Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the
Linux kernel did not properly restrict access to the cgroups v1
release_agent feature. A local attacker could use this to gain
administrative privileges. (CVE-2022-0492)
Brendan Dolan-Gavitt discovered that the Marvell WiFi-Ex USB device driver
in the Linux kernel did not properly handle some error conditions. A
physically proximate attacker could use this to cause a denial of service
(system crash). (CVE-2021-43976)
Wenqing Liu discovered that the f2fs file system implementation in the
Linux kernel did not properly validate inode types while performing garbage
collection. An attacker could use this to construct a malicious f2fs image
that, when mounted and operated on, could cause a denial of service (system
crash). (CVE-2021-44879)
Samuel Page discovered that the Transparent Inter-Process Communication
(TIPC) protocol implementation in the Linux kernel contained a stack-based
buffer overflow. A remote attacker could use this to cause a denial of
service (system crash) for systems that have a TIPC bearer configured.
(CVE-2022-0435)
Lyu Tao discovered that the NFS implementation in the Linux kernel did not
properly handle requests to open a directory on a regular file. A local
attacker could use this to expose sensitive information (kernel memory).
(CVE-2022-24448)
It was discovered that the YAM AX.25 device driver in the Linux kernel did
not properly deallocate memory in some error conditions. A local privileged
attacker could use this to cause a denial of service (kernel memory
exhaustion). (CVE-2022-24959)
More Stories
CrushFTP VFS Sandbox Escape Vulnerability (CVE-2024-4040)
What is the vulnerability? A zero-day security vulnerability has been uncovered in an enterprise file-transfer software CrushFTP. The vulnerability tagged...
gdcm-3.0.23-5.fc39
FEDORA-2024-11821b16ac Packages in this update: gdcm-3.0.23-5.fc39 Update description: Security fixes TALOS-2024-1924, CVE-2024-22391: heap overflow TALOS-2024-1935, CVE-2024-22373: out-of-bounds write TALOS-2024-1944, CVE-2024-25569:...
gdcm-3.0.12-7.el9
FEDORA-EPEL-2024-f5884f808a Packages in this update: gdcm-3.0.12-7.el9 Update description: Security fixes TALOS-2024-1924, CVE-2024-22391: heap overflow TALOS-2024-1935, CVE-2024-22373: out-of-bounds write TALOS-2024-1944, CVE-2024-25569:...
gdcm-3.0.21-4.fc38
FEDORA-2024-7a57842ec3 Packages in this update: gdcm-3.0.21-4.fc38 Update description: Security fixes TALOS-2024-1924, CVE-2024-22391: heap overflow TALOS-2024-1935, CVE-2024-22373: out-of-bounds write TALOS-2024-1944, CVE-2024-25569:...
gdcm-3.0.23-5.fc40
FEDORA-2024-fae33e6e9f Packages in this update: gdcm-3.0.23-5.fc40 Update description: Security fixes TALOS-2024-1924, CVE-2024-22391: heap overflow TALOS-2024-1935, CVE-2024-22373: out-of-bounds write TALOS-2024-1944, CVE-2024-25569:...
gdcm-3.0.23-5.fc41
FEDORA-2024-c5909efa5c Packages in this update: gdcm-3.0.23-5.fc41 Update description: Automatic update for gdcm-3.0.23-5.fc41. Changelog * Fri Apr 26 2024 Sandro <devel@penguinpee.nl>...