| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| In the Linux kernel, the following vulnerability has been resolved:
f2fs: fix to avoid racing on fsync_entry_slab by multi filesystem instances
As syzbot reported, there is an use-after-free issue during f2fs recovery:
Use-after-free write at 0xffff88823bc16040 (in kfence-#10):
kmem_cache_destroy+0x1f/0x120 mm/slab_common.c:486
f2fs_recover_fsync_data+0x75b0/0x8380 fs/f2fs/recovery.c:869
f2fs_fill_super+0x9393/0xa420 fs/f2fs/super.c:3945
mount_bdev+0x26c/0x3a0 fs/super.c:1367
legacy_get_tree+0xea/0x180 fs/fs_context.c:592
vfs_get_tree+0x86/0x270 fs/super.c:1497
do_new_mount fs/namespace.c:2905 [inline]
path_mount+0x196f/0x2be0 fs/namespace.c:3235
do_mount fs/namespace.c:3248 [inline]
__do_sys_mount fs/namespace.c:3456 [inline]
__se_sys_mount+0x2f9/0x3b0 fs/namespace.c:3433
do_syscall_64+0x3f/0xb0 arch/x86/entry/common.c:47
entry_SYSCALL_64_after_hwframe+0x44/0xae
The root cause is multi f2fs filesystem instances can race on accessing
global fsync_entry_slab pointer, result in use-after-free issue of slab
cache, fixes to init/destroy this slab cache only once during module
init/destroy procedure to avoid this issue. |
| Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally. |
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. |
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. |
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
| Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. |
| Use after free in Windows KDC Proxy Service (KPSSVC) allows an unauthorized attacker to execute code over a network. |
| Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally. |
| Use after free in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network. |
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. |
| ComponentInstaller Modification in ComponentInstaller in Google ChromeOS 15823.23.0 on Chromebooks allows enrolled users with local access to unenroll devices
and intercept device management requests via loading components from the unencrypted stateful partition. |
| A race condition Use-After-Free vulnerability exists in the virtio_transport_space_update function within the Kernel 5.4 on ChromeOS. Concurrent allocation and freeing of the virtio_vsock_sock structure
during an AF_VSOCK connect syscall can occur before a worker thread accesses it resulting in a dangling pointer and potential kernel code execution. |
| Windows OLE Remote Code Execution Vulnerability |
| Microsoft Excel Remote Code Execution Vulnerability |
| Windows Bluetooth Driver Remote Code Execution Vulnerability |
| Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability |
| Microsoft PowerPoint Remote Code Execution Vulnerability |
| Azure IoT SDK Remote Code Execution Vulnerability |
| Azure IoT SDK Remote Code Execution Vulnerability |
