jiachao2130/cvrf2cusa
1
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
fd42fc96e3
cvrf2cusa/cusa/k/kernel/kernel-5.10.0-60.100.0.124_openEuler-SA-2023-1381.json
Jia Chao fd42fc96e3 release v0.1.2 
Signed-off-by: Jia Chao <jiac13@chinaunicom.cn>
2024-08-01 10:25:22 +08:00

14 lines
2.0 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"id": "openEuler-SA-2023-1381",
"url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2023-1381",
"title": "An update for kernel is now available for openEuler-22.03-LTS",
"severity": "High",
"description": "The Linux Kernel, the operating system core itself.\r\n\r\nSecurity Fix(es):\r\n\r\nA memory corruption flaw was found in the Linux kernels human interface device (HID) subsystem in how a user inserts a malicious USB device. This flaw allows a local user to crash or potentially escalate their privileges on the system.(CVE-2023-1073)\r\n\r\nA memory leak flaw was found in the Linux kernel's Stream Control Transmission Protocol. This issue may occur when a user starts a malicious networking service and someone connects to this service. This could allow a local user to starve resources, causing a denial of service.(CVE-2023-1074)\r\n\r\nIn nf_tables_updtable, if nf_tables_table_enable returns an error, nft_trans_destroy is called to free the transaction object. nft_trans_destroy() calls list_del(), but the transaction was never placed on a list -- the list head is all zeroes, this results in a NULL pointer dereference.(CVE-2023-1095)\r\n\r\nA use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak.(CVE-2023-3141)\r\n\r\nAn out of bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. This flaw could allow a local attacker to crash the system or leak kernel internal information.(CVE-2023-3268)\r\n\r\nAn issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in rkvdec_remove in drivers/staging/media/rkvdec/rkvdec.c.(CVE-2023-35829)",
"cves": [
{
"id": "CVE-2023-35829",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-35829",
"severity": "Medium"
}
]
}
Reference in New Issue View Git Blame Copy Permalink