Page 725 of 4182 results (0.020 seconds)

CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 1

A local privilege escalation was discovered in the Linux kernel before 5.10.13. Multiple race conditions in the AF_VSOCK implementation are caused by wrong locking in net/vmw_vsock/af_vsock.c. The race conditions were implicitly introduced in the commits that added VSOCK multi-transport support. Se detectó una escalada de privilegios local en el kernel de Linux versiones anteriores a 5.10.13. Múltiples condiciones de carrera en la implementación de AF_VSOCK son causadas mediante un bloqueo incorrecto en el archivo net/vmw_vsock / af_vsock.c. • https://github.com/azpema/CVE-2021-26708 http://www.openwall.com/lists/oss-security/2021/02/05/6 http://www.openwall.com/lists/oss-security/2021/04/09/2 http://www.openwall.com/lists/oss-security/2022/01/25/14 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.13 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c518adafa39f37858697ac9309c6cf1805581446 https://security.netapp.com/advisory/ntap-20210312-0008 https://www.openwall • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-667: Improper Locking •

CVSS: 7.0EPSS: 0%CPEs: 2EXPL: 0

nbd_add_socket in drivers/block/nbd.c in the Linux kernel through 5.10.12 has an ndb_queue_rq use-after-free that could be triggered by local attackers (with access to the nbd device) via an I/O request at a certain point during device setup, aka CID-b98e762e3d71. En la función nbd_add_socket en el archivo drivers/block/nbd.c en el kernel de Linux versiones hasta 5.10.12, presenta un uso de la memoria previamente liberada de ndb_queue_rq que podría ser desencadenado por atacantes locales (con acceso al dispositivo nbd) por medio de una petición de E/S en un punto determinado durante la configuración del dispositivo, también se conoce como CID-b98e762e3d71 A use after free flaw in the Linux kernel network block device (NBD) subsystem was found in the way user calls an ioctl NBD_SET_SOCK at a certain point during device setup. • http://www.openwall.com/lists/oss-security/2021/02/01/1 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b98e762e3d71e893b221f871825dc64694cfb258 https://lists.debian.org/debian-lts-announce/2021/03/msg00035.html https://www.openwall.com/lists/oss-security/2021/01/28/3 https://access.redhat.com/security/cve/CVE-2021-3348 https://bugzilla.redhat.com/show_bug.cgi?id=1921958 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1

An issue was discovered in the Linux kernel through 5.10.11. PI futexes have a kernel stack use-after-free during fault handling, allowing local users to execute code in the kernel, aka CID-34b1a1ce1458. Se detectó un problema en el kernel de Linux versiones hasta 5.10.11. Los futexes de PI presentan un uso de la memoria previamente liberada de la pila del kernel durante el manejo de fallos, permitiendo a usuarios locales ejecutar código en el kernel, también se conoce como CID-34b1a1ce1458 A flaw was found in the Linux kernel. A use-after-free memory flaw in the Fast Userspace Mutexes functionality allowing a local user to crash the system or escalate their privileges on the system. • http://www.openwall.com/lists/oss-security/2021/01/29/4 http://www.openwall.com/lists/oss-security/2021/01/29/5 http://www.openwall.com/lists/oss-security/2021/02/01/4 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=04b79c55201f02ffd675e1231d731365e335c307 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=12bb3f7f1b03d5913b3f9d4236a488aa7774dfe9 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/ • CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 2

A vulnerability was found in the Linux Kernel where the function sunkbd_reinit having been scheduled by sunkbd_interrupt before sunkbd being freed. Though the dangling pointer is set to NULL in sunkbd_disconnect, there is still an alias in sunkbd_reinit causing Use After Free. Se encontró una vulnerabilidad en el Kernel de Linux donde la función sunkbd_reinit habiendo sido programada por la función sunkbd_interrupt antes de que sunkbd fuera liberada. Aunque el puntero colgante está establecido en NULL en la función sunkbd_disconnect, todavía se presenta un alias en sunkbd_reinit causando un Uso de la Memoria Previamente Liberada • http://www.openwall.com/lists/oss-security/2020/11/05/2 http://www.openwall.com/lists/oss-security/2020/11/20/5 https://github.com/torvalds/linux/commit/77e70d351db7de07a46ac49b87a6c3c7a60fca7e https://lists.debian.org/debian-lts-announce/2020/12/msg00015.html https://lists.debian.org/debian-lts-announce/2020/12/msg00027.html https://security.netapp.com/advisory/ntap-20210702-0006 https://www.openwall.com/lists/oss-security/2020/11/05/2%2C https://www.openwall.com/lists/oss- • CWE-416: Use After Free •

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0

fs/nfsd/nfs3xdr.c in the Linux kernel through 5.10.8, when there is an NFS export of a subdirectory of a filesystem, allows remote attackers to traverse to other parts of the filesystem via READDIRPLUS. NOTE: some parties argue that such a subdirectory export is not intended to prevent this attack; see also the exports(5) no_subtree_check default behavior ** EN DISPUTA ** en el archivo fs/nfsd/nfs3xdr.c en el kernel de Linux versiones hasta 5.10.8, cuando se presenta una exportación NFS de un subdirectorio de un sistema de archivos, permite a atacantes remotos saltar otras partes del sistema de archivos por medio de READDIRPLUS. NOTA: algunas terceros argumentan que tal exportación de subdirectorios no intenta impedir este ataque; véase también el comportamiento predeterminado de no_subtree_check de exports(5) • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=51b2ee7d006a736a9126e8111d1f24e4fd0afaa6 https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5SGB7TNDVQEOJ7NVTGX56UWHDNQM5TRC https://patchwork.kernel.org/project/linux-nfs/patch/20210111210129.GA11652%40fieldses.org • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •