Page 609 of 3385 results (0.026 seconds)

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

rpmsg_probe in drivers/rpmsg/virtio_rpmsg_bus.c in the Linux kernel before 5.18.4 has a double free. La función rpmsg_probe en el archivo drivers/rpmsg/virtio_rpmsg_bus.c en el kernel de Linux versiones anteriores a 5.18.4, presenta una doble liberación • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.18.4 https://github.com/torvalds/linux/commit/c2eecefec5df1306eafce28ccdf1ca159a552ecc • CWE-415: Double Free •

CVSS: 7.4EPSS: 0%CPEs: 14EXPL: 0

A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged user to gain root privileges. The bug allows to build several exploit primitives such as kernel address information leak, arbitrary execution, etc. Se ha encontrado una condición de carrera en el kernel de Linux en la función perf_event_open() que puede ser explotada por un usuario no privilegiado para conseguir privilegios de root. El bug permite construir varias primitivas de explotación como un filtrado de información de direcciones del kernel, una ejecución arbitraria, etc A use-after-free flaw was found in the Linux kernel’s performance events functionality. A user triggers a race condition in setting up performance monitoring between the leading PERF_TYPE_TRACEPOINT and sub PERF_EVENT_HARDWARE plus the PERF_EVENT_SOFTWARE using the perf_event_open() function with these three types. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3ac6487e584a1eb54071dbe1212e05b884136704 https://security.netapp.com/advisory/ntap-20230214-0006 https://www.openwall.com/lists/oss-security/2022/05/20/2 https://access.redhat.com/security/cve/CVE-2022-1729 https://bugzilla.redhat.com/show_bug.cgi?id=2086753 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-366: Race Condition within a Thread •

CVSS: 3.3EPSS: 0%CPEs: 3EXPL: 1

drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function. El archivo drivers/block/floppy.c en el kernel de Linux versiones anteriores a 5.17.6, es vulnerable a una denegación de servicio, debido a un fallo de uso de concurrencia después de la asignación de raw_cmd en la función raw_cmd_ioctl • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17.6 https://exchange.xforce.ibmcloud.com/vulnerabilities/225362 https://github.com/torvalds/linux/commit/233087ca063686964a53c829d547c7571e3f67bf https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html https://seclists.org/oss-sec/2022/q2/66 https://www.debian.org/security/2022/dsa-5173 • CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1

An issue was discovered in the Linux kernel through 5.18.3 on powerpc 32-bit platforms. There is a buffer overflow in ptrace PEEKUSER and POKEUSER (aka PEEKUSR and POKEUSR) when accessing floating point registers. Se ha detectado un problema en el kernel de Linux versiones hasta 5.18.3, en plataformas powerpc de 32 bits. Se presenta un desbordamiento de búfer en ptrace PEEKUSER y POKEUSER (también conocidos como PEEKUSR y POKEUSR) cuando es accedido a los registros de punto flotante • http://www.openwall.com/lists/oss-security/2022/06/14/3 https://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux.git/commit/?id=8e1278444446fc97778a5e5c99bca1ce0bbc5ec9 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0

A use after free in the Linux kernel File System notify functionality was found in the way user triggers copy_info_records_to_user() call to fail in copy_event_to_user(). A local user could use this flaw to crash the system or potentially escalate their privileges on the system. Se ha encontrado un uso de memoria previamente liberada en la funcionalidad de notificación del sistema de archivos del kernel de Linux en la forma en que el usuario activa la llamada copy_info_records_to_user() para fallar en copy_event_to_user(). Un usuario local podría usar este fallo para bloquear el sistema o potencialmente escalar sus privilegios en el sistema A use-after-free flaw was found in the Linux kernel’s File System notify functionality in the way a user triggers the copy_info_records_to_user() function call to fail in copy_event_to_user(). This flaw allows a local user to crash or potentially escalate their privileges on the system. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/notify/fanotify/fanotify_user.c?h=v5.17&id=ee12595147ac1fbfb5bcb23837e26dd58d94b15d https://seclists.org/oss-sec/2022/q1/99 https://security.netapp.com/advisory/ntap-20220707-0009 https://access.redhat.com/security/cve/CVE-2022-1998 https://bugzilla.redhat.com/show_bug.cgi?id=2052312 • CWE-416: Use After Free •