Linux » Linux Kernel » N/A : Security Vulnerabilities, CVEs, Published In 2018 (Gain Privilege)
It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local attacker could possibly use this for privilege escalation.
Max CVSS
7.8
EPSS Score
0.04%
Published
2018-08-21
Updated
2023-02-12
In the Linux kernel before version 4.12, Kerberos 5 tickets decoded when using the RXRPC keys incorrectly assumes the size of a field. This could lead to the size-remaining variable wrapping and the data pointer going over the end of the buffer. This could possibly lead to memory corruption and possible privilege escalation.
Max CVSS
7.8
EPSS Score
0.06%
Published
2018-07-30
Updated
2023-02-14
2 vulnerabilities found