what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 42 RSS Feed

CVE-2023-0266

Status Candidate

Overview

A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend upgrading past commit 56b88b50565cd8b946a2d00b0c83927b7ebb055e

Related Files

Red Hat Security Advisory 2023-2083-01
Posted May 3, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-2083-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.5 General Availability release images, which fix bugs and security updates container images. Issues addressed include denial of service and server-side request forgery vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2020-10735, CVE-2021-28861, CVE-2022-25881, CVE-2022-3841, CVE-2022-40897, CVE-2022-4269, CVE-2022-4304, CVE-2022-4378, CVE-2022-4415, CVE-2022-4450, CVE-2022-45061, CVE-2022-48303, CVE-2023-0215, CVE-2023-0266
SHA-256 | 73a3a6d4835d6deabe73aac1424fead885072ae86393a0569e27f07803acfe01
Red Hat Security Advisory 2023-1953-01
Posted Apr 26, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1953-01 - Red Hat OpenShift Logging Subsystem 5.6.5 update. Issues addressed include cross site scripting and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, xss
systems | linux, redhat
advisories | CVE-2022-4269, CVE-2022-4378, CVE-2023-0266, CVE-2023-0361, CVE-2023-0386, CVE-2023-27539, CVE-2023-28120
SHA-256 | 1ff111b4a85069401a7dff1ebf454e3f070b0c09625b392292621a537d201e03
Ubuntu Security Notice USN-6030-1
Posted Apr 20, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6030-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-3669, CVE-2022-3424, CVE-2022-36280, CVE-2022-3903, CVE-2022-41218, CVE-2022-47929, CVE-2023-0045, CVE-2023-0266, CVE-2023-0394, CVE-2023-1073, CVE-2023-1074, CVE-2023-1281, CVE-2023-23455, CVE-2023-23559
SHA-256 | 2945178b2c10e70e350ccc077d02e94eafd3a32e099949a0c9a5c79bcc51602d
Red Hat Security Advisory 2023-1677-01
Posted Apr 17, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1677-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include heap overflow and integer overflow vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2022-23521, CVE-2022-41903, CVE-2023-0266, CVE-2023-0386, CVE-2023-0767
SHA-256 | d50fcde157b0d81293003398a54404e2ecee374586626ce00fc2dbcc0d6bdaa5
Red Hat Security Advisory 2023-1656-01
Posted Apr 12, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1656-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.10.56.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-20329, CVE-2022-31690, CVE-2022-31692, CVE-2022-3172, CVE-2022-42889, CVE-2023-0266, CVE-2023-0286, CVE-2023-0461, CVE-2023-24422, CVE-2023-27898, CVE-2023-27899, CVE-2023-27903, CVE-2023-27904
SHA-256 | 240de720e001bf838375281c8974f3f4db8855a03923fc43cfd177237fada857
Ubuntu Security Notice USN-6009-1
Posted Apr 12, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6009-1 - It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service. It was discovered that a use-after-free vulnerability existed in the SGI GRU driver in the Linux kernel. A local attacker could possibly use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-3669, CVE-2022-3424, CVE-2022-36280, CVE-2022-41218, CVE-2022-47929, CVE-2023-0045, CVE-2023-0266, CVE-2023-0394, CVE-2023-23455, CVE-2023-23559, CVE-2023-28328
SHA-256 | fae0436a7a71ef1f1c9e2b9c7be382f428603ebb16892ffc834fe96514e4351e
Ubuntu Security Notice USN-6004-1
Posted Apr 12, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6004-1 - It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs. It was discovered that a use-after-free vulnerability existed in the SGI GRU driver in the Linux kernel. A local attacker could possibly use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-2196, CVE-2022-3424, CVE-2022-36280, CVE-2022-41218, CVE-2022-4382, CVE-2022-48423, CVE-2022-48424, CVE-2023-0045, CVE-2023-0210, CVE-2023-0266, CVE-2023-23454, CVE-2023-23455, CVE-2023-23559, CVE-2023-26606
SHA-256 | cabcdc25961ee369304092af7380ed42dd5a5ca767df881b09baa5dd34bba804
Ubuntu Security Notice USN-6000-1
Posted Apr 6, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6000-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the NVMe driver in the Linux kernel did not properly handle reset events in some situations. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2022-3169, CVE-2022-3424, CVE-2022-3435, CVE-2022-3521, CVE-2022-3545, CVE-2022-3623, CVE-2022-36280, CVE-2022-41218, CVE-2022-4139, CVE-2022-47520, CVE-2022-47929, CVE-2023-0045, CVE-2023-0266, CVE-2023-0394
SHA-256 | e9c783fd857dd877172d6b22feaf0fdab4162c87abb98b854318a9659634936d
Red Hat Security Advisory 2023-1666-01
Posted Apr 6, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1666-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2022-3564, CVE-2023-0266
SHA-256 | a10983af5c966d83e58f80ddf02f130625ff4676bb255290a87e3caa3d20ddfe
Red Hat Security Advisory 2023-1660-01
Posted Apr 5, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1660-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2023-0266, CVE-2023-0386
SHA-256 | 0008187676020d7b4f5c691ffa9ebcbd517148f4234832a10da585e28d1bcbed
Red Hat Security Advisory 2023-1662-01
Posted Apr 5, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1662-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2023-0266, CVE-2023-0461
SHA-256 | 2f4d7fce954eb393102497b880f381d56cb9fc5544edaf0460ce5a4996415692
Red Hat Security Advisory 2023-1659-01
Posted Apr 5, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1659-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2022-4378, CVE-2023-0266, CVE-2023-0386, CVE-2023-1476
SHA-256 | c5c6f461f203851521b544484a8be410baea0da90ffc920177ecf0c96db4329e
Red Hat Security Advisory 2023-1590-01
Posted Apr 5, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1590-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2023-0266
SHA-256 | e78f91f99ca06eae356d59e391c9467856d81ac180bb6cf83454a4c2f377479f
Red Hat Security Advisory 2023-1566-01
Posted Apr 5, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1566-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2022-4269, CVE-2022-4378, CVE-2023-0266, CVE-2023-0386
SHA-256 | 39aea6c477ec6bfecb8b831b361a2d70ddc67cacde4c39fa97b5bac77f700cc6
Red Hat Security Advisory 2023-1559-01
Posted Apr 4, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1559-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2022-3564, CVE-2023-0266
SHA-256 | 6b55e47f99d2bda9d361b9c07646b4dd90f6deb58bb015758d334d0a9f4ca536
Red Hat Security Advisory 2023-1588-01
Posted Apr 4, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1588-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2023-0266
SHA-256 | 9ad9880222cbb0d3614a1eca5b90e283e952f1122c15fd9c81e31d68d6e9f9c6
Red Hat Security Advisory 2023-1556-01
Posted Apr 4, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1556-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2023-0266, CVE-2023-0461
SHA-256 | bfdff9e921737c3dd873317807bcf5104bb62ce1b6fcc534f02343e27668631c
Red Hat Security Advisory 2023-1557-01
Posted Apr 4, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1557-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2023-0266, CVE-2023-0461
SHA-256 | 6a4113fba4bc49138ad69c8192e8cc5b2add535f8dd0a041d74328163652f353
Red Hat Security Advisory 2023-1584-01
Posted Apr 4, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1584-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2022-4269, CVE-2022-4378, CVE-2023-0266, CVE-2023-0386
SHA-256 | 1dae79d00c1eb310c6a5308f585ee188f1aa0b3d59a9e7b1718f771f653bca6f
Red Hat Security Advisory 2023-1554-01
Posted Apr 4, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1554-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2023-0266, CVE-2023-0386
SHA-256 | 7ad37e08e8ab09d46be7e330075101c6e6dad611e42874f7a1ca463819b82343
Red Hat Security Advisory 2023-1560-01
Posted Apr 4, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1560-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2022-3564, CVE-2023-0266
SHA-256 | 7120de30f1b43f357f51c875e2988328592a4b5740d7bb966facaf49732697b9
Ubuntu Security Notice USN-5991-1
Posted Mar 31, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5991-1 - It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service. It was discovered that a use-after-free vulnerability existed in the SGI GRU driver in the Linux kernel. A local attacker could possibly use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-3669, CVE-2022-3424, CVE-2022-36280, CVE-2022-41218, CVE-2022-47929, CVE-2023-0045, CVE-2023-0266, CVE-2023-0394, CVE-2023-23455, CVE-2023-23559, CVE-2023-28328
SHA-256 | 3560637df360f1ac89db43e6f7478418a3608bd908f00448013d1616b6595f39
Ubuntu Security Notice USN-5987-1
Posted Mar 30, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5987-1 - It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs. It was discovered that a use-after-free vulnerability existed in the SGI GRU driver in the Linux kernel. A local attacker could possibly use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-2196, CVE-2022-3424, CVE-2022-36280, CVE-2022-41218, CVE-2022-4382, CVE-2022-48423, CVE-2022-48424, CVE-2023-0045, CVE-2023-0210, CVE-2023-0266, CVE-2023-23454, CVE-2023-23455, CVE-2023-23559, CVE-2023-26606
SHA-256 | 3ea2c4f328cd7b670a3685872b3e880855897778278430f766f4304cd2a0e323
Ubuntu Security Notice USN-5984-1
Posted Mar 30, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5984-1 - It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service. It was discovered that a use-after-free vulnerability existed in the SGI GRU driver in the Linux kernel. A local attacker could possibly use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-3669, CVE-2022-3424, CVE-2022-36280, CVE-2022-41218, CVE-2022-47929, CVE-2023-0045, CVE-2023-0266, CVE-2023-0394, CVE-2023-23455, CVE-2023-23559, CVE-2023-28328
SHA-256 | cc09bbfa401358a3d10b618f0ae43fa874e7af0b4bacd5e682834b33f84c12f0
Ubuntu Security Notice USN-5981-1
Posted Mar 29, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5981-1 - It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service. It was discovered that a use-after-free vulnerability existed in the SGI GRU driver in the Linux kernel. A local attacker could possibly use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-3669, CVE-2022-3424, CVE-2022-36280, CVE-2022-41218, CVE-2022-47929, CVE-2023-0045, CVE-2023-0266, CVE-2023-0394, CVE-2023-23455, CVE-2023-23559, CVE-2023-28328
SHA-256 | 0669c7b87d128f5181ab34a94abb84a54b38967e928f68a15464d110d5ac2ee6
Page 1 of 2
Back12Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    17 Files
  • 8
    Oct 8th
    66 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close