Aggregator

A vulnerability classified as problematic has been found in Linux Kernel up to 5.18.17/5.19.1. This affects the function elem_size of the component bpf. The manipulation leads to privilege escalation. This vulnerability is uniquely identified as CVE-2022-50167. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.19.1. It has been rated as critical. Affected by this issue is the function usbnet_deferred_kevent of the file aqc111.c of the component USB Ethernet Driver. The manipulation leads to use after free. This vulnerability is handled as CVE-2022-50220. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.19.1. It has been declared as critical. Affected by this vulnerability is the function SG_FLAG_DIRECT_IO of the component iSCSI Driver. The manipulation leads to buffer overflow. This vulnerability is known as CVE-2022-50215. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.4.210/5.10.136/5.15.60/5.18.17/5.19.1. It has been classified as critical. Affected is the function coresight_release_platform_data in the library lib/refcount.c. The manipulation leads to use after free. This vulnerability is traded as CVE-2022-50214. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

2023 年 6 月旅游观光公司 OceanGate 的深海潜艇泰坦号在水下解体，五名乘客全部遇难。遇难者包括了公司创始人兼 CEO Stockton Rush。早期披露的信息显示灾难发生的一个重要原因是 CEO 的刚愎自用，无视安全问题。这场灾难本可以预防的。Netflix 上周上映的纪录片《Titan: The OceanGate Disaster》揭露了泰坦号潜艇事故的更多细节：泰坦号最早使用的碳纤维船壳在出现明显裂纹后替换为第二个碳纤维船壳；第二个船壳的三个缩小模型未通过测试，然而 OceanGate 决定不管继续建造；潜艇在潜水中多次传出巨大声响，CEO 不以为然的称之为“风干（seasoning）”；提出安全问题的员工或者解雇或者主动辞职；Rush 想让公司会计 Bonnie Carl 担任潜艇驾驶员，她是一位有经验的潜水员，她拒绝去驾驶潜艇而选择了辞职，她说疯了吗我是会计。

De Koninklijke Marine heeft er tijdelijk een patrouilleschip bij. DSS Galatea is vandaag in Den Helder officieel overgedragen van Damen Shipyards aan Defensie. Het civiele schip ligt niet lang aan de kade, want tijdens de NAVO-top in Den Haag wordt het direct ingezet.

A vulnerability was found in Linux Kernel up to 5.4.210/5.10.136/5.15.60/5.18.17/5.19.1 and classified as problematic. This issue affects the function list_add in the library lib/list_debug.c of the component wifi. The manipulation leads to privilege escalation. The identification of this vulnerability is CVE-2022-50164. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 5.19.1 and classified as critical. This vulnerability affects the function if_usb_probe of the component wifi. The manipulation leads to improper update of reference count. This vulnerability was named CVE-2022-50162. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 5.19.1. This affects the function of_find_matching_node_and_match of the component mtd. The manipulation leads to improper update of reference count. This vulnerability is uniquely identified as CVE-2022-50161. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 5.19.1. Affected by this issue is the function of_find_matching_node of the component mtd. The manipulation leads to improper update of reference count. This vulnerability is handled as CVE-2022-50160. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 5.15.60/5.18.17/5.19.1. Affected by this vulnerability is the function ima_get_kexec_buffer. The manipulation leads to denial of service. This vulnerability is known as CVE-2022-50159. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel. Affected is the function of_get_child_by_name of the component mtd. The manipulation leads to improper update of reference count. This vulnerability is traded as CVE-2022-50158. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.60/5.18.17/5.19.1. It has been rated as critical. This issue affects the function mc_pcie_init_irq_domains of the component PCI. The manipulation leads to improper update of reference count. The identification of this vulnerability is CVE-2022-50157. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.60/5.18.17/5.19.1. It has been declared as critical. This vulnerability affects the function of_find_node_by_path of the component mtd. The manipulation leads to improper update of reference count. This vulnerability was named CVE-2022-50155. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.62/5.19.1. It has been classified as problematic. This affects the function cdns3_allocate_trb_pool of the component usb. The manipulation leads to allocation of resources. This vulnerability is uniquely identified as CVE-2022-50151. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.60/5.18.17/5.19.1 and classified as problematic. Affected by this issue is the function get_nodes of the component mempolicy. The manipulation leads to out-of-bounds read. This vulnerability is handled as CVE-2022-50147. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 5.15.60/5.18.17/5.19.1 and classified as critical. Affected by this vulnerability is the function mtk_pcie_init_irq_domains of the component PCI. The manipulation leads to improper update of reference count. This vulnerability is known as CVE-2022-50154. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 5.10.136/5.15.60/5.18.17/5.19.1. Affected is the function device_prep_dma_memcpy of the file /sys/module/dmatest/parameters/threads_per_chan. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2022-50145. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 5.19.1. This issue affects the function cp2112_xfer of the file drivers/hid/hid-cp2112.c of the component HID. The manipulation of the argument read_length leads to buffer overflow. The identification of this vulnerability is CVE-2022-50156. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 5.19.1. This vulnerability affects the function of_find_compatible_node of the component usb. The manipulation leads to improper update of reference count. This vulnerability was named CVE-2022-50153. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.