Page 702 of 3730 results (0.016 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

In the Linux kernel before 4.17, hns_roce_alloc_ucontext in drivers/infiniband/hw/hns/hns_roce_main.c does not initialize the resp data structure, which might allow attackers to obtain sensitive information from kernel stack memory, aka CID-df7e40425813. En el kernel de Linux versiones anteriores a 4.17, la función hns_roce_alloc_ucontext en el archivo drivers/infiniband/hw/hns/hns_roce_main.c no inicializa la estructura de datos resp, lo que podría permitir a atacantes obtener información confidencial de la memoria de la pila del kernel, también se conoce como CID-df7e40425813. • https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=df7e40425813c50cd252e6f5e348a81ef1acae56 https://github.com/torvalds/linux/commit/df7e40425813c50cd252e6f5e348a81ef1acae56 • CWE-665: Improper Initialization •

CVSS: 9.8EPSS: 1%CPEs: 13EXPL: 1

An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not check the length of variable elements in a beacon head, leading to a buffer overflow. Se detectó un problema en el archivo net/wireless/nl80211.c en el kernel de Linux versiones hasta 5.2.17. No comprueba la longitud de los elementos variables en un beacon head, lo que provoca un desbordamiento del búfer. A flaw in the Linux kernel's WiFi beacon validation code was discovered. • https://github.com/uthrasri/CVE-2019-16746 http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00009.html http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorap • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 0

In the Linux kernel before 5.2.14, rds6_inc_info_copy in net/rds/recv.c allows attackers to obtain sensitive information from kernel stack memory because tos and flags fields are not initialized. En el kernel de Linux versiones anteriores a 5.2.14, la función rds6_inc_info_copy en el archivo net/rds/recv.c permite a atacantes obtener información confidencial de la memoria de la pila del kernel porque los campos tos y flags no están inicializados. • http://www.openwall.com/lists/oss-security/2019/09/24/2 http://www.openwall.com/lists/oss-security/2019/09/25/1 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.14 https://github.com/torvalds/linux/commit/7d0a06586b2686ba80c4a2da5f91cb10ffbea736 https://security.netapp.com/advisory/ntap-20191031-0005 https://support.f5.com/csp/article/K48351130?utm_source=f5support&amp%3Butm_medium=RSS https://usn.ubuntu.com/4157-1 https://usn.ubuntu.com/4157-2 • CWE-909: Missing Initialization of Resource •

CVSS: 7.8EPSS: 0%CPEs: 68EXPL: 3

There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code. Se presenta un desbordamiento de búfer en la región heap de la memoria en el kernel de Linux, todas las versiones hasta 5.3 (excluyéndola), en el controlador de chip wifi marvell en el kernel de Linux, que permite a usuarios locales causar una denegación de servicio (bloqueo del sistema) o posiblemente ejecutar código arbitrario. A flaw was found in the Linux kernel’s implementation of the Marvell wifi driver, which can allow a local user who has CAP_NET_ADMIN or administrative privileges to possibly cause a Denial Of Service (DOS) by corrupting memory and possible code execution. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html http://www.openwall.com/lists/oss-security/2019/08/28/1 https://access.redhat.com/errata/RHSA-2020:0174 https://access.redhat.com/errata/RHSA-2020:0328&# • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 8.0EPSS: 0%CPEs: 88EXPL: 3

There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code. Se presenta un desbordamiento del búfer en la región heap de la memoria en el kernel, todas las versiones hasta 5.3 (excluyéndola), en el controlador de chip wifi marvell en el kernel de Linux, que permite a usuarios locales causar una denegación de servicio (bloqueo del sistema) o posiblemente ejecutar código arbitrario. A vulnerability was found in the Linux kernel's Marvell WiFi chip driver. Where, while parsing vendor-specific informational attributes, an attacker on the same WiFi physical network segment could cause a system crash, resulting in a denial of service, or potentially execute arbitrary code. This flaw affects the network interface at the most basic level meaning the attacker only needs to affiliate with the same network device as the vulnerable system to create an attack path. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html http://www.openwall.com/lists/oss-security/2019/08/28/1 https://access.redhat.com/errata/RHSA-2020:0174 https://access.redhat.com/errata/RHSA-2020:0204&# • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •