Page 556 of 5146 results (0.026 seconds)

CVSS: 7.0EPSS: 0%CPEs: 31EXPL: 3

An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. It is exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 access, but only if the driver happens to be loaded. There are multiple race conditions during streaming stopping in this driver (part of the V4L2 subsystem). These issues are caused by wrong mutex locking in vivid_stop_generating_vid_cap(), vivid_stop_generating_vid_out(), sdr_cap_stop_streaming(), and the corresponding kthreads. At least one of these race conditions leads to a use-after-free. • https://github.com/sanjana123-cloud/CVE-2019-18683 http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html http://www.openwall.com/lists/oss-security/2019/11/05/1 https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html https://lore.kernel.org/lkml/20191103221719.27118-1-alex.popov%40linux.com https://seclists.org/bugtraq/2020/Jan/10 https://security.net • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2

An issue was discovered in the Linux kernel 4.4.x before 4.4.195. There is a NULL pointer dereference in rds_tcp_kill_sock() in net/rds/tcp.c that will cause denial of service, aka CID-91573ae4aed0. Se detectó un problema en el kernel de Linux versiones 4.4.x anteriores a 4.4.195. Se presenta una desreferencia del puntero NULL en la función rds_tcp_kill_sock() en el archivo net/rds/tcp.c que causará una denegación de servicio, también se conoce como CID-91573ae4aed0. • https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.195 https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=91573ae4aed0a49660abdad4d42f2a0db995ee5e https://github.com/torvalds/linux/commit/91573ae4aed0a49660abdad4d42f2a0db995ee5e https://lkml.org/lkml/2019/9/18/337 https://security.netapp.com/advisory/ntap-20191205-0001 • CWE-476: NULL Pointer Dereference •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

ovirt-engine 3.2 running on Linux kernel 3.1 and newer creates certain files world-writeable due to an upstream kernel change which impacted how python's os.chmod() works when passed a mode of '-1'. ovirt-engine versión 3.2, ejecutado sobre el kernel de Linux versiones 3.1 y posteriores, crea determinados archivos de tipo world-writeable debido a un cambio de kernel ascendente que impactó cómo opera la función os.chmod() de python cuando pasó a un modo de "-1". • https://access.redhat.com/security/cve/cve-2013-4367 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4367 • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 7.8EPSS: 0%CPEs: 40EXPL: 0

A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver. Se encontró una vulnerabilidad en Linux Kernel, donde se encontró un desbordamiento de pila en la función mwifiex_set_wmm_params () del controlador Marvell Wifi. A vulnerability found in the Linux kernel's WMM implementation for Marvell WiFi-based hardware (mwifiex) could lead to a denial of service or allow arbitrary code execution. For this flaw to be executed, the attacker must be both local and privileged. There is no mitigation to this flaw. • https://access.redhat.com/errata/RHSA-2020:0174 https://access.redhat.com/errata/RHSA-2020:0328 https://access.redhat.com/errata/RHSA-2020:0339 https://access.redhat.com/security/cve/cve-2019-14815 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14815 https://github.com/torvalds/linux/commit/7caac62ed598a196d6ddf8d9c121e12e082cac3a https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html https://lore.kernel.org/linux-wireless/20190828020751.13625-1-huangwenabc%40gmail.com https:&# • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 0%CPEs: 13EXPL: 1

rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow. En la función rtl_p2p_noa_ie en el archivo drivers/net/wireless/realtek/rtlwifi/ps.c en el kernel de Linux versiones hasta 5.3.6, carece de una cierta comprobación de límite superior, lo que conlleva a un desbordamiento del búfer. A flaw was found in the Linux kernel's implementation of the RealTek wireless drivers WiFi-direct (or WiFi peer-to-peer) driver implementation. When the RealTek wireless networking hardware is configured to accept WiFi-Direct or WiFi P2P connections, an attacker within the wireless network connectivity radio range can exploit a flaw in the WiFi-direct protocol known as "Notice of Absence" by creating specially crafted frames which can then corrupt kernel memory as the upper bounds on the length of the frame is unchecked and supplied by the incoming packet. • https://github.com/uthrasri/CVE-2019-17666 http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00064.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00010.html https://access.redhat.com/errata/RHSA-2020:0328 https://access.redhat.com/errata/RHSA-2020:0339 https://access.redhat.com/errata/RHSA-2020:0543 https://access.redhat.com/errata/RHSA-2020:0661 https://access.redhat.com/errata/RHSA-2020:0740 https://arstechnica.com/information-technology/2019/10&# • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •