![]() ![]() ![]() Under certain conditions, a low privileged attacker could load a specially crafted file during installation or upgrade to escalate privileges on Windows and Linux hosts.Ī heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events (perf) component can be exploited to achieve local privilege escalation. This issue could allow a local user to crash the system or escalate their privileges on the system. This flaw allows a local attacker to crash the system when the LAN78XX USB device detaches.Ī null pointer dereference flaw was found in the nft_inner.c functionality of netfilter in the Linux kernel. We recommend upgrading past commit 93995bf4af2c5a99e2a87f0cd5ce547d31eb7630.Ī use-after-free flaw was found in lan78xx_disconnect in drivers/net/usb/lan78xx.c in the network sub-component, net/usb/lan78xx in the Linux Kernel. The function nft_trans_gc_catchall did not remove the catchall set element from the catchall_list when the argument sync is true, making it possible to free a catchall set element many times. This flaw allows a remote attacker to send a crafted TCP packet, triggering a heap-based buffer overflow that results in kmalloc data to be printed (and potentially leaked) to the kernel ring buffer (dmesg).Ī use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. ![]() This issue occurs when a user constructs a malicious packet with specific socket configuration, which could allow a local user to crash the system or escalate their privileges on the system.Īn out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsystem in the Linux kernel. An unprivileged user could specify a small meta buffer and let the device perform larger Direct Memory Access (DMA) into the same buffer, overwriting unrelated kernel memory, causing random kernel crashes and memory corruption.Ī null pointer dereference flaw was found in the Linux kernel API for the cryptographic algorithm scatterwalk functionality. A buffer overflow vulnerability was found in the NVM Express (NVMe) driver in the Linux kernel. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |