exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 9 of 9 RSS Feed

CVE-2022-40768

Status Candidate

Overview

drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case.

Related Files

Ubuntu Security Notice USN-5758-1
Posted Dec 2, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5758-1 - Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the video4linux driver for Empia based TV cards in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-3239, CVE-2022-3524, CVE-2022-3564, CVE-2022-3565, CVE-2022-3566, CVE-2022-3567, CVE-2022-3594, CVE-2022-3621, CVE-2022-3635, CVE-2022-3649, CVE-2022-40768, CVE-2022-42703, CVE-2022-43750
SHA-256 | 256eadaaba2ca6b555ffdca188a01a32a38b8869b53454c79b3151aafb702dc1
Ubuntu Security Notice USN-5728-3
Posted Nov 30, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5728-3 - Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the memory address space accounting implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-20422, CVE-2022-2153, CVE-2022-2978, CVE-2022-29901, CVE-2022-3028, CVE-2022-3625, CVE-2022-3635, CVE-2022-39188, CVE-2022-40768, CVE-2022-41222, CVE-2022-42703, CVE-2022-42719
SHA-256 | ebafaab2d5db4b2842460331e69fe77801e170fb619cc3bd4e090cd8f02623de
Ubuntu Security Notice USN-5729-2
Posted Nov 21, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5729-2 - It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could use this to cause a denial of service. Hsin-Wei Hung discovered that the BPF subsystem in the Linux kernel contained an out-of-bounds read vulnerability in the x86 JIT compiler. A local attacker could possibly use this to cause a denial of service or expose sensitive information.

tags | advisory, denial of service, x86, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-20422, CVE-2022-2905, CVE-2022-2978, CVE-2022-3028, CVE-2022-3625, CVE-2022-3635, CVE-2022-39190, CVE-2022-40768
SHA-256 | 37ac683956be1298d59db7946f6bc8b7d7e2c0e7a850719e8ead2f51fc670c14
Ubuntu Security Notice USN-5728-2
Posted Nov 21, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5728-2 - Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the memory address space accounting implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-20422, CVE-2022-2153, CVE-2022-2978, CVE-2022-29901, CVE-2022-3028, CVE-2022-3625, CVE-2022-3635, CVE-2022-39188, CVE-2022-40768, CVE-2022-41222, CVE-2022-42703, CVE-2022-42719
SHA-256 | c3624c07f86cdfd2b3713a4f62018465ad2c42db0469b2ff000d4ff889d73b83
Ubuntu Security Notice USN-5727-2
Posted Nov 21, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5727-2 - It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could use this to cause a denial of service. It was discovered that the KVM implementation in the Linux kernel did not properly handle virtual CPUs without APICs in certain situations. A local attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-20422, CVE-2022-2153, CVE-2022-2978, CVE-2022-3028, CVE-2022-3635, CVE-2022-36879, CVE-2022-40768
SHA-256 | 198528c181d3d41c1c6d41390038b021e5a8bb3d1e1b1bda41b1f5b01c58e2b7
Ubuntu Security Notice USN-5729-1
Posted Nov 17, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5729-1 - It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could use this to cause a denial of service. Hsin-Wei Hung discovered that the BPF subsystem in the Linux kernel contained an out-of-bounds read vulnerability in the x86 JIT compiler. A local attacker could possibly use this to cause a denial of service or expose sensitive information.

tags | advisory, denial of service, x86, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-20422, CVE-2022-2905, CVE-2022-2978, CVE-2022-3028, CVE-2022-3625, CVE-2022-3635, CVE-2022-39190, CVE-2022-40768
SHA-256 | 2ed9de86da2c1e7cc0b4f8970c86b427aa7bf63dcea72f209cebdcce6cd60b19
Ubuntu Security Notice USN-5727-1
Posted Nov 17, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5727-1 - It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could use this to cause a denial of service. It was discovered that the KVM implementation in the Linux kernel did not properly handle virtual CPUs without APICs in certain situations. A local attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-20422, CVE-2022-2153, CVE-2022-2978, CVE-2022-3028, CVE-2022-3635, CVE-2022-36879, CVE-2022-40768
SHA-256 | c5aeb552da277840f0734207a89d8b35a628cfa276057d8cc68659f6540b4287
Ubuntu Security Notice USN-5728-1
Posted Nov 17, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5728-1 - Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the memory address space accounting implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-20422, CVE-2022-2153, CVE-2022-2978, CVE-2022-29901, CVE-2022-3028, CVE-2022-3625, CVE-2022-3635, CVE-2022-39188, CVE-2022-40768, CVE-2022-41222, CVE-2022-42703, CVE-2022-42719
SHA-256 | d0a1c25c6eb1d9a7ff69a8217addefb3508ac783bad0f3c1762570c079322a29
Ubuntu Security Notice USN-5693-1
Posted Oct 20, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5693-1 - David Bouman and Billy Jheng Bing Jhong discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Duoming Zhou discovered that race conditions existed in the timer handling implementation of the Linux kernel's Rose X.25 protocol layer, resulting in use-after-free vulnerabilities. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability, protocol
systems | linux, ubuntu
advisories | CVE-2022-2318, CVE-2022-2602, CVE-2022-2978, CVE-2022-3028, CVE-2022-40768, CVE-2022-41674, CVE-2022-42719, CVE-2022-42720, CVE-2022-42721, CVE-2022-42722
SHA-256 | b188fde6f7ada8ed2d80d51cefde2cc926159548905b92f8f3334d7b98c585e1
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close