Page 536 of 3164 results (0.020 seconds)

CVSS: 4.1EPSS: 0%CPEs: 11EXPL: 2

A flaw was found in the Linux kernel. A use-after-free was found in the way the console subsystem was using ioctls KDGKBSENT and KDSKBSENT. A local user could use this flaw to get read memory access out of bounds. The highest threat from this vulnerability is to data confidentiality. Se encontró un fallo en el kernel de Linux. • https://bugzilla.redhat.com/show_bug.cgi?id=1888726 https://lists.debian.org/debian-lts-announce/2020/12/msg00015.html https://lists.debian.org/debian-lts-announce/2020/12/msg00027.html https://lkml.org/lkml/2020/10/16/84 https://lkml.org/lkml/2020/10/29/528 https://www.starwindsoftware.com/security/sw-20210325-0006 https://access.redhat.com/security/cve/CVE-2020-25656 • CWE-416: Use After Free •

CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 0

An issue was discovered in the Linux kernel before 5.2.6. On NUMA systems, the Linux fair scheduler has a use-after-free in show_numa_stats() because NUMA fault statistics are inappropriately freed, aka CID-16d51a590a8c. Se detectó un problema en el kernel de Linux versiones anteriores a 5.2.6. En los sistemas NUMA, el programador fair de Linux presenta un uso de la memoria previamente liberada en la función show_numa_stats() porque las estadísticas de fallo de NUMA son liberadas inapropiadamente, también se conoce como CID-16d51a590a8c A flaw was found in the Linux kernel’s implementation of displaying NUMA statistics, where displaying the scheduler statistics could trigger a use-after-free in show_numa_stats() and display the kernel memory to userspace. The highest threat from this vulnerability is to system availability. • https://bugs.chromium.org/p/project-zero/issues/detail?id=1913 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.6 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=16d51a590a8ce3befb1308e0e7ab77f3b661af33 https://access.redhat.com/security/cve/CVE-2019-20934 https://bugzilla.redhat.com/show_bug.cgi?id=1902788 • CWE-416: Use After Free •

CVSS: 7.0EPSS: 0%CPEs: 13EXPL: 1

An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check, aka CID-c444eb564fb1. Se detectó un problema en la función __split_huge_pmd en el archivo mm/huge_memory.c en el kernel de Linux versiones anteriores a 5.7.5. La implementación copy-on-write puede otorgar acceso de escritura no previsto debido a una condición de carrera en una comprobación de conteo de mapas THP, también se conoce como CID-c444eb564fb1 An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel. The copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check. • https://bugs.chromium.org/p/project-zero/issues/detail?id=2045 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.7.5 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c444eb564fb16645c172d550359cb3d75fe8a040 https://security.netapp.com/advisory/ntap-20210108-0002 https://access.redhat.com/security/cve/CVE-2020-29368 https://bugzilla.redhat.com/show_bug.cgi?id=1903244 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 7.0EPSS: 0%CPEs: 6EXPL: 1

An issue was discovered in mm/mmap.c in the Linux kernel before 5.7.11. There is a race condition between certain expand functions (expand_downwards and expand_upwards) and page-table free operations from an munmap call, aka CID-246c320a8cfe. Se detectó un problema en el archivo mm/mmap.c en el kernel de Linux versiones anteriores a 5.7.11. Se presenta una condición de carrera entre determinadas funciones expand (expand_downwards y expand_upwards) y operaciones de liberación de page-table de una llamada munmap, también se conoce como CID-246c320a8cfe • http://www.openwall.com/lists/oss-security/2021/02/10/6 http://www.openwall.com/lists/oss-security/2021/02/19/8 https://bugs.chromium.org/p/project-zero/issues/detail?id=2056 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.7.11 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=246c320a8cfe0b11d81a4af38fa9985ef0cc9a4c https://security.netapp.com/advisory/ntap-20210115-0001 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 7.0EPSS: 0%CPEs: 10EXPL: 1

An issue was discovered in kmem_cache_alloc_bulk in mm/slub.c in the Linux kernel before 5.5.11. The slowpath lacks the required TID increment, aka CID-fd4d9c7d0c71. Se detectó un problema en la función kmem_cache_alloc_bulk en el archivo mm/slub.c en el kernel de Linux versiones anteriores a 5.5.11. La slowpath carece del incremento de TID requerido, también se conoce como CID-fd4d9c7d0c71 • https://bugs.chromium.org/p/project-zero/issues/detail?id=2022 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.5.11 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fd4d9c7d0c71866ec0c2825189ebd2ce35bd95b8 https://security.netapp.com/advisory/ntap-20201218-0001 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •