Page 494 of 3278 results (0.020 seconds)

CVSS: 8.1EPSS: 0%CPEs: 10EXPL: 1

An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c. Se ha detectado un problema en el kernel de Linux versiones hasta 5.19.11. Los atacantes capaces de inyectar tramas WLAN podrían causar un desbordamiento del búfer en la función ieee80211_bss_info_update en el archivo net/mac80211/scan.c A buffer overflow flaw was found in the u8 overflow in cfg80211_update_notlisted_nontrans() in net/wireless/scan.c in the Linux kernel’s wifi subcomponent. This flaw allows an attacker to crash the system or leak internal kernel information. • http://packetstormsecurity.com/files/169951/Kernel-Live-Patch-Security-Notice-LSN-0090-1.html http://www.openwall.com/lists/oss-security/2022/10/13/2 https://bugzilla.suse.com/show_bug.cgi?id=1203770 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/log/net/mac80211/scan.c https://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless.git/commit/?id=aebe9f4639b13a1f4e9a6b42cdd2e38c617b442d https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html https: • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 1%CPEs: 10EXPL: 1

A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code. Un uso de memoria previamente liberada en la pila mac80211 cuando ea analizado un elemento multi-BSSID en el kernel de Linux versiones 5.2 hasta 5.19.14, podría ser usado por atacantes (capaces de inyectar tramas WLAN) para bloquear el kernel y potencialmente ejecutar código • http://packetstormsecurity.com/files/171005/Kernel-Live-Patch-Security-Notice-LNS-0091-1.html http://www.openwall.com/lists/oss-security/2022/10/13/2 http://www.openwall.com/lists/oss-security/2022/10/13/5 https://bugzilla.suse.com/show_bug.cgi?id=1204051 https://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless.git/commit/?id=ff05d4b45dd89b922578dac497dcabf57cf771c6 https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html https://lists.fedoraproject.org/archives/list& • CWE-416: Use After Free •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2

mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse. El archivo mm/rmap.c en el kernel de Linux versiones anteriores a 5.19.7, presenta un uso de memoria previamente liberada relacionado con un doble reúso de la hoja anon_vma A memory leak flaw with use-after-free capability was found in the Linux kernel. The VMA mm/rmap.c functionality in the is_mergeable_anon_vma() function continuously forks, using memory operations to trigger an incorrect reuse of leaf anon_vma. This issue allows a local attacker to crash the system. • https://bugs.chromium.org/p/project-zero/issues/detail?id=2351 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.19.7 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2555283eb40df89945557273121e9393ef9b542b https://github.com/torvalds/linux/commit/2555283eb40df89945557273121e9393ef9b542b https://googleprojectzero.blogspot.com/2022/12/exploiting-CVE-2022-42703-bringing-back-the-stack-attack.html https://access.redhat.com/security/cve/CVE-2022-42703 https://bugzilla.redhat&# • CWE-416: Use After Free •

CVSS: 4.2EPSS: 0%CPEs: 1EXPL: 0

drivers/char/pcmcia/synclink_cs.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling ioctl, aka a race condition between mgslpc_ioctl and mgslpc_detach. El archivo drivers/char/pcmcia/synclink_cs.c en el kernel de Linux versiones hasta 5.19.12, presenta una condición de carrera y un uso de memoria previamente liberada resultante si un atacante físicamente próximo elimina un dispositivo PCMCIA mientras llama a ioctl, también se conoce como una condición de carrera entre mgslpc_ioctl y mgslpc_detach • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/log/drivers/char/pcmcia/synclink_cs.c https://lore.kernel.org/lkml/20220919040251.GA302541%40ubuntu/T/#rc85e751f467b3e6f9ccef92cfa7fb8a6cc50c270 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •

CVSS: 4.2EPSS: 0%CPEs: 2EXPL: 0

drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a USB device while calling open(), aka a race condition between ufx_ops_open and ufx_usb_disconnect. El archivo drivers/video/fbdev/smscufx.c en el kernel de Linux versiones hasta 5.19.12, presenta una condición de carrera y un uso de memoria previamente liberada resultante si un atacante físicamente cercano elimina un dispositivo USB mientras llama a open(), también se conoce como una condición de carrera entre ufx_ops_open y ufx_usb_disconnect • https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5610bcfe8693c02e2e4c8b31427f1bdbdecc839c https://lists.debian.org/debian-lts-announce/2022/12/msg00031.html https://lists.debian.org/debian-lts-announce/2022/12/msg00034.html https://lore.kernel.org/all/20220925133243.GA383897%40ubuntu/T • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •