A denial of service problem was found, due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm-ioctl.c in the Linux Kernel Device Mapper-Multipathing sub-component. In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unpr ...
A use-after-free flaw was found in nf_tables cross-table in the net/netfilter/nf_tables_api.c function in the Linux kernel. This flaw allows a local, privileged attacker to cause a use-after-free problem at the time of table deletion, possibly leading to local privilege escalation. A heap buffer overflow flaw was found in the Linux kernel's Netfilter subsystem in the way a user provides incorrect ...
An issue was discovered in fs/io_uring.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service because exit may be waiting to park a SQPOLL thread, but concurrently that SQPOLL thread is waiting for a signal to start, aka CID-3ebba796fa25. A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leading to a possible out-of-bounds memory write in the Linux k ...
A Gather Data Sampling transient execution side-channel vulnerability was found affecting certain Intel processors. This issue may allow a local attacker using gather instruction to infer stale data from previously used vector registers on the same physical core
A buffer overrun vulnerability was found in the netback driver in Xen due to an unusual split packet. This flaw allows an unprivileged guest to cause a denial of service of the host by sending network packets to the backend, causing the backend to crash. A use-after-free flaw was found in net/sched/cls_fw.c in classifiers in the Linux Kernel. This flaw allows a local attacker to perform a local ...
A flaw in the Linux Kernel found in the GFS2 file system. On corrupted gfs2 file systems the evict code can try to reference the journal descriptor structure, jdesc, after it has been freed and set to NULL. It can lead to null pointer dereference when gfs2_trans_begin being called and then fail ingfs2_evict_inode. A buffer overrun vulnerability was found in the netback driver in Xen due to an unus ...
A use-after-free vulnerability in the Linux kernel's net/sched: cls_route component can be exploited to achieve local privilege escalation.When route4_change is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter. This causes a problem when updating a filter bound to a class, as tcf_unbind_filter is always called on the old instance in the ...
A use-after-free vulnerability in the Linux kernel's net/sched: cls_route component can be exploited to achieve local privilege escalation.When route4_change is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter. This causes a problem when updating a filter bound to a class, as tcf_unbind_filter is always called on the old instance in the ...
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: * kernel: tun: avoid double free in tun_free_netdev * ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF * kernel: net: CPU soft lockup in TC mirred egress-to-ingress action For more details about the security issue, includi ...