Red Hat Security Advisory 2024-0725-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include null pointer, out of bounds access, out of bounds read, and use-after-free vulnerabilities.
cb1f979f02a027b72d48a5af112972191c6111af2e53d98447b255e55813dd05Red Hat Security Advisory 2024-0723-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include null pointer, out of bounds access, out of bounds read, and use-after-free vulnerabilities.
63cdd7557b1dd7d58b09484123a8d4d884f013eaef148a252418667378704061Ubuntu Security Notice 6256-1 - Jiasheng Jiang discovered that the HSA Linux kernel driver for AMD Radeon GPU devices did not properly validate memory allocation in certain situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service. Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service.
53c2946b5d19f257334d1182e7199b58771f576b4b09ca7d1fb73edd8b8401a3Ubuntu Security Notice 6222-1 - Jiasheng Jiang discovered that the HSA Linux kernel driver for AMD Radeon GPU devices did not properly validate memory allocation in certain situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service. Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service.
94dbf49a52b22f22555588a1537c9f53427bb276aea89e1ea9e550c810bfd1d7Ubuntu Security Notice 6134-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
f29d43641cf6602854ca5f12c8ec924f3cc0c924589ae311e0273f588159f703Ubuntu Security Notice 6096-1 - It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service.
34cc30ebdf58924fb1b0c1d2ffdb4157e4f644bf5821397bbd37680bea54a1e2Ubuntu Security Notice 6093-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
a978cac588db84607cc6b04a9d12c7eba418d67966b505fd71ab931daba3fd00Ubuntu Security Notice 6091-1 - It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service.
651ba1a89cf9b5d5fcfc6ec7f0f13b73b41225a33fc642efba219a7eab3cd1baUbuntu Security Notice 6079-1 - It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service.
c55226f642efc261a275c77b949560f51ecbee738f4b1ae410a64e9ef5623271Ubuntu Security Notice 6057-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the OverlayFS implementation in the Linux kernel did not properly handle copy up operation in some conditions. A local attacker could possibly use this to gain elevated privileges.
040f1d117d95311a74a29ff7b24fcda0c036e35e0b140bebc5c6fe078bee84e0Ubuntu Security Notice 6040-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the OverlayFS implementation in the Linux kernel did not properly handle copy up operation in some conditions. A local attacker could possibly use this to gain elevated privileges.
26dff9542ab0bc55ce32713143c92728543d90f446c699eee6688caf98c1678eUbuntu Security Notice 6032-1 - Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service. Gerald Lee discovered that the USB Gadget file system implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
08e97ef4623b43e166aa41785d752beb4eb1a28c2bfbe6ca623eb62bb0b636f5Ubuntu Security Notice 6031-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the Integrity Measurement Architecture implementation in the Linux kernel did not properly enforce policy in certain conditions. A privileged attacker could use this to bypass Kernel lockdown restrictions.
c49e938c59a6771a19744a8f7a0880c7e6c16e6feae1b07ba02a91e00363d912Ubuntu Security Notice 6030-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service.
2945178b2c10e70e350ccc077d02e94eafd3a32e099949a0c9a5c79bcc51602dUbuntu Security Notice 6029-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the infrared transceiver USB driver did not properly handle USB control messages. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service.
f1b0f3adc16cd7f8b3fe2b2f0c71c8c141f48a93e4c9fdc3825271c325dd2624Ubuntu Security Notice 6027-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Jiasheng Jiang discovered that the HSA Linux kernel driver for AMD Radeon GPU devices did not properly validate memory allocation in certain situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service.
39f49abc79546dbf0c1c8b9ee0c0ae03dfb6d15515f347f1ec3c32d1c433e8d1Ubuntu Security Notice 6025-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the OverlayFS implementation in the Linux kernel did not properly handle copy up operation in some conditions. A local attacker could possibly use this to gain elevated privileges.
8c6281ddbf56e092c3440753f9d56a5e0dadfd6af2c500c94bc852f14299edf8Ubuntu Security Notice 5978-1 - It was discovered that the network queuing discipline implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs.
71cd680be098e8fe6428fa0aea346ac7a027ec8f5c40c0e9df401cd20a6cbc28
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed