Page 454 of 2782 results (0.023 seconds)

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0

An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x86_64 lacks consistency checks for CR0 and CR4. A flaw was found in the KVM's Intel nested virtualization feature (nVMX). The effective values of the guest CR0 and CR4 registers could differ from those included in the VMCS12. In rare circumstances (i.e., kvm_intel module loaded with parameters nested=1 and ept=0) this could allow a malicious guest to crash the host system, causing a denial of service. • http://packetstormsecurity.com/files/173757/Kernel-Live-Patch-Security-Notice-LSN-0096-1.html https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.2.8 https://github.com/torvalds/linux/commit/112e66017bff7f2837030f34c2bc19501e9212d5 https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html https://security.netapp.com/advisory/ntap-20230511-0007 https://access.redhat.com/security/cve/CVE-2023-30456 https://bugzilla&# • CWE-358: Improperly Implemented Security Check for Standard •

CVSS: 7.0EPSS: 0%CPEs: 6EXPL: 0

A use-after-free flaw was found in the Linux kernel’s mm/mremap memory address space accounting source code. This issue occurs due to a race condition between rmap walk and mremap, allowing a local user to crash the system or potentially escalate their privileges on the system. Se encontró una falla de use-after-free en el código fuente de contabilidad del espacio de direcciones de memoria mm/mremap del kernel de Linux. Este problema ocurre debido a una condición de ejecución entre rmap walk y mremap, lo que permite a un usuario local bloquear el sistema o potencialmente aumentar sus privilegios en el sistema. • https://access.redhat.com/errata/RHSA-2023:1659 https://access.redhat.com/security/cve/CVE-2023-1476 https://bugzilla.redhat.com/show_bug.cgi?id=2176035 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=97113eb39fa7972722ff490b947d8af023e1f6a2 • CWE-416: Use After Free •

CVSS: 4.7EPSS: 0%CPEs: 8EXPL: 0

A race problem was found in fs/proc/task_mmu.c in the memory management sub-component in the Linux kernel. This issue may allow a local attacker with user privilege to cause a denial of service. • https://lore.kernel.org/linux-mm/Yg6ac8WlwtnDH6M0%40kroah.com https://access.redhat.com/security/cve/CVE-2023-1582 https://bugzilla.redhat.com/show_bug.cgi?id=2180936 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 6.4EPSS: 0%CPEs: 12EXPL: 0

A use-after-free flaw was found in xgene_hwmon_remove in drivers/hwmon/xgene-hwmon.c in the Hardware Monitoring Linux Kernel Driver (xgene-hwmon). This flaw could allow a local attacker to crash the system due to a race problem. This vulnerability could even lead to a kernel information leak problem. A use-after-free flaw was found in xgene_hwmon_remove in drivers/hwmon/xgene-hwmon.c in the Hardware Monitoring Linux Kernel driver (xgene-hwmon). This flaw could allow a local attacker to crash the system due to a race problem, possibly leading to a kernel information leak. • https://github.com/torvalds/linux/commit/cb090e64cf25602b9adaf32d5dfc9c8bec493cd1 https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html https://lore.kernel.org/all/20230318122758.2140868-1-linux%40roeck-us.net https://access.redhat.com/security/cve/CVE-2023-1855 https://bugzilla.redhat.com/show_bug.cgi?id=2184578 • CWE-416: Use After Free •

CVSS: 7.1EPSS: 0%CPEs: 11EXPL: 0

A use-after-free flaw was found in vhost_net_set_backend in drivers/vhost/net.c in virtio network subcomponent in the Linux kernel due to a double fget. This flaw could allow a local attacker to crash the system, and could even lead to a kernel information leak problem. A use-after-free flaw was found in vhost_net_set_backend in drivers/vhost/net.c in the virtio network subcomponent in the Linux kernel due to a double fget. This issue could allow a local attacker to crash the system, and could lead to a kernel information leak problem. • https://lore.kernel.org/netdev/20220516084213.26854-1-jasowang%40redhat.com/T https://security.netapp.com/advisory/ntap-20230517-0003 https://access.redhat.com/security/cve/CVE-2023-1838 https://bugzilla.redhat.com/show_bug.cgi?id=2087568 https://lore.kernel.org/netdev/20220516084213.26854-1-jasowang@redhat.com/T • CWE-416: Use After Free •