e1288665a9fdc8bff55629fd359 https://access.redhat.com/security/cve/CVE-2021-3715 https://bugzilla.redhat.com/show_bug.cgi?id=1993988 • CWE-416: Use After Free •

CVSS: 7.0EPSS: 0%CPEs: 31EXPL: 0

A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13. Se ha detectado una condición de carrera en la función ext4_write_inline_data_end en el archivo fs/ext4/inline.c en el subsistema ext4 en el kernel de Linux versiones hasta 5.13.13 • https://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4.git/commit/?id=9e445093e523f3277081314c864f708fd4bd34aa https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M6VS2DLGT7TK7URKAS2KWJL3S533SGVA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XJGX3DMJT6MRBW2XEF3TWVHYWZW3DG3N https://security.netapp.com/adv • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 4.9EPSS: 0%CPEs: 11EXPL: 0

A flaw was found in the Linux kernel netfilter implementation in versions prior to 5.5-rc7. A user with root (CAP_SYS_ADMIN) access is able to panic the system when issuing netfilter netflow commands. Se ha detectado un fallo en la implementación del netfilter del kernel de Linux en versiones anteriores a 5.5-rc7. Un usuario con acceso de root (CAP_SYS_ADMIN) es capaz de hacer entrar en pánico al sistema cuando emite comandos netfilter netflow. A flaw was found in the Linux kernel netfilter implementation. • https://bugzilla.redhat.com/show_bug.cgi?id=1976946 https://access.redhat.com/security/cve/CVE-2021-3635 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1

arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access permissions of a shadow page, leading to a missing guest protection page fault. El archivo arch/x86/kvm/mmu/paging_tmpl.h en el kernel de Linux versiones anteriores a 5.12.11, computa incorrectamente los permisos de acceso de una página sombra, conllevando a un fallo de página de protección de invitados • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.11 https://github.com/torvalds/linux/commit/b1bd5cba3306691c771d558e94baa73e8b0b96b7 https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html •

CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 0

fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection. El archivo fs/nfs/nfs4client.c en el kernel de Linux versiones anteriores a 5.13.4, presenta un ordenamiento incorrecto de la configuración de la conexión, que permite a operadores de servidores NFSv4 remotos causar una denegación de servicio (cuelgue de montajes) al disponer de que esos servidores sean inalcanzables durante la detección de trunking • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.4 https://github.com/torvalds/linux/commit/dd99e9f98fbf423ff6d365b37a98e8879170f17c https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html https://security.netapp.com/advisory/ntap-20210902-0010 https://www.debian.org/security/2021/dsa-4978 •