Page 779 of 4589 results (0.019 seconds)

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

A use after free flaw was found in hfsplus_put_super in fs/hfsplus/super.c in the Linux Kernel. This flaw could allow a local user to cause a denial of service problem. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=07db5e247ab5858439b14dd7cc1fe538b9efcf32 • CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 2

A flaw was found in the fixed buffer registration code for io_uring (io_sqe_buffer_register in io_uring/rsrc.c) in the Linux kernel that allows out-of-bounds access to physical memory beyond the end of the buffer. This flaw enables full local privilege escalation. Se encontró una falla en el código de registro de búfer fijo para io_uring (io_sqe_buffer_register en io_uring/rsrc.c) en el kernel de Linux que permite el acceso fuera de los límites a la memoria física más allá del final del búfer. Esta falla permite la escalada completa de privilegios locales. • https://github.com/ysanatomic/io_uring_LPE-CVE-2023-2598 https://github.com/cainiao159357/CVE-2023-2598 http://www.openwall.com/lists/oss-security/2024/04/24/3 https://security.netapp.com/advisory/ntap-20230703-0006 https://www.openwall.com/lists/oss-security/2023/05/08/3 • CWE-416: Use After Free CWE-787: Out-of-bounds Write •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

A known cache speculation vulnerability, known as Branch History Injection (BHI) or Spectre-BHB, becomes actual again for the new hw AmpereOne. Spectre-BHB is similar to Spectre v2, except that malicious code uses the shared branch history (stored in the CPU Branch History Buffer, or BHB) to influence mispredicted branches within the victim's hardware context. Once that occurs, speculation caused by the mispredicted branches can cause cache allocation. This issue leads to obtaining information that should not be accessible. A known cache speculation vulnerability, the Branch History Injection (BHI) or Spectre-BHB, was found in new hw (that are cores Cortex: A57, A72, A76, A77, A78, A78AE, A78C, A710, X1, X2; Neoverse: N1, N2, V1; Ampere1). • https://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git/commit/?id=0e5d5ae837c8 https://access.redhat.com/security/cve/CVE-2023-3006 https://bugzilla.redhat.com/show_bug.cgi?id=2141026 • CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer CWE-226: Sensitive Information in Resource Not Removed Before Reuse •

CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0

An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4_group_desc_csum does not properly check an offset. NOTE: this is disputed by third parties because the kernel is not intended to defend against attackers with the stated "When modifying the block device while it is mounted by the filesystem" access. Se ha descubierto un problema en el kernel de Linux en las versiones anteriores a 6.3.3. Hay una lectura fuera de límites en crc16 en "lib/crc16.c" cuando se llama dese "fs/ext4/super.c" porque "ext4_group_desc_csum" no comprueba correctamente un desplazamiento. • https://bugzilla.suse.com/show_bug.cgi?id=1211895 https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.3 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4f04351888a83e595571de672e0a4a8b74f4fb31 https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html https://syzkaller.appspot.com/bug?extid=8785e41224a3afd04321 • CWE-125: Out-of-bounds Read •

CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 1

An issue was discovered in the Linux kernel before 6.2. The ntfs3 subsystem does not properly check for correctness during disk reads, leading to an out-of-bounds read in ntfs_set_ea in fs/ntfs3/xattr.c. Se ha descubierto un problema en el kernel de Linux en las versiones anteriores a v6.2. El subsistema "ntfs3" no comprueba correctamente la corrección durante las lecturas de disco, lo que provoca una lectura fuera de los límites en "ntfs_set_ea" en "fs/ntfs3/xattr.c". • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.2 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0e8235d28f3a0e9eda9f02ff67ee566d5f42b66b https://security.netapp.com/advisory/ntap-20230703-0004 https://syzkaller.appspot.com/bug?extid=8778f030156c6cd16d72 • CWE-125: Out-of-bounds Read •