Latest Linux Vulnerabilities

create_empty_lvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through 6.7.4 can attempt to allocate zero bytes, and crash, because of a missing check for ubi->leb_size.
Linux Linux kernel<=6.7.4
A memory leak flaw was found in the UBI driver in drivers/mtd/ubi/attach.c in the Linux kernel through 6.7.4 for UBI_IOCATT, because kobj->name is not released.
Linux Linux kernel<=6.7.4
dm_table_create in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to (in alloc_targets) allocate more than INT_MAX bytes, and crash, because of a missing check for struct dm_ioctl...
Linux Linux kernel<5.10.210
Linux Linux kernel>=5.11.0<5.15.149
Linux Linux kernel>=5.16.0<6.1.79
Linux Linux kernel>=6.2.0<6.6.18
Linux Linux kernel>=6.7.0<6.7.6
Fedoraproject Fedora=38
and 1 more
Improper validation of update packages
Snowsoftware Snow Inventory Agent<6.7.2
Snowsoftware Snow Inventory Agent>=6.14.0<6.14.5
Snowsoftware Snow Inventory Agent=6.12.0
Apple macOS
Linux Linux kernel
Microsoft Windows
Race condition vulnerability in Linux kernel media/dvb-core in dvbdmx_write()
Linux Linux kernel<=2.6.11
Linux Linux kernel>=6.0<=6.7.2
Linux Linux kernel=2.6.12-rc1
Linux Linux kernel=6.8-rc1
Race condition vulnerability in Linux kernel bluetooth in conn_info_{min,max}_age_set()
Linux Linux kernel<=3.19.8
Linux Linux kernel>=6.0<=6.7.2
Linux Linux kernel=6.8-rc1
Race condition vulnerability in Linux kernel net/bluetooth in {conn,adv}_{min,max}_interval_set()
Linux Linux kernel<=3.19.8
Linux Linux kernel>=6.0<=6.7.2
Linux Linux kernel=6.8-rc1
Race condition vulnerability in Linux kernel bluetooth sniff_{min,max}_interval_set()
Linux Linux kernel<=3.19.8
Linux Linux kernel>=6.0<=6.7.2
Linux Linux kernel=6.8-rc1
Race condition vulnerability in Linux kernel bluetooth driver in {min,max}_key_size_set()
Linux Linux kernel<=5.5.19
Linux Linux kernel>=6.0<=6.7.2
Race condition vulnerability in Linux kernel media/xc4000 xc4000_get_frequency()
Linux Linux kernel<=3.0.101
Linux Linux kernel>=6.0<=6.7.2
Linux Linux kernel=3.1-rc1
Linux Linux kernel=6.8-rc1
Race condition vulnerability in Linux kernel scsi device driver lpfc_unregister_fcf_rescan()
Linux Linux kernel<=2.6.33.20
Linux Linux kernel>=6.0<=6.4.16
Linux Linux kernel=2.6.34-rc1
Linux Linux kernel=6.5-rc1
Race condition vulnerability in Linux kernel sound/hda snd_hdac_regmap_sync
Linux Linux kernel<=5.5.19
Linux Linux kernel>=6.0<=6.4.16
Race condition vulnerability in Linux kernel drm/exynos exynos_drm_crtc_atomic_disable
Linux Linux kernel<=4.10.17
Linux Linux kernel>=6.0<=6.5.13
Use-after-free in Linux kernel's netfilter: nf_tables component
Linux Linux kernel>=3.15<6.1.76
Linux Linux kernel>=6.2<6.6.15
Linux Linux kernel>=6.7<6.7.3
Linux Linux kernel=6.8-rc1
redhat/kernel<6.8
Use-after-free in Linux kernel's netfilter: nf_tables component
Linux Linux kernel>=5.13<5.15.148
Linux Linux kernel>=5.16<6.1.75
Linux Linux kernel>=6.2<6.6.14
Linux Linux kernel>=6.7<6.7.2
redhat/kernel<6.8
Possible UAF in bt_accept_poll in Linux kernel
Linux Linux kernel>=2.6.12.1<6.8
Linux Linux kernel=2.6.12-rc2
Linux Linux kernel=2.6.12-rc3
Linux Linux kernel=2.6.12-rc4
Linux Linux kernel=2.6.12-rc5
Linux Linux kernel=2.6.12-rc6
XML External Entity (XXE) Processing
OpenText AppBuilder>=21.2<23.2
Linux Linux kernel
Microsoft Windows
Unauthenticated Access to AppBuilder Configuration Files
OpenText AppBuilder>=21.2<23.2
Linux Linux kernel
Microsoft Windows
Java Database Connectivity (JDBC) URL Manipulation
OpenText AppBuilder>=21.2<23.2
Linux Linux kernel
Microsoft Windows
Command Injection via Task Scheduler
OpenText AppBuilder>=21.2<23.2
Linux Linux kernel
Microsoft Windows
Unauthenticated Arbitrary File Read
OpenText AppBuilder>=21.2<23.2
Linux Linux kernel
Microsoft Windows
NULL pointer deference in rfcomm_check_security in Linux kernel
Linux Linux kernel=2.6.12-rc2
Integer overflow in raid5_cache_count in Linux kernel
Linux Linux kernel>=4.1<=6.7.2
In the Linux kernel before 6.5.9, there is a NULL pointer dereference in send_acknowledge in net/nfc/nci/spi.c.
Linux Linux kernel<6.5.9
debian/linux<=4.19.249-2
ubuntu/linux<5.4.0-171.189
ubuntu/linux<6.6~
ubuntu/linux-hwe<6.6~
ubuntu/linux-hwe-5.4<6.6~
and 68 more
copy_params in drivers/md/dm-ioctl.c in the Linux kernel through 6.7.1 can attempt to allocate more than INT_MAX bytes, and crash, because of a missing param_kernel->data_size check. This is related t...
Linux Linux kernel<=6.7.1
In the Linux kernel before 6.4.5, drivers/gpu/drm/drm_atomic.c has a use-after-free during a race condition between a nonblocking atomic commit and a driver unload.
Linux Linux kernel<6.4.5
redhat/Kernel<6.5
An issue was discovered in ksmbd in the Linux kernel before 6.6.10. smb2_get_data_area_len in fs/smb/server/smb2misc.c can cause an smb_strndup_from_utf16 out-of-bounds access because the relationship...
Linux Linux kernel<6.6.10
Linux Linux kernel=6.7-rc1
Linux Linux kernel=6.7-rc2
Linux Linux kernel=6.7-rc3
Linux Linux kernel=6.7-rc4
Linux Linux kernel=6.7-rc5
and 4 more
High Fixes in Linux KernelHigh Fixes CVE-2023-6931 in Linux KernelHigh Fixes CVE-2023-6817 in Linux KernelHigh Fixes CVE-2023-46813 in Linux KernelHigh Fixes CVE-2023-6932 in Linux Kernel
Linux Linux kernel<6.4.12
redhat/Kernel<6.5
In rds_recv_track_latency in net/rds/af_rds.c in the Linux kernel through 6.7.1, there is an off-by-one error for an RDS_MSG_RX_DGRAM_TRACE_MAX comparison, resulting in out-of-bounds access.
Linux Linux kernel<=6.7.1
In the Linux kernel through 6.7.1, there is a use-after-free in cec_queue_msg_fh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c.
Linux Linux kernel<=6.7.1
In btrfs_get_root_ref in fs/btrfs/disk-io.c in the Linux kernel through 6.7.1, there can be an assertion failure and crash because a subvolume can be read out too soon after its root item is inserted ...
Linux Linux kernel<=6.7.1
Linux: netback processing of zero-length transmit fragment
Linux Linux kernel>=4.14<6.7
Fedoraproject Fedora=38
Fedoraproject Fedora=39
IBM Storage Protect Plus Server information disclosure
IBM Storage Protect Plus vSnap<=10.1
IBM Spectrum Protect Plus>=10.1.0<10.1.15.3
Linux Linux kernel
Kernel: use-after-free while changing the mount option in __ext4_remount leading
redhat/Kernel<6.4
Linux Linux kernel<6.4
Linux Linux kernel=6.4-rc1
Redhat Enterprise Linux=9.0
Kernel: potential deadlock on &net->sctp.addr_wq_lock leading to dos
redhat/Kernel<6.5
Linux Linux kernel<=6.4.16
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
Kernel: deadlock leading to denial of service in tipc_crypto_key_revoke
redhat/Kernel<6.6
Linux Linux kernel<6.6
Linux Linux kernel=6.6-rc1
Linux Linux kernel=6.6-rc2
Linux Linux kernel=6.6-rc3
Linux Linux kernel=6.6-rc4
and 94 more
Kernel: nf_tables: pointer math issue in nft_byteorder_eval()
Linux Linux kernel<6.7
Linux Linux kernel=6.7-rc1
Fedoraproject Fedora=39
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
redhat/kernel<6.7
and 55 more
Generation of Error Message Containing Sensitive Information Vulnerability in Hitachi Device Manager
Hitachi Device Manager<8.8.5-04
Linux Linux kernel
Microsoft Windows
Missing Password Field Masking Vulnerability in Hitachi Device Manager
Hitachi Device Manager<8.8.5-04
Linux Linux kernel
Microsoft Windows
IBM OpenPages with Watson privilege escalation
IBM OpenPages with Watson<=9.0
IBM OpenPages with Watson<=IBM OpenPages with Watson 8.3
IBM OpenPages with Watson>=8.3<8.3.0.2.7
IBM OpenPages with Watson=9.0
Linux Linux kernel
Microsoft Windows
IBM OpenPages with Watson information disclosure
IBM OpenPages with Watson<=9.0
IBM OpenPages with Watson<=IBM OpenPages with Watson 8.3
IBM OpenPages with Watson>=8.3<8.3.0.2.7
IBM OpenPages with Watson=9.0
Linux Linux kernel
Microsoft Windows
IBM Sterling Control Center directory traversal
IBM Sterling Control Center<=6.3.0
IBM Sterling Control Center=6.3.0
IBM AIX
Ibm Linux On Ibm Z
Linux Linux kernel
Microsoft Windows
Kernel: max page sharing of kernel samepage merging (ksm) may cause memory deduplication
Linux Linux kernel>=4.4.0-96.119<=5.15.0-58
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
Kernel: use-after-free after removing device in wb_inode_writeback_end in mm/page-writeback.c
redhat/kernel<6.0
Linux Linux kernel<6.0
Linux Linux kernel=6.0-rc1
Linux Linux kernel=6.0-rc2
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
Kernel: cifs filesystem decryption improper input validation remote code execution vulnerability in function receive_encrypted_standard of client
Linux Linux kernel<6.7
Linux Linux kernel=6.7-rc1
Linux Linux kernel=6.7-rc2
Linux Linux kernel=6.7-rc3
Linux Linux kernel=6.7-rc4
Linux Linux kernel=6.7-rc5
and 51 more
NVIDIA Triton Inference Server<2.40
Linux Linux kernel
Microsoft Windows
An issue was discovered in drivers/input/input.c in the Linux kernel before 5.17.10. An attacker can cause a denial of service (panic) because input_set_capability mishandles the situation in which an...
Linux Linux kernel<5.17.10
An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 (netfilter: nf_tables: Reject tables of unsupported family)
Linux Linux kernel<=5.17
ubuntu/linux<5.18~
ubuntu/linux<5.4.0-170.188
ubuntu/linux<5.15.0-92.102
ubuntu/linux-hwe<5.18~
ubuntu/linux-hwe-5.4<5.18~
and 92 more
Kernel: blkio memory leakage due to blkcg and some blkgs are not freed after they are made offline.
Linux Linux kernel>=6.2<6.4
Linux Linux kernel=6.4-rc1
Linux Linux kernel=6.4-rc2
Linux Linux kernel=6.4-rc3
Linux Linux kernel=6.4-rc4
Linux Linux kernel=6.4-rc5
and 4 more
Kernel: information disclosure in vhost/vhost.c:vhost_new_msg()
Linux Linux kernel<6.4
Linux Linux kernel=6.4-rc1
Linux Linux kernel=6.4-rc2
Linux Linux kernel=6.4-rc3
Linux Linux kernel=6.4-rc4
Linux Linux kernel=6.4-rc5
and 1 more

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203