Page 582 of 3012 results (0.019 seconds)

CVSS: 6.4EPSS: 0%CPEs: 11EXPL: 0

An issue was discovered in the Linux kernel through 6.0.9. drivers/char/xillybus/xillyusb.c has a race condition and use-after-free during physical removal of a USB device. Se descubrió un problema en el kernel de Linux hasta la versión 6.0.9. drivers/char/xillybus/xillyusb.c tiene una condición de carrera y uso después de la liberación durante la extracción física de un dispositivo USB. • https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=282a4b71816b6076029017a7bab3a9dcee12a920 https://lore.kernel.org/all/20221022175404.GA375335%40ubuntu https://security.netapp.com/advisory/ntap-20230113-0006 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •

CVSS: 7.0EPSS: 0%CPEs: 11EXPL: 0

An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_frontend.c has a race condition that can cause a use-after-free when a device is disconnected. Se descubrió un problema en el kernel de Linux hasta la versión 6.0.9. drivers/media/dvb-core/dvb_frontend.c tiene una condición de carrera que puede provocar un use-after-free cuando se desconecta un dispositivo. • https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6769a0b7ee0c3b31e1b22c3fadff2bfb642de23f https://lore.kernel.org/linux-media/20221115131822.6640-1-imv4bel%40gmail.com https://lore.kernel.org/linux-media/20221115131822.6640-2-imv4bel%40gmail.com https://security.netapp.com/advisory/ntap-20230113-0006 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •

CVSS: 4.7EPSS: 0%CPEs: 11EXPL: 0

An issue was discovered in the Linux kernel through 6.0.9. drivers/media/usb/ttusb-dec/ttusb_dec.c has a memory leak because of the lack of a dvb_frontend_detach call. Se descubrió un problema en el kernel de Linux hasta la versión 6.0.9. drivers/media/usb/ttusb-dec/ttusb_dec.c tiene una pérdida de memoria debido a la falta de una llamada dvb_frontend_detach. A memory leak issue was found in the Linux kernel media subsystem in the TTUSB DEC driver. It could occur in the ttusb_dec_exit_dvb() function because of the lack of a dvb_frontend_detach call. A local user could trigger this flaw by repeatedly plugging and unplugging the device, potentially causing a denial of service condition. • https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=517a281338322ff8293f988771c98aaa7205e457 https://lore.kernel.org/linux-media/20221115131822.6640-1-imv4bel%40gmail.com https://lore.kernel.org/linux-media/20221115131822.6640-5-imv4bel%40gmail.com https://security.netapp.com/advisory/ntap-20230113-0006 https://access.redhat.com/security/cve/CVE-2022-45887 https://bugzilla.redhat.com/show_bug.cgi?id=2148520 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-401: Missing Release of Memory after Effective Lifetime CWE-772: Missing Release of Resource after Effective Lifetime •

CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0

There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_connect and l2cap_le_connect_req functions which may allow code execution and leaking kernel memory (respectively) remotely via Bluetooth. A remote attacker could execute code leaking kernel memory via Bluetooth if within proximity of the victim. We recommend upgrading past commit  https://www.google.com/url https://github.com/torvalds/linux/commit/711f8c3fb3db61897080468586b970c87c61d9e4 https://www.google.com/url Existen vulnerabilidades de use-after-free en las funciones l2cap_connect y l2cap_le_connect_req del kernel de Linux net/bluetooth/l2cap_core.c que pueden permitir la ejecución de código y la pérdida de memoria del kernel (respectivamente) de forma remota a través de Bluetooth. Un atacante remoto podría ejecutar código que filtre la memoria del kernel a través de Bluetooth si se encuentra cerca de la víctima. Recomendamos actualizar al commit anterior https://github.com/torvalds/linux/commit/711f8c3fb3db61897080468586b970c87c61d9e4 A use-after-free flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol (L2CAP), part of the Bluetooth stack in the l2cap_connect and l2cap_le_connect_req functions. An attacker with physical access within the range of standard Bluetooth transmission could execute code leaking kernel memory via Bluetooth if within proximity of the victim. • https://github.com/torvalds/linux/commit/711f8c3fb3db61897080468586b970c87c61d9e4 https://kernel.dance/#711f8c3fb3db61897080468586b970c87c61d9e4 https://access.redhat.com/security/cve/CVE-2022-42896 https://bugzilla.redhat.com/show_bug.cgi?id=2147364 • CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 2

Use After Free vulnerability in Linux Kernel allows Privilege Escalation. An improper Update of Reference Count in io_uring leads to Use-After-Free and Local Privilege Escalation. When io_msg_ring was invoked with a fixed file, it called io_fput_file() which improperly decreased its reference count (leading to Use-After-Free and Local Privilege Escalation). Fixed files are permanently registered to the ring, and should not be put separately. We recommend upgrading past commit https://github.com/torvalds/linux/commit/fc7222c3a9f56271fba02aabbfbae999042f1679 https://github.com/torvalds/linux/commit/fc7222c3a9f56271fba02aabbfbae999042f1679 La vulnerabilidad de Use After Free en el kernel de Linux permite la escalada de privilegios. Una actualización incorrecta del recuento de referencias en io_uring conduce a un use-after-free y escalada de privilegios locales. Cuando se invocó io_msg_ring con un archivo fijo, llamó a io_fput_file(), lo que disminuyó incorrectamente su recuento de referencias (lo que llevó a Use-After-Free y Escalada de privilegios locales). • https://github.com/veritas501/CVE-2022-3910 https://github.com/TLD1027/CVE-2022-3910 https://github.com/torvalds/linux/commit/fc7222c3a9f56271fba02aabbfbae999042f1679 https://kernel.dance/#fc7222c3a9f56271fba02aabbfbae999042f1679 • CWE-416: Use After Free •