what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 28 RSS Feed

CVE-2022-0494

Status Candidate

Overview

A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or CAP_SYS_RAWIO) to create issues with confidentiality.

Related Files

Ubuntu Security Notice USN-6014-1
Posted Apr 13, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6014-1 - Xuewei Feng, Chuanpu Fu, Qi Li, Kun Sun, and Ke Xu discovered that the TCP implementation in the Linux kernel did not properly handle IPID assignment. A remote attacker could use this to cause a denial of service or inject forged data. Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk, Lisa Aichele, and Thais Moreira Hamasaki discovered that the Spectre Variant 2 mitigations for AMD processors on Linux were insufficient in some situations. A local attacker could possibly use this to expose sensitive information.

tags | advisory, remote, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2020-36516, CVE-2021-26401, CVE-2021-28713, CVE-2021-3428, CVE-2021-3659, CVE-2021-3669, CVE-2021-3732, CVE-2021-3772, CVE-2021-4149, CVE-2021-4203, CVE-2021-45868, CVE-2022-0487, CVE-2022-0494, CVE-2022-0617
SHA-256 | b35ca435930e16fd5c80695ace0a0339c873cee40fdedf7c96c3a446b1a7ff00
Ubuntu Security Notice USN-6013-1
Posted Apr 12, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6013-1 - Xuewei Feng, Chuanpu Fu, Qi Li, Kun Sun, and Ke Xu discovered that the TCP implementation in the Linux kernel did not properly handle IPID assignment. A remote attacker could use this to cause a denial of service or inject forged data. Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk, Lisa Aichele, and Thais Moreira Hamasaki discovered that the Spectre Variant 2 mitigations for AMD processors on Linux were insufficient in some situations. A local attacker could possibly use this to expose sensitive information.

tags | advisory, remote, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2020-36516, CVE-2021-26401, CVE-2021-3428, CVE-2021-3659, CVE-2021-3669, CVE-2021-3732, CVE-2021-3772, CVE-2021-4149, CVE-2021-4203, CVE-2021-45868, CVE-2022-0487, CVE-2022-0494, CVE-2022-0617, CVE-2022-1016
SHA-256 | a9c225928b1c28bf90c101180a361e5db4576ba6b23acb6d2f68a5da43566ceb
Ubuntu Security Notice USN-6001-1
Posted Apr 6, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6001-1 - Xuewei Feng, Chuanpu Fu, Qi Li, Kun Sun, and Ke Xu discovered that the TCP implementation in the Linux kernel did not properly handle IPID assignment. A remote attacker could use this to cause a denial of service or inject forged data. Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk, Lisa Aichele, and Thais Moreira Hamasaki discovered that the Spectre Variant 2 mitigations for AMD processors on Linux were insufficient in some situations. A local attacker could possibly use this to expose sensitive information.

tags | advisory, remote, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2020-36516, CVE-2021-26401, CVE-2021-28713, CVE-2021-3428, CVE-2021-3659, CVE-2021-3669, CVE-2021-3732, CVE-2021-3772, CVE-2021-4149, CVE-2021-4203, CVE-2021-45868, CVE-2022-0487, CVE-2022-0494, CVE-2022-0617
SHA-256 | 41aeeefd2d4b93824f7651b99bd053dcc55a7bddef73bc96c89bc61e6121be0c
Red Hat Security Advisory 2022-7434-01
Posted Nov 10, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-7434-01 - A Red Hat OpenShift security update has been provided for the Logging Subsystem.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-35525, CVE-2020-35527, CVE-2022-0494, CVE-2022-1353, CVE-2022-21618, CVE-2022-21619, CVE-2022-21624, CVE-2022-21626, CVE-2022-21628, CVE-2022-23816, CVE-2022-23825, CVE-2022-2509, CVE-2022-2588, CVE-2022-29900
SHA-256 | 8955b3daac257bb1e631eab88f1476668bf890ade5b3c2f9df79ac69caf7f1a7
Red Hat Security Advisory 2022-6882-01
Posted Nov 9, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6882-01 - Openshift Logging 5.3.13 security and bug fix release.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-35525, CVE-2020-35527, CVE-2022-0494, CVE-2022-1353, CVE-2022-21618, CVE-2022-21619, CVE-2022-21624, CVE-2022-21626, CVE-2022-21628, CVE-2022-23816, CVE-2022-23825, CVE-2022-2509, CVE-2022-2588, CVE-2022-29900
SHA-256 | 7e65b18002978caefe3c4db2dc816316d156cfdc8df48304228fbb8fa76dbb4f
Red Hat Security Advisory 2022-7313-01
Posted Nov 3, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-7313-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.2 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Issues addressed include denial of service and remote SQL injection vulnerabilities.

tags | advisory, remote, denial of service, vulnerability, sql injection
systems | linux, redhat
advisories | CVE-2015-20107, CVE-2020-35525, CVE-2020-35527, CVE-2022-0391, CVE-2022-0494, CVE-2022-1353, CVE-2022-2238, CVE-2022-23816, CVE-2022-23825, CVE-2022-2509, CVE-2022-25858, CVE-2022-2588, CVE-2022-25887, CVE-2022-25896
SHA-256 | f088aaac528bedbfa16105a558b51c712895ea3407b41e433e40d884e498110f
Red Hat Security Advisory 2022-7201-01
Posted Nov 2, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-7201-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.12. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2020-35525, CVE-2020-35527, CVE-2022-0494, CVE-2022-1353, CVE-2022-23816, CVE-2022-23825, CVE-2022-2509, CVE-2022-2588, CVE-2022-26945, CVE-2022-29900, CVE-2022-29901, CVE-2022-30321, CVE-2022-30322, CVE-2022-30323
SHA-256 | 6d28e160aebd967897f3d87e1e5bfd567b29c6dba8e6d1fe4a5120cd1a1c659b
Red Hat Security Advisory 2022-7276-01
Posted Nov 2, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-7276-01 - Red Hat Advanced Cluster Management for Kubernetes 2.4.8 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs. Issues addressed include denial of service, server-side request forgery, and remote SQL injection vulnerabilities.

tags | advisory, remote, denial of service, vulnerability, sql injection
systems | linux, redhat
advisories | CVE-2020-35525, CVE-2020-35527, CVE-2022-0494, CVE-2022-1353, CVE-2022-2238, CVE-2022-23816, CVE-2022-23825, CVE-2022-2509, CVE-2022-25858, CVE-2022-2588, CVE-2022-29900, CVE-2022-29901, CVE-2022-31129, CVE-2022-34903
SHA-256 | 7ac9e1c7f562a5f00c685c3f4a883358404bdb691f54031e1c202dfc1880d591
Red Hat Security Advisory 2022-7134-01
Posted Oct 26, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-7134-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include code execution, information leakage, privilege escalation, and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2022-0494, CVE-2022-1353, CVE-2022-23816, CVE-2022-23825, CVE-2022-2588, CVE-2022-29900, CVE-2022-29901
SHA-256 | 6a450fa6510675d96313a97083abb8cf1284fa5ccbb8758fe7a577703508c005
Red Hat Security Advisory 2022-7110-01
Posted Oct 25, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-7110-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include code execution, information leakage, memory leak, privilege escalation, and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability, code execution, memory leak
systems | linux, redhat
advisories | CVE-2022-0494, CVE-2022-1353, CVE-2022-23816, CVE-2022-23825, CVE-2022-2588, CVE-2022-29900, CVE-2022-29901
SHA-256 | 7e26c2475110ff7340d7988275fa609b265fd44e6f52933eac803e2512ab54ab
Red Hat Security Advisory 2022-6890-01
Posted Oct 12, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6890-01 - Red Hat OpenShift Virtualization release 4.8.7 is now available with updates to packages and images that fix several bugs and add enhancements.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-25032, CVE-2022-0494, CVE-2022-1271, CVE-2022-1353, CVE-2022-1798, CVE-2022-23852, CVE-2022-2526, CVE-2022-29154
SHA-256 | 865dc2437127f82ee61a3bbf22c54a44ff05b2aef2f0dc94202891053162f66d
Red Hat Security Advisory 2022-6681-01
Posted Sep 22, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6681-01 - Red Hat OpenShift Virtualization release 4.9.6 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-0494, CVE-2022-1271, CVE-2022-1353, CVE-2022-1798, CVE-2022-2526, CVE-2022-29154
SHA-256 | 35fe0c51a1e2d8d57b8f5b189f065486839edc6ee7397371f98e2e4d322f3113
Red Hat Security Advisory 2022-6308-01
Posted Sep 15, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6308-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.8.49. There are no RPMs for this release. Space precludes documenting all of the container images in this advisory. Issues addressed include bypass and code execution vulnerabilities.

tags | advisory, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2021-39226, CVE-2022-0494, CVE-2022-1353, CVE-2022-2526, CVE-2022-26945, CVE-2022-29154, CVE-2022-30321, CVE-2022-30322, CVE-2022-30323, CVE-2022-30631
SHA-256 | f4ec47e45b2995e738ba4d5c413b3b051001f01fbe44c23ae6384ac45cd9c4fd
Red Hat Security Advisory 2022-6322-01
Posted Sep 14, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6322-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.7.59. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2021-39226, CVE-2022-0494, CVE-2022-1353, CVE-2022-2526, CVE-2022-29154
SHA-256 | b37c61fa9b0a01715103937414cdcd1f8bbc6653e67753636e2aab8aac2a3188
Red Hat Security Advisory 2022-6317-01
Posted Sep 13, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6317-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.9.48. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2021-39226, CVE-2022-0494, CVE-2022-1353, CVE-2022-2526, CVE-2022-29154
SHA-256 | 3f15efc05225b6294bf65a1ea6b228f58c09a6d5457425ee2388893c1ab723c3
Red Hat Security Advisory 2022-6318-01
Posted Sep 13, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6318-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.9.48. Issues addressed include denial of service and out of bounds read vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2021-38561, CVE-2022-0494, CVE-2022-1353, CVE-2022-2526, CVE-2022-29154
SHA-256 | 4511e638f28be3573a983b40c9c0db3cb4646873e67037396373a221a14ada01
Red Hat Security Advisory 2022-6258-01
Posted Sep 8, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6258-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.10.31. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2022-0494, CVE-2022-1353, CVE-2022-2526, CVE-2022-26945, CVE-2022-29154, CVE-2022-30321, CVE-2022-30322, CVE-2022-30323
SHA-256 | 9c03774205c2409f2fc031eeb76457ce7e96dea9a3a0cdf65ae28bf54eaa5970
Red Hat Security Advisory 2022-6248-01
Posted Aug 31, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6248-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include an information leakage vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2022-0494, CVE-2022-1353
SHA-256 | 4ac654fdf70d8f95756f3ba1831afcbde6d7cd88ba4585d3ccbc5a1f26d0d5ab
Red Hat Security Advisory 2022-6243-01
Posted Aug 31, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6243-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an information leakage vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2022-0494, CVE-2022-1353
SHA-256 | cb70b3258fb9d069f824d3ce0e82b6f98ac24afbee38e5acad4f326d990c751f
Ubuntu Security Notice USN-5582-1
Posted Aug 25, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5582-1 - Arthur Mongodin discovered that the netfilter subsystem in the Linux kernel did not properly perform data validation. A local attacker could use this to escalate privileges in certain situations. Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service or execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-0494, CVE-2022-1048, CVE-2022-1652, CVE-2022-1679, CVE-2022-1734, CVE-2022-1974, CVE-2022-1975, CVE-2022-2586, CVE-2022-2588, CVE-2022-28893, CVE-2022-34918
SHA-256 | 1ca1a64db88998d43f9355e5e4a3252647c28ac5ad353d3053a573a3434cc068
Ubuntu Security Notice USN-5562-1
Posted Aug 10, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5562-1 - Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-0494, CVE-2022-1048, CVE-2022-1652, CVE-2022-1679, CVE-2022-1734, CVE-2022-1974, CVE-2022-1975, CVE-2022-2586, CVE-2022-2588, CVE-2022-28893, CVE-2022-34918
SHA-256 | c885f38b774059929fa7229f706f1468b065d9a0e066149d46b5f404b4fda36c
Ubuntu Security Notice USN-5560-2
Posted Aug 10, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5560-2 - Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-0494, CVE-2022-1048, CVE-2022-1195, CVE-2022-1652, CVE-2022-1679, CVE-2022-1729, CVE-2022-1734, CVE-2022-1974, CVE-2022-1975, CVE-2022-2586, CVE-2022-2588, CVE-2022-33981, CVE-2022-34918
SHA-256 | 9074f1f7178d2158077da7331b9b96dca3ab1875c317daaedb241651b9c2b8e3
Ubuntu Security Notice USN-5560-1
Posted Aug 10, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5560-1 - Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-0494, CVE-2022-1048, CVE-2022-1195, CVE-2022-1652, CVE-2022-1679, CVE-2022-1729, CVE-2022-1734, CVE-2022-1974, CVE-2022-1975, CVE-2022-2586, CVE-2022-2588, CVE-2022-33981, CVE-2022-34918
SHA-256 | a156f85855d3dfab07d60c5d05ef3c9ea3d5a70c935227a3feb4443ce0a5e57a
Red Hat Security Advisory 2022-6002-01
Posted Aug 10, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6002-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include information leakage and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2022-0494, CVE-2022-1055
SHA-256 | fde52d1c66e01b7e7e92b68a8ef536752b374e28a0c3342638f3e0fff371ad3f
Red Hat Security Advisory 2022-6003-01
Posted Aug 10, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6003-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include information leakage and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2022-0494, CVE-2022-1055
SHA-256 | dff9ad76df6152cb8e72c0a3fa7adb30e40d50656ad8cb436db12d718b7dfd68
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close