#Listhead linux kernel example driver#
This flaw allows a local user to crash or escalate their privileges on the system.Ī use-after-free vulnerability was found in the cxgb4 driver in the Linux kernel. The problem is that the following upstream commits - a096ccca6e50 ("tun: tun_chr_open(): correctly initialize socket uid"), - 66b2c338adce ("tap: tap_open(): correctly initialize socket uid"), pass "inode->i_uid" to sock_init_data_uid() as the last parameter and that turns out to not be accurate.Ī use-after-free flaw was found in the Linux kernel’s Netfilter functionality when adding a rule with NFTA_RULE_CHAIN_ID. The original patches fixing CVE-2023-1076 are incorrect or incomplete. This issue could allow a local user to bypass network filters and gain unauthorized access to some resources.
Since the file name characters are copied into a stack variable, a local privileged attacker could use this flaw to overflow the kernel stack.Ī flaw was found in the Linux kernel's TUN/TAP functionality. The vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a single long file name. This issue may allow a local attacker to crash the system due to a missing sanity check.Ī flaw was found in the exFAT driver of the Linux kernel. This issue could allow a local attacker to crash the system due to a double-free while cleaning up vmxnet3_rq_cleanup_all, which could also lead to a kernel information leak problem.Ī NULL pointer dereference flaw was found in dbFree in fs/jfs/jfs_dmap.c in the journaling file system (JFS) in the Linux Kernel.
This issue may allow a local attacker with user privilege to crash the system or may lead to leaked internal kernel information.Ī use-after-free flaw was found in vmxnet3_rq_alloc_rx_buf in drivers/net/vmxnet3/vmxnet3_drv.c in VMware's vmxnet3 ethernet NIC driver in the Linux Kernel. This flaw allows a local attacker with special privileges to cause a system crash or leak internal kernel informationĪ flaw was found in btrfs_get_root_ref in fs/btrfs/disk-io.c in the btrfs filesystem in the Linux Kernel due to a double decrement of the reference count.
This issue may allow a local attacker with normal user privilege to cause a denial of service due to a missing sanity check during cleanup.Ī use-after-free flaw was found in btrfs_get_dev_args_from_path in fs/btrfs/volumes.c in btrfs file-system in the Linux Kernel. This issue may allow a local attacker to cause a double-deactivations of catchall elements, which results in a memory leak.Ī NULL pointer dereference flaw was found in vmxnet3_rq_cleanup in drivers/net/vmxnet3/vmxnet3_drv.c in the networking sub-component in vmxnet3 in the Linux Kernel. This issue is caused by a race between mbind() and VMA-locked page fault, and may allow a local attacker to crash the system or lead to a kernel information leak.Ī memory leak flaw was found in nft_set_catchall_flush in net/netfilter/nf_tables_api.c in the Linux Kernel. A use-after-free flaw was found in mm/mempolicy.c in the memory management subsystem in the Linux Kernel.
0 kommentar(er)
