Page 646 of 3446 results (0.028 seconds)

CVSS: 9.6EPSS: 0%CPEs: 3EXPL: 0

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. There is an out-of-bounds read and OOPS for SMB2_WRITE, when there is a large length in the zero DataOffset case. Se descubrió un problema en ksmbd en el kernel de Linux 5.15 a 5.19 anterior a 5.19.2. Hay una lectura fuera de los límites y OOPS para SMB2_WRITE, cuando hay una longitud grande en el caso de DataOffset cero. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Linux Kernel. • http://www.openwall.com/lists/oss-security/2022/12/23/10 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.19.2 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ac60778b87e45576d7bfdbd6f53df902654e6f09 https://github.com/torvalds/linux/commit/ac60778b87e45576d7bfdbd6f53df902654e6f09 https://security.netapp.com/advisory/ntap-20230216-0006 https://www.zerodayinitiative.com/advisories/ZDI-22-1691 • CWE-125: Out-of-bounds Read •

CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.18 before 5.18.18. fs/ksmbd/smb2pdu.c lacks length validation in the non-padding case in smb2_write. • http://www.openwall.com/lists/oss-security/2022/12/23/10 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.18.18 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=158a66b245739e15858de42c0ba60fcf3de9b8e6 https://github.com/torvalds/linux/commit/158a66b245739e15858de42c0ba60fcf3de9b8e6 • CWE-125: Out-of-bounds Read •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2pdu.c omits a kfree call in certain smb2_handle_negotiate error conditions, aka a memory leak. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Linux Kernel. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of SMB2_NEGOTIATE commands. The issue results from the lack of memory release after its effective lifetime. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. • http://www.openwall.com/lists/oss-security/2022/12/23/10 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.19.2 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=aa7253c2393f6dcd6a1468b0792f6da76edad917 https://github.com/torvalds/linux/commit/aa7253c2393f6dcd6a1468b0792f6da76edad917 https://www.zerodayinitiative.com/advisories/ZDI-22-1687 • CWE-401: Missing Release of Memory after Effective Lifetime •

CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. There is a heap-based buffer overflow in set_ntacl_dacl, related to use of SMB2_QUERY_INFO_HE after a malformed SMB2_SET_INFO_HE command. Se descubrió un problema en ksmbd en el kernel de Linux 5.15 a 5.19 anterior a 5.19.2. Hay un desbordamiento de búfer en la región Heap de la memoria en set_ntacl_dacl, relacionado con el uso de SMB2_QUERY_INFO_HE después de un comando SMB2_SET_INFO_HE con formato incorrecto. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Kernel. • http://www.openwall.com/lists/oss-security/2022/12/23/10 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.19.2 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8f0541186e9ad1b62accc9519cc2b7a7240272a7 https://github.com/torvalds/linux/commit/8f0541186e9ad1b62accc9519cc2b7a7240272a7 https://www.zerodayinitiative.com/advisories/ZDI-22-1688 • CWE-787: Out-of-bounds Write •

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0

A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system. Se encontró un fallo en el control de acceso incorrecto en el subsistema central USB del kernel de Linux en la forma en que el usuario conecta el dispositivo USB. Un usuario local podría utilizar este fallo para bloquear el sistema. An incorrect access control flaw was found in the Linux kernel USB core subsystem. • https://lore.kernel.org/all/20220913140355.910732567%40linuxfoundation.org https://lore.kernel.org/all/CAB7eexLLApHJwZfMQ=X-PtRhw0BgO+5KcSMS05FNUYejJXqtSA%40mail.gmail.com https://access.redhat.com/security/cve/CVE-2022-4662 https://bugzilla.redhat.com/show_bug.cgi?id=2155788 • CWE-455: Non-exit on Failed Initialization •