Vuldb Updates

A vulnerability was found in Linux Kernel up to 5.16.18/5.17.1 and classified as problematic. This issue affects the function venus_helper_alloc_dpb_bufs. The manipulation leads to memory leak. The identification of this vulnerability is CVE-2021-47655. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 5.15.45/5.17.13/5.18.2. Affected by this vulnerability is the function log_replay. The manipulation leads to memory leak. This vulnerability is known as CVE-2021-47660. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 5.17.3. Affected by this issue is the function poly1305_update_arch of the file arch/x86/crypto/poly1305_glue.c. The manipulation of the argument link_len leads to buffer overflow. This vulnerability is handled as CVE-2022-49058. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.31/5.16.17/5.17.0. It has been classified as critical. Affected is the function virtio_gpu_array_put_free. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2021-47657. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.32/5.16.18/5.17.1. It has been declared as critical. Affected by this vulnerability is the function parse_path. The manipulation leads to memory leak. This vulnerability is known as CVE-2021-47654. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 5.17.3 and classified as critical. Affected by this vulnerability is the function kmalloc_array. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2022-49055. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.34/5.17.3 and classified as problematic. Affected by this issue is the function dev_set_name. The manipulation leads to unchecked return value. This vulnerability is handled as CVE-2022-49046. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 5.4.189/5.10.111/5.15.34/5.17.3 and classified as critical. This vulnerability affects the function smc_pnet_find_ib. The manipulation leads to null pointer dereference. This vulnerability was named CVE-2022-49060. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.4.189/5.10.111/5.15.34/5.17.3 and classified as critical. This issue affects the function tse_pcs_fix_mac_speed. The manipulation leads to null pointer dereference. The identification of this vulnerability is CVE-2022-49061. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Linux Kernel up to 5.17.3. Affected by this vulnerability is the function slab-out-of-bounds of the component cachefiles_set_volume_xattr. The manipulation leads to out-of-bounds read. This vulnerability is known as CVE-2022-49062. It is possible to launch the attack on the physical device. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mercedes Benz Head-Unit NTG6. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Profile Settings Handler. The manipulation leads to out-of-bounds read. This vulnerability is known as CVE-2023-34401. It is possible to launch the attack on the physical device. There is no exploit available.

A vulnerability classified as problematic was found in Mercedes Benz Head-Unit NTG6. This vulnerability affects unknown code of the component Connect Module CSB. The manipulation leads to race condition. This vulnerability was named CVE-2023-34403. It is possible to launch the attack on the physical device. There is no exploit available.

A vulnerability classified as critical has been found in Imagination Technologies Graphics DDK up to 24.3 RTM. Affected is an unknown function. The manipulation leads to use of out-of-range pointer offset. This vulnerability is traded as CVE-2024-12577. Attacking locally is a requirement. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.33/5.16.19/5.17.2. It has been declared as critical. Affected by this vulnerability is the function change_page_attr. The manipulation leads to permission issues. This vulnerability is known as CVE-2021-47632. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.4.188/5.10.109/5.15.32/5.16.18/5.17.1. It has been rated as problematic. Affected by this issue is the function PTE_RPN_SHIFT in the library lib/test_kasan.c. The manipulation leads to out-of-bounds read. This vulnerability is handled as CVE-2021-47640. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 5.17.1 and classified as problematic. Affected by this vulnerability is the function ubifs_free_inode. The manipulation leads to double free. This vulnerability is known as CVE-2021-47638. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.17.1. It has been rated as problematic. This issue affects the function ubifs_wbuf_write_nolock. The manipulation leads to out-of-bounds read. The identification of this vulnerability is CVE-2021-47636. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Linux Kernel up to 5.17.1. Affected is an unknown function. The manipulation leads to deadlock. This vulnerability is traded as CVE-2021-47637. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.17.3. It has been classified as critical. Affected is the function da850_evm_config_emac. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2021-47631. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.10.109/5.15.32/5.16.18/5.17.1. It has been declared as critical. Affected by this vulnerability is the function zoran_reap_stat_com. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2021-47645. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.