In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to previous commit, the submitting thread (recvmsg/sendmsg) may exit as soon as the async crypto handler calls complete(). Reorder scheduling the work before calling complete(). This seems more logical in the first place, as it's the inverse order of what the submitting thread will do.
Max CVSS
4.7
EPSS Score
0.04%
Published
2024-02-21
Updated
2024-03-14
In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread (one which called recvmsg/sendmsg) may exit as soon as the async crypto handler calls complete() so any code past that point risks touching already freed data. Try to avoid the locking and extra flags altogether. Have the main thread hold an extra reference, this way we can depend solely on the atomic ref counter for synchronization. Don't futz with reiniting the completion, either, we are now tightly controlling when completion fires.
Max CVSS
4.7
EPSS Score
0.04%
Published
2024-02-21
Updated
2024-03-15
A race condition was found in the Linux kernel's net/bluetooth in sniff_{min,max}_interval_set() function. This can result in a bluetooth sniffing exception issue, possibly leading denial of service.
Max CVSS
4.8
EPSS Score
0.04%
Published
2024-02-05
Updated
2024-02-10
The brcm80211 component in the Linux kernel through 6.5.10 has a brcmf_cfg80211_detach use-after-free in the device unplugging (disconnect the USB by hotplug) code. For physically proximate attackers with local access, this "could be exploited in a real world scenario." This is related to brcmf_cfg80211_escan_timeout_worker in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c.
Max CVSS
4.3
EPSS Score
0.04%
Published
2023-11-03
Updated
2024-03-25
An issue was discovered in the Linux kernel through 6.5.9. During a race with SQ thread exit, an io_uring/fdinfo.c io_uring_show_fdinfo NULL pointer dereference can occur.
Max CVSS
4.7
EPSS Score
0.04%
Published
2023-10-29
Updated
2024-01-11
A flaw was found in the Netfilter subsystem of the Linux kernel. A race condition between IPSET_CMD_ADD and IPSET_CMD_SWAP can lead to a kernel panic due to the invocation of `__ip_set_put` on a wrong `set`. This issue may allow a local user to crash the system.
Max CVSS
4.7
EPSS Score
0.04%
Published
2023-09-28
Updated
2023-10-24
A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, potentially leading to an information disclosure.
Max CVSS
4.4
EPSS Score
0.05%
Published
2023-10-09
Updated
2024-01-11
An issue was discovered in the USB subsystem in the Linux kernel through 6.4.2. There is an out-of-bounds and crash in read_descriptors in drivers/usb/core/sysfs.c.
Max CVSS
4.6
EPSS Score
0.05%
Published
2023-07-06
Updated
2024-03-25
Closing of an event channel in the Linux kernel can result in a deadlock. This happens when the close is being performed in parallel to an unrelated Xen console action and the handling of a Xen console interrupt in an unprivileged guest. The closing of an event channel is e.g. triggered by removal of a paravirtual device on the other side. As this action will cause console messages to be issued on the other side quite often, the chance of triggering the deadlock is not neglectable. Note that 32-bit Arm-guests are not affected, as the 32-bit Linux kernel on Arm doesn't use queued-RW-locks, which are required to trigger the issue (on Arm32 a waiting writer doesn't block further readers to get the lock).
Max CVSS
4.9
EPSS Score
0.05%
Published
2024-01-05
Updated
2024-01-11
An issue was discovered in the Linux kernel before 6.2.9. A use-after-free was found in bq24190_remove in drivers/power/supply/bq24190_charger.c. It could allow a local attacker to crash the system due to a race condition.
Max CVSS
4.7
EPSS Score
0.04%
Published
2023-05-22
Updated
2023-05-26
The Linux kernel 6.3 has a use-after-free in iopt_unmap_iova_range in drivers/iommu/iommufd/io_pagetable.c.
Max CVSS
4.4
EPSS Score
0.04%
Published
2023-05-21
Updated
2024-03-25
In bluetooth driver, there is a possible out of bounds read due to improper input validation. This could lead to local information leak with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07867212; Issue ID: ALPS07867212.
Max CVSS
4.4
EPSS Score
0.04%
Published
2023-09-04
Updated
2023-09-07
An issue was discovered in drivers/bluetooth/hci_ldisc.c in the Linux kernel 6.2. In hci_uart_tty_ioctl, there is a race condition between HCIUARTSETPROTO and HCIUARTGETPROTO. HCI_UART_PROTO_SET is set before hu->proto is set. A NULL pointer dereference may occur.
Max CVSS
4.7
EPSS Score
0.04%
Published
2023-04-24
Updated
2024-03-25
In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.
Max CVSS
4.7
EPSS Score
0.04%
Published
2023-02-25
Updated
2023-05-03
The Linux kernel through 6.1.9 has a Use-After-Free in bigben_remove in drivers/hid/hid-bigbenff.c via a crafted USB device because the LED controllers remain registered for too long.
Max CVSS
4.6
EPSS Score
0.07%
Published
2023-02-02
Updated
2024-03-25
In the Linux kernel before 5.16, tools/perf/util/expr.c lacks a check for the hashmap__new return value.
Max CVSS
4.0
EPSS Score
0.04%
Published
2023-03-01
Updated
2023-08-29
In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local denial of service with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07354025; Issue ID: ALPS07340108.
Max CVSS
4.2
EPSS Score
0.04%
Published
2023-09-04
Updated
2023-09-07
In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07354023; Issue ID: ALPS07340098.
Max CVSS
4.2
EPSS Score
0.04%
Published
2023-09-04
Updated
2023-09-07
In imgsys, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07197795; Issue ID: ALPS07340357.
Max CVSS
4.2
EPSS Score
0.04%
Published
2023-09-04
Updated
2023-09-07
In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07354058; Issue ID: ALPS07340121.
Max CVSS
4.2
EPSS Score
0.04%
Published
2023-09-04
Updated
2023-09-07
In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340119; Issue ID: ALPS07340119.
Max CVSS
4.2
EPSS Score
0.04%
Published
2023-09-04
Updated
2023-09-07
In imgsys, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue ID: ALPS07326409.
Max CVSS
4.2
EPSS Score
0.04%
Published
2023-09-04
Updated
2023-09-07
In imgsys, there is a possible out of bounds read due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue ID: ALPS07326418.
Max CVSS
4.0
EPSS Score
0.04%
Published
2023-09-04
Updated
2023-09-07
In IOMMU, there is a possible information disclosure due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03692061; Issue ID: DTV03692061.
Max CVSS
4.4
EPSS Score
0.04%
Published
2023-08-07
Updated
2023-08-09
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588413; Issue ID: ALPS07588453.
Max CVSS
4.4
EPSS Score
0.04%
Published
2023-04-06
Updated
2023-04-12
674 vulnerabilities found
1 2 3 4 5 6 ...... 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!