Lädt...


📚 USN-5877-1: Linux kernel (GKE) vulnerabilities


Nachrichtenbereich: 🐧 Unix Server
🔗 Quelle: ubuntu.com

Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-4378) Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42896) Mingwei Zhang discovered that the KVM implementation for AMD processors in the Linux kernel did not properly handle cache coherency with Secure Encrypted Virtualization (SEV). A local attacker could possibly use this to cause a denial of service (host system crash). (CVE-2022-0171) It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-20421) David Leadbeater discovered that the netfilter IRC protocol tracking implementation in the Linux Kernel incorrectly handled certain message payloads in some situations. A remote attacker could possibly use this to cause a denial of service or bypass firewall filtering. (CVE-2022-2663) It was discovered that the Intel 740 frame buffer driver in the Linux kernel contained a divide by zero vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3061) It was discovered that the sound subsystem in the Linux kernel contained a race condition in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3303) It was discovered that a memory leak existed in the Unix domain socket implementation of the Linux kernel. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-3543) Gwnaun Jung discovered that the SFB packet scheduling implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3586) It was discovered that the Bluetooth HCI implementation in the Linux kernel did not properly deallocate memory in some situations. An attacker could possibly use this cause a denial of service (memory exhaustion). (CVE-2022-3619) It was discovered that the hugetlb implementation in the Linux kernel contained a race condition in some situations. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2022-3623) It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform bounds checking in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3628) It was discovered that a use-after-free vulnerability existed in the Bluetooth stack in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3640) It was discovered that the Xen netback driver in the Linux kernel did not properly handle packets structured in certain ways. An attacker in a guest VM could possibly use this to cause a denial of service (host NIC availability). (CVE-2022-3643) It was discovered that the NILFS2 file system implementation in the Linux kernel did not properly deallocate memory in certain error conditions. An attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-3646) Khalid Masum discovered that the NILFS2 file system implementation in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-3649) Jann Horn discovered a race condition existed in the Linux kernel when unmapping VMAs in certain situations, resulting in possible use-after-free vulnerabilities. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-39188) Hyunwoo Kim discovered that an integer overflow vulnerability existed in the PXA3xx graphics driver in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-39842) It was discovered that a race condition existed in the EFI capsule loader driver in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-40307) Zheng Wang and Zhuorao Yang discovered that the RealTek RTL8712U wireless driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-4095) It was discovered that a race condition existed in the SMSC UFX USB driver implementation in the Linux kernel, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41849) It was discovered that a race condition existed in the Roccat HID driver in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41850) Tamás Koczka discovered that the Bluetooth L2CAP implementation in the Linux kernel did not properly initialize memory in some situations. A physically proximate attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-42895) It was discovered that the USB monitoring (usbmon) component in the Linux kernel did not properly set permissions on memory mapped in to user space processes. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-43750) It was discovered that an integer overflow vulnerability existed in the Bluetooth subsystem in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2022-45934) It was discovered that the USB core subsystem in the Linux kernel did not properly handle nested reset events. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (kernel deadlock). (CVE-2022-4662) Arnaud Gatignol, Quentin Minster, Florent Saudel and Guillaume Teissier discovered that the KSMBD implementation in the Linux kernel did not properly validate user-supplied data in some situations. An authenticated attacker could use this to cause a denial of service (system crash), expose sensitive information (kernel memory) or possibly execute arbitrary code. (CVE-2022-47940) It was discovered that a race condition existed in the qdisc implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-0590) ...

📰 USN-6465-3: Linux kernel (GKE) vulnerabilities


📈 38.87 Punkte
🐧 Unix Server

📰 USN-5938-1: Linux kernel (GKE) vulnerabilities


📈 38.87 Punkte
🐧 Unix Server

📰 USN-5875-1: Linux kernel (GKE) vulnerabilities


📈 38.87 Punkte
🐧 Unix Server

📰 USN-5860-1: Linux kernel (GKE) vulnerabilities


📈 38.87 Punkte
🐧 Unix Server

📰 USN-5756-2: Linux kernel (GKE) vulnerabilities


📈 38.87 Punkte
🐧 Unix Server

📰 USN-5654-1: Linux kernel (GKE) vulnerabilities


📈 38.87 Punkte
🐧 Unix Server

📰 USN-3364-3: Linux kernel (AWS, GKE) vulnerabilities


📈 38.87 Punkte
🐧 Unix Server

📰 USN-6864-3: Linux kernel (GKE) vulnerabilities


📈 38.87 Punkte
🐧 Unix Server

📰 USN-6653-4: Linux kernel (GKE) vulnerabilities


📈 38.87 Punkte
🐧 Unix Server

📰 USN-6548-4: Linux kernel (GKE) vulnerabilities


📈 38.87 Punkte
🐧 Unix Server

📰 USN-5877-1: Linux kernel (GKE) vulnerabilities


📈 26.44 Punkte
🐧 Unix Server

📰 USN-6898-3: Linux kernel kernel vulnerabilities


📈 21.64 Punkte
🐧 Unix Server

📰 USN-3371-1: Linux kernel (HWE) kernel vulnerabilities


📈 21.64 Punkte
🐧 Unix Server

🎥 Sleep API, GKE Autopilot, BigQuery BI Engine, and more!


📈 21.53 Punkte
🎥 Videos

🎥 Hybrid Connectivity Networking with Google Cloud GKE Enterprise


📈 21.53 Punkte
🎥 Video | Youtube

📰 Google introduces GKE Autopilot for hands-off Kubernetes


📈 21.53 Punkte
📰 IT Nachrichten

🎥 Essential Tactics to Protect Your Apps in Google Kubernetes Engine (GKE)


📈 21.53 Punkte
🎥 Video | Youtube

📰 GKE Auditor – Detect Google Kubernetes Engine Misconfigurations


📈 21.53 Punkte
📰 IT Security Nachrichten

🔧 Using Cloud Monitoring to Monitor IRIS-Based Applications Deployed in GKE


📈 21.53 Punkte
🔧 Programmierung

📰 Google Announces Confidential GKE Nodes, General Availability of Confidential VMs


📈 21.53 Punkte
📰 IT Security Nachrichten

🔧 Kong Hybrid Mode Deployment: GKE and On-Prem


📈 21.53 Punkte
🔧 Programmierung

📰 Google Adds GKE Open-Source Dependencies to Vulnerability Rewards Program


📈 21.53 Punkte
📰 IT Security Nachrichten

🔧 Kong Hybrid Mode Deployment: GKE and On-Prem


📈 21.53 Punkte
🔧 Programmierung

🎥 Game Developers Conference, Android Flash Tool, run Windows Server containers on GKE, & more!


📈 21.53 Punkte
🎥 Videos

🔧 Best of Google Cloud Next 24 - Gemini AI, Vertex AI, GKE, New Axion Chip and others


📈 21.53 Punkte
🔧 Programmierung

🎥 GKE, AWS, & S3 Buckets - Application Security Weekly #67


📈 21.53 Punkte
🎥 IT Security Video

🎥 What is GKE Enterprise?


📈 21.53 Punkte
🎥 Video | Youtube

🔧 Installing a Database Management Application on GKE with Percona Everest


📈 21.53 Punkte
🔧 Programmierung

🎥 GKE, AWS, & S3 Buckets – Application Security Weekly #67


📈 21.53 Punkte
🎥 IT Security Video

🎥 Demo: Building cloud-native, AI-powered applications with GKE


📈 21.53 Punkte
🎥 Videos

🎥 Serving With TF and GKE: Stable Diffusion


📈 21.53 Punkte
🎥 Künstliche Intelligenz Videos

🎥 Enhancing GKE efficiency with Filestore multishares


📈 21.53 Punkte
🎥 Video | Youtube

🔧 AKS vs EKS vs GKE


📈 21.53 Punkte
🔧 Programmierung

matomo