rpm package
almalinux/libperf
pkg:rpm/almalinux/libperf
Vulnerabilities (771)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-0565 | Med | 6.8 | < 5.14.0-427.13.1.el9_4 | 5.14.0-427.13.1.el9_4 | Jan 15, 2024 | An out-of-bounds memory read flaw was found in receive_encrypted_standard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel. This issue occurs due to integer underflow on the memcpy length, leading to a denial of service. | |
| CVE-2023-6915 | Med | 6.2 | < 5.14.0-427.13.1.el9_4 | 5.14.0-427.13.1.el9_4 | Jan 15, 2024 | A Null pointer dereference problem was found in ida_free in lib/idr.c in the Linux Kernel. This issue may allow an attacker using this library to cause a denial of service problem due to a missing check at a function return. | |
| CVE-2023-6040 | Hig | 7.8 | < 5.14.0-427.13.1.el9_4 | 5.14.0-427.13.1.el9_4 | Jan 12, 2024 | An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 (netfilter: nf_tables: Reject tables of unsupported family); While creating a new netfilter table, lack of a safeguard against invalid nf_tables family (pf) values within `nf_tables_ | |
| CVE-2023-51780 | Hig | 7.0 | < 5.14.0-427.13.1.el9_4 | 5.14.0-427.13.1.el9_4 | Jan 11, 2024 | An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg race condition. | |
| CVE-2023-6546 | Hig | 7.0 | < 5.14.0-427.13.1.el9_4 | 5.14.0-427.13.1.el9_4 | Dec 21, 2023 | A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOC_SETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsm_dlci | |
| CVE-2023-6932 | Hig | 7.8 | < 5.14.0-427.13.1.el9_4 | 5.14.0-427.13.1.el9_4 | Dec 19, 2023 | A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation. A race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread. We recomme | |
| CVE-2023-6931 | Hig | 7.8 | < 5.14.0-427.13.1.el9_4 | 5.14.0-427.13.1.el9_4 | Dec 19, 2023 | A heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component can be exploited to achieve local privilege escalation. A perf_event's read_size can overflow, leading to an heap out-of-bounds increment or write in perf_read_group(). We recomme | |
| CVE-2023-6622 | Med | 5.5 | < 5.14.0-427.13.1.el9_4 | 5.14.0-427.13.1.el9_4 | Dec 8, 2023 | A null pointer dereference vulnerability was found in nft_dynset_init() in net/netfilter/nft_dynset.c in nf_tables in the Linux kernel. This issue may allow a local attacker with CAP_NET_ADMIN user privilege to trigger a denial of service. | |
| CVE-2023-24023 | Med | 6.8 | < 5.14.0-427.13.1.el9_4 | 5.14.0-427.13.1.el9_4 | Nov 28, 2023 | Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain man-in-the-middle attacks that force a short key length, and might lead to discovery of the encryption key and live injection, aka BLUF | |
| CVE-2023-6176 | Med | 4.7 | < 5.14.0-427.13.1.el9_4 | 5.14.0-427.13.1.el9_4 | Nov 16, 2023 | A null pointer dereference flaw was found in the Linux kernel API for the cryptographic algorithm scatterwalk functionality. This issue occurs when a user constructs a malicious packet with specific socket configuration, which could allow a local user to crash the system or escal | |
| CVE-2023-6121 | Med | 4.3 | < 5.14.0-427.13.1.el9_4 | 5.14.0-427.13.1.el9_4 | Nov 16, 2023 | An out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a remote attacker to send a crafted TCP packet, triggering a heap-based buffer overflow that results in kmalloc data being printed and potentially leaked to the ke | |
| CVE-2023-39198 | Hig | 7.5 | < 5.14.0-427.13.1.el9_4 | 5.14.0-427.13.1.el9_4 | Nov 9, 2023 | A race condition was found in the QXL driver in the Linux kernel. The qxl_mode_dumb_create() function dereferences the qobj returned by the qxl_gem_object_create_with_handle(), but the handle is the only one holding a reference to it. This flaw allows an attacker to guess the ret | |
| CVE-2023-46862 | Med | 4.7 | < 5.14.0-427.13.1.el9_4 | 5.14.0-427.13.1.el9_4 | Oct 29, 2023 | An issue was discovered in the Linux kernel through 6.5.9. During a race with SQ thread exit, an io_uring/fdinfo.c io_uring_show_fdinfo NULL pointer dereference can occur. | |
| CVE-2023-45863 | Med | 6.4 | < 5.14.0-427.13.1.el9_4 | 5.14.0-427.13.1.el9_4 | Oct 14, 2023 | An issue was discovered in lib/kobject.c in the Linux kernel before 6.2.3. With root access, an attacker can trigger a race condition that results in a fill_kobj_path out-of-bounds write. | |
| CVE-2023-39194 | Low | 3.2 | < 5.14.0-427.13.1.el9_4 | 5.14.0-427.13.1.el9_4 | Oct 9, 2023 | A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds re | |
| CVE-2023-39193 | Med | 6.1 | < 5.14.0-427.13.1.el9_4 | 5.14.0-427.13.1.el9_4 | Oct 9, 2023 | A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure. | |
| CVE-2023-39189 | Med | 5.1 | < 5.14.0-427.13.1.el9_4 | 5.14.0-427.13.1.el9_4 | Oct 9, 2023 | A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate the user mode controlled opt_num field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or inform | |
| CVE-2023-42754 | Med | 5.5 | < 5.14.0-427.13.1.el9_4 | 5.14.0-427.13.1.el9_4 | Oct 5, 2023 | A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with C | |
| CVE-2023-42756 | Med | 4.4 | < 5.14.0-427.13.1.el9_4 | 5.14.0-427.13.1.el9_4 | Sep 28, 2023 | A flaw was found in the Netfilter subsystem of the Linux kernel. A race condition between IPSET_CMD_ADD and IPSET_CMD_SWAP can lead to a kernel panic due to the invocation of `__ip_set_put` on a wrong `set`. This issue may allow a local user to crash the system. | |
| CVE-2023-25775 | Med | 5.6 | < 5.14.0-427.13.1.el9_4 | 5.14.0-427.13.1.el9_4 | Aug 11, 2023 | Improper access control in the Intel(R) Ethernet Controller RDMA driver for linux before version 1.9.30 may allow an unauthenticated user to potentially enable escalation of privilege via network access. |
- affected < 5.14.0-427.13.1.el9_4fixed 5.14.0-427.13.1.el9_4
An out-of-bounds memory read flaw was found in receive_encrypted_standard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel. This issue occurs due to integer underflow on the memcpy length, leading to a denial of service.
- affected < 5.14.0-427.13.1.el9_4fixed 5.14.0-427.13.1.el9_4
A Null pointer dereference problem was found in ida_free in lib/idr.c in the Linux Kernel. This issue may allow an attacker using this library to cause a denial of service problem due to a missing check at a function return.
- affected < 5.14.0-427.13.1.el9_4fixed 5.14.0-427.13.1.el9_4
An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 (netfilter: nf_tables: Reject tables of unsupported family); While creating a new netfilter table, lack of a safeguard against invalid nf_tables family (pf) values within `nf_tables_
- affected < 5.14.0-427.13.1.el9_4fixed 5.14.0-427.13.1.el9_4
An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg race condition.
- affected < 5.14.0-427.13.1.el9_4fixed 5.14.0-427.13.1.el9_4
A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOC_SETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsm_dlci
- affected < 5.14.0-427.13.1.el9_4fixed 5.14.0-427.13.1.el9_4
A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation. A race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread. We recomme
- affected < 5.14.0-427.13.1.el9_4fixed 5.14.0-427.13.1.el9_4
A heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component can be exploited to achieve local privilege escalation. A perf_event's read_size can overflow, leading to an heap out-of-bounds increment or write in perf_read_group(). We recomme
- affected < 5.14.0-427.13.1.el9_4fixed 5.14.0-427.13.1.el9_4
A null pointer dereference vulnerability was found in nft_dynset_init() in net/netfilter/nft_dynset.c in nf_tables in the Linux kernel. This issue may allow a local attacker with CAP_NET_ADMIN user privilege to trigger a denial of service.
- affected < 5.14.0-427.13.1.el9_4fixed 5.14.0-427.13.1.el9_4
Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain man-in-the-middle attacks that force a short key length, and might lead to discovery of the encryption key and live injection, aka BLUF
- affected < 5.14.0-427.13.1.el9_4fixed 5.14.0-427.13.1.el9_4
A null pointer dereference flaw was found in the Linux kernel API for the cryptographic algorithm scatterwalk functionality. This issue occurs when a user constructs a malicious packet with specific socket configuration, which could allow a local user to crash the system or escal
- affected < 5.14.0-427.13.1.el9_4fixed 5.14.0-427.13.1.el9_4
An out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a remote attacker to send a crafted TCP packet, triggering a heap-based buffer overflow that results in kmalloc data being printed and potentially leaked to the ke
- affected < 5.14.0-427.13.1.el9_4fixed 5.14.0-427.13.1.el9_4
A race condition was found in the QXL driver in the Linux kernel. The qxl_mode_dumb_create() function dereferences the qobj returned by the qxl_gem_object_create_with_handle(), but the handle is the only one holding a reference to it. This flaw allows an attacker to guess the ret
- affected < 5.14.0-427.13.1.el9_4fixed 5.14.0-427.13.1.el9_4
An issue was discovered in the Linux kernel through 6.5.9. During a race with SQ thread exit, an io_uring/fdinfo.c io_uring_show_fdinfo NULL pointer dereference can occur.
- affected < 5.14.0-427.13.1.el9_4fixed 5.14.0-427.13.1.el9_4
An issue was discovered in lib/kobject.c in the Linux kernel before 6.2.3. With root access, an attacker can trigger a race condition that results in a fill_kobj_path out-of-bounds write.
- affected < 5.14.0-427.13.1.el9_4fixed 5.14.0-427.13.1.el9_4
A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds re
- affected < 5.14.0-427.13.1.el9_4fixed 5.14.0-427.13.1.el9_4
A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.
- affected < 5.14.0-427.13.1.el9_4fixed 5.14.0-427.13.1.el9_4
A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate the user mode controlled opt_num field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or inform
- affected < 5.14.0-427.13.1.el9_4fixed 5.14.0-427.13.1.el9_4
A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with C
- affected < 5.14.0-427.13.1.el9_4fixed 5.14.0-427.13.1.el9_4
A flaw was found in the Netfilter subsystem of the Linux kernel. A race condition between IPSET_CMD_ADD and IPSET_CMD_SWAP can lead to a kernel panic due to the invocation of `__ip_set_put` on a wrong `set`. This issue may allow a local user to crash the system.
- affected < 5.14.0-427.13.1.el9_4fixed 5.14.0-427.13.1.el9_4
Improper access control in the Intel(R) Ethernet Controller RDMA driver for linux before version 1.9.30 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
Page 38 of 39