what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 14 of 14 RSS Feed

CVE-2022-0617

Status Candidate

Overview

A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2.

Related Files

Ubuntu Security Notice USN-6014-1
Posted Apr 13, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6014-1 - Xuewei Feng, Chuanpu Fu, Qi Li, Kun Sun, and Ke Xu discovered that the TCP implementation in the Linux kernel did not properly handle IPID assignment. A remote attacker could use this to cause a denial of service or inject forged data. Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk, Lisa Aichele, and Thais Moreira Hamasaki discovered that the Spectre Variant 2 mitigations for AMD processors on Linux were insufficient in some situations. A local attacker could possibly use this to expose sensitive information.

tags | advisory, remote, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2020-36516, CVE-2021-26401, CVE-2021-28713, CVE-2021-3428, CVE-2021-3659, CVE-2021-3669, CVE-2021-3732, CVE-2021-3772, CVE-2021-4149, CVE-2021-4203, CVE-2021-45868, CVE-2022-0487, CVE-2022-0494, CVE-2022-0617
SHA-256 | b35ca435930e16fd5c80695ace0a0339c873cee40fdedf7c96c3a446b1a7ff00
Ubuntu Security Notice USN-6013-1
Posted Apr 12, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6013-1 - Xuewei Feng, Chuanpu Fu, Qi Li, Kun Sun, and Ke Xu discovered that the TCP implementation in the Linux kernel did not properly handle IPID assignment. A remote attacker could use this to cause a denial of service or inject forged data. Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk, Lisa Aichele, and Thais Moreira Hamasaki discovered that the Spectre Variant 2 mitigations for AMD processors on Linux were insufficient in some situations. A local attacker could possibly use this to expose sensitive information.

tags | advisory, remote, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2020-36516, CVE-2021-26401, CVE-2021-3428, CVE-2021-3659, CVE-2021-3669, CVE-2021-3732, CVE-2021-3772, CVE-2021-4149, CVE-2021-4203, CVE-2021-45868, CVE-2022-0487, CVE-2022-0494, CVE-2022-0617, CVE-2022-1016
SHA-256 | a9c225928b1c28bf90c101180a361e5db4576ba6b23acb6d2f68a5da43566ceb
Ubuntu Security Notice USN-6001-1
Posted Apr 6, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6001-1 - Xuewei Feng, Chuanpu Fu, Qi Li, Kun Sun, and Ke Xu discovered that the TCP implementation in the Linux kernel did not properly handle IPID assignment. A remote attacker could use this to cause a denial of service or inject forged data. Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk, Lisa Aichele, and Thais Moreira Hamasaki discovered that the Spectre Variant 2 mitigations for AMD processors on Linux were insufficient in some situations. A local attacker could possibly use this to expose sensitive information.

tags | advisory, remote, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2020-36516, CVE-2021-26401, CVE-2021-28713, CVE-2021-3428, CVE-2021-3659, CVE-2021-3669, CVE-2021-3732, CVE-2021-3772, CVE-2021-4149, CVE-2021-4203, CVE-2021-45868, CVE-2022-0487, CVE-2022-0494, CVE-2022-0617
SHA-256 | 41aeeefd2d4b93824f7651b99bd053dcc55a7bddef73bc96c89bc61e6121be0c
Red Hat Security Advisory 2022-9040-01
Posted Dec 15, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-9040-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.3 General Availability release images, which provide security updates, fix bugs, and update container images. Issues addressed include bypass and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2016-3709, CVE-2020-36516, CVE-2020-36558, CVE-2021-30002, CVE-2021-3640, CVE-2022-0168, CVE-2022-0561, CVE-2022-0562, CVE-2022-0617, CVE-2022-0854, CVE-2022-0865, CVE-2022-0891, CVE-2022-0908, CVE-2022-0909
SHA-256 | 832a8a303027268e02c709a9a31b625b910e69b15d9a0920f4e3c0fc0b32c7e8
Red Hat Security Advisory 2022-8889-01
Posted Dec 9, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8889-01 - This is an Openshift Logging bug fix release. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2016-3709, CVE-2020-35525, CVE-2020-35527, CVE-2020-36516, CVE-2020-36518, CVE-2020-36558, CVE-2021-30002, CVE-2021-3640, CVE-2022-0168, CVE-2022-0561, CVE-2022-0562, CVE-2022-0617, CVE-2022-0854, CVE-2022-0865
SHA-256 | e8c5fca15c718cc8dd491c4bcec10fa3e9d5113ff39850bf8adff3a3d0ba7b03
Red Hat Security Advisory 2022-8781-01
Posted Dec 8, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8781-01 - Logging Subsystem for Red Hat OpenShift has a security update. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2016-3709, CVE-2020-35525, CVE-2020-35527, CVE-2020-36516, CVE-2020-36518, CVE-2020-36558, CVE-2021-30002, CVE-2021-3640, CVE-2022-0168, CVE-2022-0561, CVE-2022-0562, CVE-2022-0617, CVE-2022-0854, CVE-2022-0865
SHA-256 | 94fd80ae3f797e0ff34ab1f8558bfde9e35443a2edff79d1f8f459b42a4421a3
Red Hat Security Advisory 2022-8267-01
Posted Nov 16, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8267-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include code execution, denial of service, double free, information leakage, null pointer, out of bounds access, out of bounds write, privilege escalation, and use-after-free vulnerabilities.

tags | advisory, denial of service, kernel, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2020-36516, CVE-2021-3640, CVE-2022-0168, CVE-2022-0617, CVE-2022-0854, CVE-2022-1016, CVE-2022-1048, CVE-2022-1184, CVE-2022-1280, CVE-2022-1353, CVE-2022-1679, CVE-2022-1852, CVE-2022-1998, CVE-2022-20368
SHA-256 | 61bdc9d3c34a59e606122d76bd54edf2c632981ed9b9216c4d074ec3e2c68e88
Red Hat Security Advisory 2022-7933-01
Posted Nov 15, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-7933-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include code execution, denial of service, double free, information leakage, null pointer, out of bounds access, out of bounds write, privilege escalation, and use-after-free vulnerabilities.

tags | advisory, denial of service, kernel, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2020-36516, CVE-2021-3640, CVE-2022-0168, CVE-2022-0617, CVE-2022-0854, CVE-2022-1016, CVE-2022-1048, CVE-2022-1184, CVE-2022-1280, CVE-2022-1353, CVE-2022-1679, CVE-2022-1852, CVE-2022-1998, CVE-2022-20368
SHA-256 | c7306cb3e2d21e76d1cf923d8e8152b52d296914c9dd94bd60e420cd01196ce6
Red Hat Security Advisory 2022-7444-01
Posted Nov 8, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-7444-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow, denial of service, double free, information leakage, memory leak, null pointer, out of bounds access, out of bounds write, privilege escalation, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, kernel, vulnerability, memory leak
systems | linux, redhat
advisories | CVE-2020-36516, CVE-2020-36558, CVE-2021-30002, CVE-2021-3640, CVE-2022-0168, CVE-2022-0617, CVE-2022-0854, CVE-2022-1016, CVE-2022-1048, CVE-2022-1055, CVE-2022-1184, CVE-2022-1852, CVE-2022-20368, CVE-2022-2078
SHA-256 | 39767b39b329544197135ea8814c0b5fda845e7986b427bd47b86765b12afd20
Red Hat Security Advisory 2022-7683-01
Posted Nov 8, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-7683-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, denial of service, double free, information leakage, memory leak, null pointer, out of bounds access, out of bounds write, privilege escalation, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, kernel, vulnerability, memory leak
systems | linux, redhat
advisories | CVE-2020-36516, CVE-2020-36558, CVE-2021-30002, CVE-2021-3640, CVE-2022-0168, CVE-2022-0617, CVE-2022-0854, CVE-2022-1016, CVE-2022-1048, CVE-2022-1055, CVE-2022-1184, CVE-2022-1852, CVE-2022-20368, CVE-2022-2078
SHA-256 | 70f6b3ef6f61904b7dd7be40ca921b499c89a91d16a34a7cc822f34e34e87d24
Ubuntu Security Notice USN-5385-1
Posted Apr 21, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5385-1 - Brendan Dolan-Gavitt discovered that the aQuantia AQtion Ethernet device driver in the Linux kernel did not properly validate meta-data coming from the device. A local attacker who can control an emulated device can use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the UDF file system implementation in the Linux kernel could attempt to dereference a null pointer in some situations. An attacker could use this to construct a malicious UDF image that, when mounted and operated on, could cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-43975, CVE-2022-0617, CVE-2022-24448, CVE-2022-24959
SHA-256 | 078b4bddc3740f5822d9df11ccc4d99af4944adc91979ccb11b22595a7e4421f
Ubuntu Security Notice USN-5384-1
Posted Apr 21, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5384-1 - It was discovered that the UDF file system implementation in the Linux kernel could attempt to dereference a null pointer in some situations. An attacker could use this to construct a malicious UDF image that, when mounted and operated on, could cause a denial of service. Lyu Tao discovered that the NFS implementation in the Linux kernel did not properly handle requests to open a directory on a regular file. A local attacker could use this to expose sensitive information.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-0617, CVE-2022-24448, CVE-2022-24959
SHA-256 | d25729c26aa6f3072b6df3d355310603cca00b0fefee36dc20228b42c073c6e7
Ubuntu Security Notice USN-5383-1
Posted Apr 21, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5383-1 - David Bouman discovered that the netfilter subsystem in the Linux kernel did not properly validate passed user register indices. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Brendan Dolan-Gavitt discovered that the Marvell WiFi-Ex USB device driver in the Linux kernel did not properly handle some error conditions. A physically proximate attacker could use this to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-43976, CVE-2021-44879, CVE-2022-0617, CVE-2022-1015, CVE-2022-1016, CVE-2022-24448, CVE-2022-24959, CVE-2022-26878
SHA-256 | eecfaed66553cc5d738b54db0a55d0888c30e53ef8fb77f43aa53fd8250d7fb9
Debian Security Advisory 5095-1
Posted Mar 28, 2022
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5095-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2020-36310, CVE-2022-0001, CVE-2022-0002, CVE-2022-0487, CVE-2022-0492, CVE-2022-0617, CVE-2022-25636
SHA-256 | 271e4b7d1b99d28febed5f00c4b01bf76715f4001e068e7da511f20bacd0d4ff
Page 1 of 1
Back1Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    17 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close