Page 531 of 5146 results (0.028 seconds)

CVSS: 7.1EPSS: 0%CPEs: 12EXPL: 1

There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c. Se presenta una vulnerabilidad de uso de la memoria previamente liberada en el kernel de Linux versiones hasta 5.5.2, en la función n_tty_receive_buf_common en el archivo drivers/tty/n_tty.c. A use-after-free flaw was found in the Linux kernel console driver when using the copy-paste buffer. This flaw allows a local user to crash the system. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html https://bugzilla.kernel.org/show_bug.cgi?id=206361 https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html https://security.netapp.com/advisory/ntap-20200924-0004 https://usn.ubuntu.com/4342-1 https://usn.ubuntu.com/4344-1 https://usn.ubuntu.com/4345-1 • CWE-416: Use After Free •

CVSS: 5.9EPSS: 0%CPEs: 4EXPL: 1

There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vgacon_invert_region function in drivers/video/console/vgacon.c. Se presenta una vulnerabilidad de uso de la memoria previamente liberada en el kernel de Linux versiones hasta 5.5.2, en la función vgacon_invert_region en el archivo drivers/video/console/vgacon.c. A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console. An out-of-bounds read can occur, leaking information to the console. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00039.html https://bugzilla.kernel.org/show_bug.cgi?id=206357 https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html https://www.debian.org/security/2020/dsa-4698 https://access.redhat.com/security/cve/CVE-2020-8649 https://bugzilla.redhat.com/show_bug.cgi?id=1802555 • CWE-416: Use After Free •

CVSS: 7.0EPSS: 0%CPEs: 2EXPL: 1

The fix for CVE-2019-11599, affecting the Linux kernel before 5.0.10 was not complete. A local user could use this flaw to obtain sensitive information, cause a denial of service, or possibly have other unspecified impacts by triggering a race condition with mmget_not_zero or get_task_mm calls. La corrección para el CVE-2019-11599, que afectaba al kernel de Linux versiones anteriores a 5.0.10, no estaba completa. Un usuario local podría usar este fallo para conseguir infomación confidencial, causar una denegación de servicio o posiblemente tener otros impactos no especificados al desencadenar una condición de carrera on llamadas de mmget_not_zero o get_task_mm. The fix for CVE-2019-11599 was not complete. • https://bugs.chromium.org/p/project-zero/issues/detail?id=1790 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14898 https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.114 https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.37 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.10 https://security.netapp.com/advisory/ntap-20200608-0001 https://www.oracle.com/security-alerts/cpuApr2021.html https://access.redhat.com/security/cve/ • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-667: Improper Locking •

CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 0

In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest. This problem is limit to the host running linux kernel 4.10 with a guest running linux kernel 4.16 or later. The problem mainly affects AMD processors but Intel CPUs cannot be ruled out. En un Linux KVM invitado que posee PV TLB habilitado, un proceso en el kernel invitado puede ser capaz de leer ubicaciones de memoria de otro proceso en el mismo invitado. Este problema se limita al host que ejecuta Linux Kernel versión 4.10 con un invitado que ejecuta Linux Kernel versión 4.16 o posterior. • http://packetstormsecurity.com/files/157233/Kernel-Live-Patch-Security-Notice-LSN-0065-1.html http://www.openwall.com/lists/oss-security/2020/01/30/4 https://bugzilla.redhat.com/show_bug.cgi?id=1792167 https://git.kernel.org/linus/1eff70a9abd46f175defafd29bc17ad456f398a7 https://git.kernel.org/linus/8c6de56a42e0c657955e12b882a81ef07d1d073e https://git.kernel.org/linus/917248144db5d7320655dbb41d3af0b8a0f3d589 https://git.kernel.org/linus/a6bd811f1209fe1c64c9f6fd578101d6436c6b6e https://git.kernel.org/linus/b043138246a41064527cf019a3d51d9f015e9 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0

fs/namei.c in the Linux kernel before 5.5 has a may_create_in_sticky use-after-free, which allows local users to cause a denial of service (OOPS) or possibly obtain sensitive information from kernel memory, aka CID-d0cb50185ae9. One attack vector may be an open system call for a UNIX domain socket, if the socket is being moved to a new parent directory and its old parent directory is being removed. El archivo fs/namei.c en el kernel de Linux versiones anteriores a 5.5, presenta una vulnerabilidad de uso de la memoria previamente liberada en la función may_create_in_sticky, que permite a usuarios locales causar una denegación de servicio (OOPS) u obtener información confidencial de la memoria del kernel, también se conoce como CID-d0cb50185ae9. Un vector de ataque puede ser una llamada de sistema abierta para un socket del dominio UNIX, si el socket está siendo movido hacia un nuevo directorio padre y su antiguo directorio padre está siendo eliminado. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html http://packetstormsecurity.com/files/157233/Kernel-Live-Patch-Security-Notice-LSN-0065-1.html http://www.openwall.com/lists/oss-security/2020/01/28/4 http://www.openwall.com/lists/oss-security/2020/02/02/1 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d0cb50185ae942b03c4327be322055d622dc79f6 https://github.com/torvalds/linux/commit/d0cb50185ae942b03c4327be322055d622dc79f6 https://lists.debian.org/deb • CWE-416: Use After Free •