Page 629 of 3590 results (0.017 seconds)

CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. There is a heap-based buffer overflow in set_ntacl_dacl, related to use of SMB2_QUERY_INFO_HE after a malformed SMB2_SET_INFO_HE command. Se descubrió un problema en ksmbd en el kernel de Linux 5.15 a 5.19 anterior a 5.19.2. Hay un desbordamiento de búfer en la región Heap de la memoria en set_ntacl_dacl, relacionado con el uso de SMB2_QUERY_INFO_HE después de un comando SMB2_SET_INFO_HE con formato incorrecto. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Kernel. • http://www.openwall.com/lists/oss-security/2022/12/23/10 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.19.2 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8f0541186e9ad1b62accc9519cc2b7a7240272a7 https://github.com/torvalds/linux/commit/8f0541186e9ad1b62accc9519cc2b7a7240272a7 https://www.zerodayinitiative.com/advisories/ZDI-22-1688 • CWE-787: Out-of-bounds Write •

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0

A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system. Se encontró un fallo en el control de acceso incorrecto en el subsistema central USB del kernel de Linux en la forma en que el usuario conecta el dispositivo USB. Un usuario local podría utilizar este fallo para bloquear el sistema. An incorrect access control flaw was found in the Linux kernel USB core subsystem. • https://lore.kernel.org/all/20220913140355.910732567%40linuxfoundation.org https://lore.kernel.org/all/CAB7eexLLApHJwZfMQ=X-PtRhw0BgO+5KcSMS05FNUYejJXqtSA%40mail.gmail.com https://access.redhat.com/security/cve/CVE-2022-4662 https://bugzilla.redhat.com/show_bug.cgi?id=2155788 • CWE-455: Non-exit on Failed Initialization •

CVSS: 10.0EPSS: 1%CPEs: 3EXPL: 0

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2pdu.c has a use-after-free and OOPS for SMB2_TREE_DISCONNECT. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Kernel. Authentication is not required to exploit this vulnerability, but only systems with ksmbd enabled are vulnerable. The specific flaw exists within the processing of SMB2_TREE_DISCONNECT commands. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the kernel. • http://www.openwall.com/lists/oss-security/2022/12/23/10 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.19.2 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cf6531d98190fa2cf92a6d8bbc8af0a4740a223c https://github.com/torvalds/linux/commit/cf6531d98190fa2cf92a6d8bbc8af0a4740a223c https://www.secpod.com/blog/zero-day-server-message-block-smb-server-in-linux-kernel-5-15-has-a-critical-vulnerability-patch-ksmbd-immediately https://www.zerodayinitiative.com/advisories/ZDI- • CWE-416: Use After Free •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2misc.c has an out-of-bounds read and OOPS for SMB2_TREE_CONNECT. Se descubrió un problema en ksmbd en el kernel de Linux 5.15 a 5.19 anterior a 5.19.2. fs/ksmbd/smb2misc.c tiene una lectura fuera de los límites y OOPS para SMB2_TREE_CONNECT. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Linux Kernel. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of SMB2_TREE_CONNECT commands. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. • http://www.openwall.com/lists/oss-security/2022/12/23/10 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.19.2 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=824d4f64c20093275f72fc8101394d75ff6a249e https://github.com/torvalds/linux/commit/824d4f64c20093275f72fc8101394d75ff6a249e https://www.zerodayinitiative.com/advisories/ZDI-22-1689 • CWE-125: Out-of-bounds Read •

CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0

An issue was discovered in the Linux kernel before 6.0.11. Missing validation of IEEE80211_P2P_ATTR_OPER_CHANNEL in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger an out-of-bounds write when parsing the channel list attribute from Wi-Fi management frames. Se descubrió un problema en el kernel de Linux anterior a 6.0.11. La falta de validación de IEEE80211_P2P_ATTR_OPER_CHANNEL en drivers/net/wireless/microchip/wilc1000/cfg80211.c en el controlador inalámbrico WILC1000 puede desencadenar una escritura fuera de los límites al analizar el atributo de lista de canales de los marcos de administración de Wi-Fi. • https://github.com/torvalds/linux/commit/051ae669e4505abbe05165bebf6be7922de11f41 https://lists.debian.org/debian-lts-announce/2022/12/msg00031.html https://lore.kernel.org/r/20221123153543.8568-3-philipturnbull%40github.com https://security.netapp.com/advisory/ntap-20230113-0007 • CWE-787: Out-of-bounds Write •