Page 450 of 3218 results (0.011 seconds)

CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 1

A use-after-free flaw was found in the Linux kernel’s Amateur Radio AX.25 protocol functionality in the way a user connects with the protocol. This flaw allows a local user to crash the system. Se ha encontrado un fallo de uso de memoria previamente liberada en la funcionalidad del protocolo AX.25 de radioaficionados del kernel de Linux en la forma en que un usuario es conectado con el protocolo. Este fallo permite a un usuario local bloquear el sistema • https://access.redhat.com/security/cve/CVE-2022-1204 https://bugzilla.redhat.com/show_bug.cgi?id=2071051 https://security-tracker.debian.org/tracker/CVE-2022-1204 https://www.openwall.com/lists/oss-security/2022/04/02/2 • CWE-416: Use After Free •

CVSS: 7.5EPSS: 0%CPEs: 26EXPL: 0

An issue was discovered in the Linux Kernel from 4.18 to 4.19, an improper update of sock reference in TCP pacing can lead to memory/netns leak, which can be used by remote clients. Se ha detectado un problema en el Kernel de Linux de la 4.18 a 4.19, una actualización inapropiada de la referencia sock en el paso TCP puede conllevar a una pérdida de memoria/netns, que puede ser usada por clientes remotos • https://anas.openanolis.cn/cves/detail/CVE-2022-1678 https://anas.openanolis.cn/errata/detail/ANSA-2022:0143 https://bugzilla.openanolis.cn/show_bug.cgi?id=61 https://gitee.com/anolis/cloud-kernel/commit/bed537da691b https://github.com/torvalds/linux/commit/0a70f118475e037732557796accd0878a00fc25a https://lore.kernel.org/all/20200602080425.93712-1-kerneljasonxing%40gmail.com https://security.netapp.com/advisory/ntap-20220715-0001 • CWE-911: Improper Update of Reference Count •

CVSS: 7.0EPSS: 0%CPEs: 24EXPL: 2

A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine. Un fallo en el Kernel de Linux encontrado en nfcmrvl_nci_unregister_dev() en el archivo drivers/nfc/nfcmrvl/main.c puede conllevar a un uso de memoria previamente liberada de lectura o escritura cuando no está sincronizado entre la rutina de limpieza y la rutina de descarga del firmware • http://www.openwall.com/lists/oss-security/2022/06/05/4 http://www.openwall.com/lists/oss-security/2022/06/09/1 https://github.com/torvalds/linux/commit/d270453a0d9ec10bb8a802a142fb1b3601a83098 https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html https://security.netapp.com/advisory/ntap-20220707-0007 https://www.debian.org/security/2022/dsa-5173 • CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 28EXPL: 1

Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions. Una vulnerabilidad de actualización inapropiada del recuento de referencias en net/sched del Kernel de Linux permite a un atacante local causar una escalada de privilegios a root. Este problema afecta a: Las versiones del Kernel de Linux anteriores a 5.18; la versión 4.14 y posteriores A use-after-free flaw was found in u32_change in net/sched/cls_u32.c in the network subcomponent of the Linux kernel. This flaw allows a local attacker to crash the system, cause a privilege escalation, and leak kernel information. • http://packetstormsecurity.com/files/167386/Kernel-Live-Patch-Security-Notice-LSN-0086-1.html http://packetstormsecurity.com/files/168191/Kernel-Live-Patch-Security-Notice-LSN-0089-1.html http://www.openwall.com/lists/oss-security/2022/05/18/2 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3db09e762dc79584a69c10d74a6b98f89a9979f8 https://kernel.dance/#3db09e762dc79584a69c10d74a6b98f89a9979f8 https://security.netapp.com/advisory/ntap-20220629-0005 https://www.debian.org/security • CWE-416: Use After Free CWE-911: Improper Update of Reference Count •

CVSS: 7.8EPSS: 0%CPEs: 24EXPL: 2

A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system. Se ha encontrado un fallo de uso de memoria previamente liberada en el controlador del adaptador inalámbrico Atheros del kernel de Linux en la forma en que un usuario fuerza la función ath9k_htc_wait_for_target a fallar con algunos mensajes de entrada. Este fallo permite a un usuario local bloquear o escalar potencialmente sus privilegios en el sistema • https://github.com/EkamSinghWalia/-Detection-and-Mitigation-for-CVE-2022-1679 https://github.com/ov3rwatch/Detection-and-Mitigation-for-CVE-2022-1679 https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html https://lore.kernel.org/lkml/87ilqc7jv9.fsf%40kernel.org/t https://security.netapp.com/advisory/ntap-20220629-0007 https://access.redhat.com/security/cve/CVE-2022-1679 https://bugzilla.redhat.com/show_bug • CWE-416: Use After Free •