Download
| Alert*
|
CVE-2022-2196
A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks.��L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB��after running L2 due to KVM (L0) advertising eIBRS support to L1. An attacker at L2 with code exe ... CVE-2023-1281 Use After Free vulnerability in Linux kernel traffic control index filter (tcindex) allows Privilege Escalation.��The imperfect hash area can be updated while packets are traversing, which will cause a use-after-free when 'tcf_exts_exec()' is called with the destroyed tcf_ext.��A local attacker user ... CVE-2023-0458 A speculative pointer dereference problem exists in the Linux Kernel on the do_prlimit() function. The resource argument value is controlled and is used in pointer arithmetic for the 'rlim' variable and can be used to leak the contents. We recommend upgrading past version 6.1.8 or commit��7397906057 ... CVE-2023-26545 In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device. |
