Home Original page

Log - Arch Linux

AVG-2821 edited at 02 Mar 2023 14:01:48
Severity
- Unknown
+ High
CVE-2022-37434 edited at 02 Mar 2023 14:01:48
Severity
- Unknown
+ High
Remote
- Unknown
+ Local
Type
- Unknown
+ Arbitrary code execution
Description
+ A security vulnerability was found in zlib. The flaw triggered a heap-based buffer in inflate in the inflate.c function via a large gzip header extra field. This flaw is only applicable in the call inflateGetHeader.
References
+ https://github.com/archlinux/svntogit-packages/commit/842507fff025b6e7f447082988051155d932cd49
Notes
CVE-2022-36879 created at 01 Mar 2023 21:49:30
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
+ double xfrm_pols_put() in xfrm_bundle_lookup()
References
+ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f85daf0e725358be78dfd208dea5fd665d8cb901
+ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=80c802f3073e84c956846e921e8a0b02dfa3755f
+ https://kernel.dance/#CVE-2022-36879
Notes
CVE-2023-23455 created at 01 Mar 2023 21:32:09
Severity
+ Unknown
Remote
+ Unknown
Type
+ Insufficient validation
Description
+ the return code of of tcf_classify is insufficiently validated before interpreting part of the result as a pointer in the network schedulers code
References
+ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a2965c7be0522eaa18808684b7b82b248515511b
+ https://kernel.dance/#CVE-2023-23455
+ https://www.openwall.com/lists/oss-security/2023/01/10/1
+ https://www.openwall.com/lists/oss-security/2023/01/10/4
Notes
CVE-2022-47942 created at 01 Mar 2023 20:59:30
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
+ heap-overflow in set_ntacl_dacl() when setting a malformed file attribute under the label `security.NTACL` using SMB2_SET_INFO_HE followed by SMB2_QUERY_INFO_HE
References
+ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8f0541186e9ad1b62accc9519cc2b7a7240272a7
+ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9
+ https://kernel.dance/#CVE-2022-47942
Notes
CVE-2022-3524 created at 01 Mar 2023 20:53:09
Severity
+ Unknown
Remote
+ Unknown
Type
+ Denial of service
Description
+ memory leak in ipv6_renew_options() when one thread is converting an IPv6 socket into IPv4 with IPV6_ADDRFORM while another thread calls do_ipv6_setsockopt() and allocates memory to inet6_sk(sk)->XXX after conversion because the converted sk with (tcp|udp)_prot never frees the IPv6 resources, which inet6_destroy_sock() should have cleaned up
References
+ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3c52c6bb831f6335c176a0fc7214e26f43adbd11
+ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
+ https://kernel.dance/#CVE-2022-3524
Notes
AVG-2840 created at 01 Mar 2023 20:15:34
Packages
+ nvidia-dkms
Issues
+ CVE-2022-34670
+ CVE-2022-34673
+ CVE-2022-34674
+ CVE-2022-34676
+ CVE-2022-34677
+ CVE-2022-34678
+ CVE-2022-34679
+ CVE-2022-34680
+ CVE-2022-34682
+ CVE-2022-34684
+ CVE-2022-42254
+ CVE-2022-42255
+ CVE-2022-42256
+ CVE-2022-42257
+ CVE-2022-42258
+ CVE-2022-42259
+ CVE-2022-42263
+ CVE-2022-42264
+ CVE-2022-42265
Status
+ Fixed
Severity
+ Unknown
Affected
+ 525.60.10-1
Fixed
+ 525.60.11-1
Ticket
Advisory qualified
+ No
References
+ https://nvidia.custhelp.com/app/answers/detail/a_id/5415
Notes
AVG-2839 created at 01 Mar 2023 20:15:27
Packages
+ nvidia-lts
Issues
+ CVE-2022-34670
+ CVE-2022-34673
+ CVE-2022-34674
+ CVE-2022-34676
+ CVE-2022-34677
+ CVE-2022-34678
+ CVE-2022-34679
+ CVE-2022-34680
+ CVE-2022-34682
+ CVE-2022-34684
+ CVE-2022-42254
+ CVE-2022-42255
+ CVE-2022-42256
+ CVE-2022-42257
+ CVE-2022-42258
+ CVE-2022-42259
+ CVE-2022-42263
+ CVE-2022-42264
+ CVE-2022-42265
Status
+ Fixed
Severity
+ Unknown
Affected
+ 525.60.10-1
Fixed
+ 525.60.11-1
Ticket
Advisory qualified
+ No
References
+ https://nvidia.custhelp.com/app/answers/detail/a_id/5415
Notes
AVG-2838 created at 01 Mar 2023 20:14:46
Packages
+ nvidia
Issues
+ CVE-2022-34670
+ CVE-2022-34673
+ CVE-2022-34674
+ CVE-2022-34676
+ CVE-2022-34677
+ CVE-2022-34678
+ CVE-2022-34679
+ CVE-2022-34680
+ CVE-2022-34682
+ CVE-2022-34684
+ CVE-2022-42254
+ CVE-2022-42255
+ CVE-2022-42256
+ CVE-2022-42257
+ CVE-2022-42258
+ CVE-2022-42259
+ CVE-2022-42263
+ CVE-2022-42264
+ CVE-2022-42265
Status
+ Fixed
Severity
+ Unknown
Affected
+ 525.60.10-1
Fixed
+ 525.60.11-1
Ticket
Advisory qualified
+ No
References
+ https://nvidia.custhelp.com/app/answers/detail/a_id/5415
Notes
CVE-2022-34676 created at 01 Mar 2023 20:14:46
AVG-2838 created at 01 Mar 2023 20:14:46
Packages
+ nvidia
Issues
+ CVE-2022-34670
+ CVE-2022-34673
+ CVE-2022-34674
+ CVE-2022-34676
+ CVE-2022-34677
+ CVE-2022-34678
+ CVE-2022-34679
+ CVE-2022-34680
+ CVE-2022-34682
+ CVE-2022-34684
+ CVE-2022-42254
+ CVE-2022-42255
+ CVE-2022-42256
+ CVE-2022-42257
+ CVE-2022-42258
+ CVE-2022-42259
+ CVE-2022-42263
+ CVE-2022-42264
+ CVE-2022-42265
Status
+ Fixed
Severity
+ Unknown
Affected
+ 525.60.10-1
Fixed
+ 525.60.11-1
Ticket
Advisory qualified
+ No
References
+ https://nvidia.custhelp.com/app/answers/detail/a_id/5415
Notes
CVE-2022-34673 created at 01 Mar 2023 20:14:46
AVG-2838 created at 01 Mar 2023 20:14:46
Packages
+ nvidia
Issues
+ CVE-2022-34670
+ CVE-2022-34673
+ CVE-2022-34674
+ CVE-2022-34676
+ CVE-2022-34677
+ CVE-2022-34678
+ CVE-2022-34679
+ CVE-2022-34680
+ CVE-2022-34682
+ CVE-2022-34684
+ CVE-2022-42254
+ CVE-2022-42255
+ CVE-2022-42256
+ CVE-2022-42257
+ CVE-2022-42258
+ CVE-2022-42259
+ CVE-2022-42263
+ CVE-2022-42264
+ CVE-2022-42265
Status
+ Fixed
Severity
+ Unknown
Affected
+ 525.60.10-1
Fixed
+ 525.60.11-1
Ticket
Advisory qualified
+ No
References
+ https://nvidia.custhelp.com/app/answers/detail/a_id/5415
Notes
CVE-2022-42264 created at 01 Mar 2023 20:14:46