Page 719 of 4513 results (0.012 seconds)

CVSS: 7.8EPSS: 0%CPEs: 24EXPL: 2

An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation. Se descubrió un problema en fl_set_geneve_opt en net/sched/cls_flower.c en el kernel de Linux antes de 6.3.7. Permite una escritura fuera de los límites en el código flower classifier a través de paquetes TCA_FLOWER_KEY_ENC_OPTS_GENEVE. • http://packetstormsecurity.com/files/174577/Kernel-Live-Patch-Security-Notice-LSN-0097-1.html http://www.openwall.com/lists/oss-security/2023/06/17/1 https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.7 https://git.kernel.org/linus/4d56304e5827c8cc8cc18c75343d283af7c4825c https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html https://security.netapp.com/advisory/ntap-20230714-0002 https://www.debian& • CWE-787: Out-of-bounds Write •

CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0

An out of bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. This flaw could allow a local attacker to crash the system or leak kernel internal information. An out-of-bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. This flaw allows a local attacker to crash the system or leak kernel internal information. • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.2 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=43ec16f1450f4936025a9bdf1a273affdb9732c1 https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html https://lore.kernel.org/lkml/1682238502-1892-1-git-send-email-yangpc%40wangsu.com/T https://security.netapp.com/advisory/ntap-20230824-0006 https://www.debian.org/security/ • CWE-125: Out-of-bounds Read •

CVSS: 6.7EPSS: 0%CPEs: 7EXPL: 0

A use after free issue was discovered in driver/firewire in outbound_phy_packet_callback in the Linux Kernel. In this flaw a local attacker with special privilege may cause a use after free problem when queue_event() fails. • https://github.com/torvalds/linux/commit/b7c81f80246fac44077166f3e07103affe6db8ff • CWE-416: Use After Free •

CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0

A flaw was found in the Framebuffer Console (fbcon) in the Linux Kernel. When providing font->width and font->height greater than 32 to fbcon_set_font, since there are no checks in place, a shift-out-of-bounds occurs leading to undefined behavior and possible denial of service. A flaw was found in the Framebuffer Console (fbcon) in the Linux Kernel. When providing a font->width and font->height greater than 32 to the fbcon_set_font, since there are no checks in place, a shift-out-of-bounds occurs, leading to undefined behavior and possible denial of service. • https://bugzilla.redhat.com/show_bug.cgi?id=2213485 https://github.com/torvalds/linux/commit/2b09d5d364986f724f17001ccfe4126b9b43a0be https://access.redhat.com/security/cve/CVE-2023-3161 • CWE-682: Incorrect Calculation CWE-1335: Incorrect Bitwise Shift of Integer •

CVSS: 7.1EPSS: 0%CPEs: 13EXPL: 0

A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak. A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This issue may allow a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak. • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.4 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=63264422785021704c39b38f65a78ab9e4a186d7 https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html https://lore.kernel.org/lkml/CAPDyKFoV9aZObZ5GBm0U_-UVeVkBN_rAG-kH3BKoP4EXdYM4bw%40mail.gmail.com/t https://security.netapp.com/advisory/ntap-20230706-0004 https://access.redhat.com • CWE-416: Use After Free •