exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

CVE-2023-52457

Status Candidate

Overview

In the Linux kernel, the following vulnerability has been resolved: serial: 8250: omap: Don't skip resource freeing if pm_runtime_resume_and_get() failed Returning an error code from .remove() makes the driver core emit the little helpful error message: remove callback returned a non-zero value. This will be ignored. and then remove the device anyhow. So all resources that were not freed are leaked in this case. Skipping serial8250_unregister_port() has the potential to keep enough of the UART around to trigger a use-after-free. So replace the error return (and with it the little helpful error message) by a more useful error message and continue to cleanup.

Related Files

Ubuntu Security Notice USN-6819-4
Posted Jun 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6819-4 - Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service. Chenyuan Yang discovered that the RDS Protocol implementation in the Linux kernel contained an out-of-bounds read vulnerability. An attacker could use this to possibly cause a denial of service.

tags | advisory, remote, denial of service, kernel, tcp, protocol
systems | linux, ubuntu
advisories | CVE-2023-52443, CVE-2023-52444, CVE-2023-52447, CVE-2023-52451, CVE-2023-52452, CVE-2023-52453, CVE-2023-52455, CVE-2023-52457, CVE-2023-52462, CVE-2023-52463, CVE-2023-52465, CVE-2023-52467, CVE-2023-52469, CVE-2023-52472
SHA-256 | 55aee9f86f0d217c785cca08ee7c9f4bcee8a48724cb7c733501904578ab9082
Ubuntu Security Notice USN-6818-4
Posted Jun 19, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6818-4 - Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service. It was discovered that the Intel Data Streaming and Intel Analytics Accelerator drivers in the Linux kernel allowed direct access to the devices for unprivileged users and virtual machines. A local attacker could use this to cause a denial of service.

tags | advisory, remote, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2023-52443, CVE-2023-52444, CVE-2023-52445, CVE-2023-52447, CVE-2023-52448, CVE-2023-52451, CVE-2023-52452, CVE-2023-52453, CVE-2023-52454, CVE-2023-52455, CVE-2023-52457, CVE-2023-52458, CVE-2023-52462, CVE-2023-52465
SHA-256 | 45d09107b41d33ef414306980ca5ee46652a668706bd63539fc356423258d542
Ubuntu Security Notice USN-6818-3
Posted Jun 17, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6818-3 - Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service. It was discovered that the Intel Data Streaming and Intel Analytics Accelerator drivers in the Linux kernel allowed direct access to the devices for unprivileged users and virtual machines. A local attacker could use this to cause a denial of service.

tags | advisory, remote, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2023-52443, CVE-2023-52444, CVE-2023-52445, CVE-2023-52447, CVE-2023-52448, CVE-2023-52451, CVE-2023-52452, CVE-2023-52453, CVE-2023-52454, CVE-2023-52455, CVE-2023-52457, CVE-2023-52458, CVE-2023-52462, CVE-2023-52465
SHA-256 | dcff9f0b90830b9039bdc525bab3fafe6a039d75b4aa054c2fed494b9bcc3e2d
Ubuntu Security Notice USN-6819-3
Posted Jun 13, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6819-3 - Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service. Chenyuan Yang discovered that the RDS Protocol implementation in the Linux kernel contained an out-of-bounds read vulnerability. An attacker could use this to possibly cause a denial of service.

tags | advisory, remote, denial of service, kernel, tcp, protocol
systems | linux, ubuntu
advisories | CVE-2023-52443, CVE-2023-52444, CVE-2023-52447, CVE-2023-52451, CVE-2023-52452, CVE-2023-52453, CVE-2023-52455, CVE-2023-52457, CVE-2023-52462, CVE-2023-52463, CVE-2023-52465, CVE-2023-52467, CVE-2023-52469, CVE-2023-52472
SHA-256 | 0776ecd3ecb1bfa0399486a67208c24d784625998b8a8fcde961179d780df009
Ubuntu Security Notice USN-6819-2
Posted Jun 12, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6819-2 - Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service. Chenyuan Yang discovered that the RDS Protocol implementation in the Linux kernel contained an out-of-bounds read vulnerability. An attacker could use this to possibly cause a denial of service.

tags | advisory, remote, denial of service, kernel, tcp, protocol
systems | linux, ubuntu
advisories | CVE-2023-52443, CVE-2023-52444, CVE-2023-52447, CVE-2023-52451, CVE-2023-52452, CVE-2023-52453, CVE-2023-52455, CVE-2023-52457, CVE-2023-52462, CVE-2023-52463, CVE-2023-52465, CVE-2023-52467, CVE-2023-52469, CVE-2023-52472
SHA-256 | aa4906916aa0bf9376da682c5ed9fb70434203cee9f1f143722bf1febd67513c
Ubuntu Security Notice USN-6818-2
Posted Jun 11, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6818-2 - Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service. It was discovered that the Intel Data Streaming and Intel Analytics Accelerator drivers in the Linux kernel allowed direct access to the devices for unprivileged users and virtual machines. A local attacker could use this to cause a denial of service.

tags | advisory, remote, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2023-52443, CVE-2023-52444, CVE-2023-52445, CVE-2023-52447, CVE-2023-52448, CVE-2023-52451, CVE-2023-52452, CVE-2023-52453, CVE-2023-52454, CVE-2023-52455, CVE-2023-52457, CVE-2023-52458, CVE-2023-52462, CVE-2023-52465
SHA-256 | 9ba8e27136f85eb9b04e59f45205671bb1e2028060ec6d3762843127fc48c57d
Ubuntu Security Notice USN-6819-1
Posted Jun 10, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6819-1 - Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service. Chenyuan Yang discovered that the RDS Protocol implementation in the Linux kernel contained an out-of-bounds read vulnerability. An attacker could use this to possibly cause a denial of service.

tags | advisory, remote, denial of service, kernel, tcp, protocol
systems | linux, ubuntu
advisories | CVE-2023-52443, CVE-2023-52444, CVE-2023-52447, CVE-2023-52451, CVE-2023-52452, CVE-2023-52453, CVE-2023-52455, CVE-2023-52457, CVE-2023-52462, CVE-2023-52463, CVE-2023-52465, CVE-2023-52467, CVE-2023-52469, CVE-2023-52472
SHA-256 | 6b5f365e0a9b1cc8353c9a51d4e012a3c1a46a05a4cee68676de2559d30b4103
Ubuntu Security Notice USN-6818-1
Posted Jun 10, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6818-1 - Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service. It was discovered that the Intel Data Streaming and Intel Analytics Accelerator drivers in the Linux kernel allowed direct access to the devices for unprivileged users and virtual machines. A local attacker could use this to cause a denial of service.

tags | advisory, remote, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2023-52443, CVE-2023-52444, CVE-2023-52445, CVE-2023-52447, CVE-2023-52448, CVE-2023-52451, CVE-2023-52452, CVE-2023-52453, CVE-2023-52454, CVE-2023-52455, CVE-2023-52457, CVE-2023-52458, CVE-2023-52462, CVE-2023-52465
SHA-256 | 5778214f1c63875a06eab8b9dbcf68eb5655db57ccbc5ef60ce840cca70d6401
Ubuntu Security Notice USN-6765-1
Posted May 9, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6765-1 - Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service. Sander Wiebing, Alvise de Faveri Tron, Herbert Bos, and Cristiano Giuffrida discovered that the Linux kernel mitigations for the initial Branch History Injection vulnerability were insufficient for Intel processors. A local attacker could potentially use this to expose sensitive information.

tags | advisory, remote, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2022-0001, CVE-2023-52443, CVE-2023-52444, CVE-2023-52447, CVE-2023-52449, CVE-2023-52451, CVE-2023-52452, CVE-2023-52455, CVE-2023-52456, CVE-2023-52457, CVE-2023-52462, CVE-2023-52465, CVE-2023-52467, CVE-2023-52469
SHA-256 | 42046ab3e597891b35376f855bb093f99f7b85199aebb9184d7401f3b4fa1f10
Ubuntu Security Notice USN-6688-1
Posted Mar 12, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6688-1 - Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null pointer dereference vulnerability. An attacker in a guest VM could possibly use this to cause a denial of service. It was discovered that the Habana's AI Processors driver in the Linux kernel did not properly initialize certain data structures before passing them to user space. A local attacker could use this to expose sensitive information.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-46838, CVE-2023-50431, CVE-2023-52436, CVE-2023-52438, CVE-2023-52439, CVE-2023-52443, CVE-2023-52444, CVE-2023-52445, CVE-2023-52447, CVE-2023-52448, CVE-2023-52449, CVE-2023-52454, CVE-2023-52457, CVE-2023-52462
SHA-256 | 14e46adfe602e3381472cca2694960e60b4f66b2adf1e14c5cefabbd3a423e8c
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close