Page 554 of 2974 results (0.019 seconds)

CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0

An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4_group_desc_csum does not properly check an offset. NOTE: this is disputed by third parties because the kernel is not intended to defend against attackers with the stated "When modifying the block device while it is mounted by the filesystem" access. Se ha descubierto un problema en el kernel de Linux en las versiones anteriores a 6.3.3. Hay una lectura fuera de límites en crc16 en "lib/crc16.c" cuando se llama dese "fs/ext4/super.c" porque "ext4_group_desc_csum" no comprueba correctamente un desplazamiento. • https://bugzilla.suse.com/show_bug.cgi?id=1211895 https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.3 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4f04351888a83e595571de672e0a4a8b74f4fb31 https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html https://syzkaller.appspot.com/bug?extid=8785e41224a3afd04321 • CWE-125: Out-of-bounds Read •

CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 1

An issue was discovered in the Linux kernel before 6.2. The ntfs3 subsystem does not properly check for correctness during disk reads, leading to an out-of-bounds read in ntfs_set_ea in fs/ntfs3/xattr.c. Se ha descubierto un problema en el kernel de Linux en las versiones anteriores a v6.2. El subsistema "ntfs3" no comprueba correctamente la corrección durante las lecturas de disco, lo que provoca una lectura fuera de los límites en "ntfs_set_ea" en "fs/ntfs3/xattr.c". • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.2 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0e8235d28f3a0e9eda9f02ff67ee566d5f42b66b https://security.netapp.com/advisory/ntap-20230703-0004 https://syzkaller.appspot.com/bug?extid=8778f030156c6cd16d72 • CWE-125: Out-of-bounds Read •

CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 2

A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication. • https://github.com/lrh2000/CVE-2023-2002 https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html https://security.netapp.com/advisory/ntap-20240202-0004 https://www.debian.org/security/2023/dsa-5480 https://www.openwall.com/lists/oss-security/2023/04/16/3 https://access.redhat.com/security/cve/CVE-2023-2002 https://bugzilla.redhat.com/show_bug.cgi?id=2187308 • CWE-250: Execution with Unnecessary Privileges CWE-863: Incorrect Authorization •

CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 0

An issue was discovered in the Linux kernel before 6.2.9. A use-after-free was found in bq24190_remove in drivers/power/supply/bq24190_charger.c. It could allow a local attacker to crash the system due to a race condition. • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.2.9 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=47c29d69212911f50bdcdd0564b5999a559010d4 https://github.com/torvalds/linux/commit/47c29d69212911f50bdcdd0564b5999a559010d4 https://lore.kernel.org/all/CAHk-=whcaHLNpb7Mu_QX7ABwPgyRyfW-V8=v4Mv0S22fpjY4JQ%40mail.gmail.com https://lore.kernel.org/lkml/20230309174728.233732-1-zyytlz.wz%40163.com • CWE-416: Use After Free •

CVSS: 4.4EPSS: 0%CPEs: 9EXPL: 0

The Linux kernel 6.3 has a use-after-free in iopt_unmap_iova_range in drivers/iommu/iommufd/io_pagetable.c. • https://bugzilla.suse.com/show_bug.cgi?id=1211597 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=804ca14d04df09bf7924bacc5ad22a4bed80c94f https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dbe245cdf5189e88d680379ed13901356628b650 https://groups.google.com/g/syzkaller/c/G6P9yecsTZ8/m/iiqFVOM9BwAJ https://lore.kernel.org/linux-iommu/ZDabT%2FuRl%2FjxFhm0%40ip-172-31-85-199.ec2.internal/T https://security.netapp.com/advisory/ntap-20230622-0006 • CWE-416: Use After Free •