exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

bind:"BDU:2024-08374" OR bind:"CVE-2023-52510"

exploitDog

bind:"BDU:2024-08374" OR bind:"CVE-2023-52510"

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 12

Количество 12

BDU:2024-08374

больше 1 года назад

Уязвимость компонента ca8210 ядра операционной системы Linux, позволяющая нарушителю повысить свои привилегии

CVSS3: 8.8

EPSS: Низкий

CVE-2023-52510

больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: ieee802154: ca8210: Fix a potential UAF in ca8210_probe If of_clk_add_provider() fails in ca8210_register_ext_clock(), it calls clk_unregister() to release priv->clk and returns an error. However, the caller ca8210_probe() then calls ca8210_remove(), where priv->clk is freed again in ca8210_unregister_ext_clock(). In this case, a use-after-free may happen in the second time we call clk_unregister(). Fix this by removing the first clk_unregister(). Also, priv->clk could be an error code on failure of clk_register_fixed_rate(). Use IS_ERR_OR_NULL to catch this case in ca8210_unregister_ext_clock().

CVSS3: 7.8

EPSS: Низкий

CVE-2023-52510

больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: ieee802154: ca8210: Fix a potential UAF in ca8210_probe If of_clk_add_provider() fails in ca8210_register_ext_clock(), it calls clk_unregister() to release priv->clk and returns an error. However, the caller ca8210_probe() then calls ca8210_remove(), where priv->clk is freed again in ca8210_unregister_ext_clock(). In this case, a use-after-free may happen in the second time we call clk_unregister(). Fix this by removing the first clk_unregister(). Also, priv->clk could be an error code on failure of clk_register_fixed_rate(). Use IS_ERR_OR_NULL to catch this case in ca8210_unregister_ext_clock().

CVSS3: 6

EPSS: Низкий

CVE-2023-52510

больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: ieee802154: ca8210: Fix a potential UAF in ca8210_probe If of_clk_add_provider() fails in ca8210_register_ext_clock(), it calls clk_unregister() to release priv->clk and returns an error. However, the caller ca8210_probe() then calls ca8210_remove(), where priv->clk is freed again in ca8210_unregister_ext_clock(). In this case, a use-after-free may happen in the second time we call clk_unregister(). Fix this by removing the first clk_unregister(). Also, priv->clk could be an error code on failure of clk_register_fixed_rate(). Use IS_ERR_OR_NULL to catch this case in ca8210_unregister_ext_clock().

CVSS3: 7.8

EPSS: Низкий

CVE-2023-52510

больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: i ...

CVSS3: 7.8

EPSS: Низкий

GHSA-2292-859m-6prp

больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: ieee802154: ca8210: Fix a potential UAF in ca8210_probe If of_clk_add_provider() fails in ca8210_register_ext_clock(), it calls clk_unregister() to release priv->clk and returns an error. However, the caller ca8210_probe() then calls ca8210_remove(), where priv->clk is freed again in ca8210_unregister_ext_clock(). In this case, a use-after-free may happen in the second time we call clk_unregister(). Fix this by removing the first clk_unregister(). Also, priv->clk could be an error code on failure of clk_register_fixed_rate(). Use IS_ERR_OR_NULL to catch this case in ca8210_unregister_ext_clock().

CVSS3: 7.8

EPSS: Низкий

ROS-20241011-01

8 месяцев назад

Множественные уязвимости kernel-lt

CVSS3: 8.8

EPSS: Низкий

SUSE-SU-2024:1321-1

около 1 года назад

Security update for the Linux Kernel

EPSS: Низкий

SUSE-SU-2024:1466-1

около 1 года назад

Security update for the Linux Kernel

EPSS: Низкий

SUSE-SU-2024:1322-1

около 1 года назад

Security update for the Linux Kernel

EPSS: Низкий

SUSE-SU-2024:1480-1

около 1 года назад

Security update for the Linux Kernel

EPSS: Низкий

SUSE-SU-2024:1490-1

около 1 года назад

Security update for the Linux Kernel

EPSS: Низкий

Уязвимостей на страницу

	Уязвимость	CVSS	EPSS	Опубликовано
	BDU:2024-08374 Уязвимость компонента ca8210 ядра операционной системы Linux, позволяющая нарушителю повысить свои привилегии	CVSS3: 8.8	0% Низкий	больше 1 года назад
	CVE-2023-52510 In the Linux kernel, the following vulnerability has been resolved: ieee802154: ca8210: Fix a potential UAF in ca8210_probe If of_clk_add_provider() fails in ca8210_register_ext_clock(), it calls clk_unregister() to release priv->clk and returns an error. However, the caller ca8210_probe() then calls ca8210_remove(), where priv->clk is freed again in ca8210_unregister_ext_clock(). In this case, a use-after-free may happen in the second time we call clk_unregister(). Fix this by removing the first clk_unregister(). Also, priv->clk could be an error code on failure of clk_register_fixed_rate(). Use IS_ERR_OR_NULL to catch this case in ca8210_unregister_ext_clock().	CVSS3: 7.8	0% Низкий	больше 1 года назад
	CVE-2023-52510 In the Linux kernel, the following vulnerability has been resolved: ieee802154: ca8210: Fix a potential UAF in ca8210_probe If of_clk_add_provider() fails in ca8210_register_ext_clock(), it calls clk_unregister() to release priv->clk and returns an error. However, the caller ca8210_probe() then calls ca8210_remove(), where priv->clk is freed again in ca8210_unregister_ext_clock(). In this case, a use-after-free may happen in the second time we call clk_unregister(). Fix this by removing the first clk_unregister(). Also, priv->clk could be an error code on failure of clk_register_fixed_rate(). Use IS_ERR_OR_NULL to catch this case in ca8210_unregister_ext_clock().	CVSS3: 6	0% Низкий	больше 1 года назад
	CVE-2023-52510 In the Linux kernel, the following vulnerability has been resolved: ieee802154: ca8210: Fix a potential UAF in ca8210_probe If of_clk_add_provider() fails in ca8210_register_ext_clock(), it calls clk_unregister() to release priv->clk and returns an error. However, the caller ca8210_probe() then calls ca8210_remove(), where priv->clk is freed again in ca8210_unregister_ext_clock(). In this case, a use-after-free may happen in the second time we call clk_unregister(). Fix this by removing the first clk_unregister(). Also, priv->clk could be an error code on failure of clk_register_fixed_rate(). Use IS_ERR_OR_NULL to catch this case in ca8210_unregister_ext_clock().	CVSS3: 7.8	0% Низкий	больше 1 года назад
	CVE-2023-52510 In the Linux kernel, the following vulnerability has been resolved: i ...	CVSS3: 7.8	0% Низкий	больше 1 года назад
	GHSA-2292-859m-6prp In the Linux kernel, the following vulnerability has been resolved: ieee802154: ca8210: Fix a potential UAF in ca8210_probe If of_clk_add_provider() fails in ca8210_register_ext_clock(), it calls clk_unregister() to release priv->clk and returns an error. However, the caller ca8210_probe() then calls ca8210_remove(), where priv->clk is freed again in ca8210_unregister_ext_clock(). In this case, a use-after-free may happen in the second time we call clk_unregister(). Fix this by removing the first clk_unregister(). Also, priv->clk could be an error code on failure of clk_register_fixed_rate(). Use IS_ERR_OR_NULL to catch this case in ca8210_unregister_ext_clock().	CVSS3: 7.8	0% Низкий	больше 1 года назад
	ROS-20241011-01 Множественные уязвимости kernel-lt	CVSS3: 8.8		8 месяцев назад
	SUSE-SU-2024:1321-1 Security update for the Linux Kernel			около 1 года назад
	SUSE-SU-2024:1466-1 Security update for the Linux Kernel			около 1 года назад
	SUSE-SU-2024:1322-1 Security update for the Linux Kernel			около 1 года назад
	SUSE-SU-2024:1480-1 Security update for the Linux Kernel			около 1 года назад
	SUSE-SU-2024:1490-1 Security update for the Linux Kernel			около 1 года назад

Уязвимостей на страницу