7.9CVSS
7.6AI Score
0.002EPSS
7.8CVSS
7.9AI Score
0.004EPSS
7.8CVSS
7.9AI Score
0.004EPSS
linux, linux-kvm, linux-lts-xenial vulnerabilities
Xuewei Feng, Chuanpu Fu, Qi Li, Kun Sun, and Ke Xu discovered that the TCP implementation in the Linux kernel did not properly handle IPID assignment. A remote attacker could use this to cause a denial of service (connection termination) or inject forged data. (CVE-2020-36516) Ke Sun, Alyssa...
7.8CVSS
9AI Score
0.004EPSS
Xuewei Feng, Chuanpu Fu, Qi Li, Kun Sun, and Ke Xu discovered that the TCP implementation in the Linux kernel did not properly handle IPID assignment. A remote attacker could use this to cause a denial of service (connection termination) or inject forged data. (CVE-2020-36516) Ke Sun, Alyssa...
7.8CVSS
9AI Score
0.004EPSS
Releases Ubuntu 16.04 ESM Ubuntu 14.04 ESM Packages linux - Linux kernel linux-kvm - Linux kernel for cloud environments linux-lts-xenial - Linux hardware enablement kernel from Xenial for Trusty Details Xuewei Feng, Chuanpu Fu, Qi Li, Kun Sun, and Ke Xu discovered that the TCP implementation...
7.8CVSS
9AI Score
0.004EPSS
Linux kernel (AWS) vulnerabilities
Releases Ubuntu 14.04 ESM Packages linux-aws - Linux kernel for Amazon Web Services (AWS) systems Details Xuewei Feng, Chuanpu Fu, Qi Li, Kun Sun, and Ke Xu discovered that the TCP implementation in the Linux kernel did not properly handle IPID assignment. A remote attacker could use this to...
7.8CVSS
9AI Score
0.004EPSS
It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-3669) It was discovered that a use-after-free vulnerability existed in the SGI.....
7.9CVSS
8.5AI Score
0.002EPSS
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-7 LTE....
7.5CVSS
7.3AI Score
0.001EPSS
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-7 LTE....
7.5CVSS
7.3AI Score
0.001EPSS
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-7 LTE....
7.5CVSS
7.3AI Score
0.001EPSS
Linux kernel (GCP) vulnerabilities
Releases Ubuntu 16.04 ESM Packages linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems Details It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of...
7.9CVSS
8.3AI Score
0.002EPSS
Exploit for Out-of-bounds Read in Google Android
Fluoride Bluetooth stack Building and running on AOSP...
7.5CVSS
7.7AI Score
0.001EPSS
Xuewei Feng, Chuanpu Fu, Qi Li, Kun Sun, and Ke Xu discovered that the TCP implementation in the Linux kernel did not properly handle IPID assignment. A remote attacker could use this to cause a denial of service (connection termination) or inject forged data. (CVE-2020-36516) Ke Sun, Alyssa...
7.8CVSS
8.7AI Score
0.004EPSS
7.8CVSS
7.9AI Score
0.004EPSS
Linux kernel (AWS) vulnerabilities
Releases Ubuntu 16.04 ESM Packages linux-aws - Linux kernel for Amazon Web Services (AWS) systems Details Xuewei Feng, Chuanpu Fu, Qi Li, Kun Sun, and Ke Xu discovered that the TCP implementation in the Linux kernel did not properly handle IPID assignment. A remote attacker could use this to...
7.8CVSS
9AI Score
0.004EPSS
linux-bluefield vulnerabilities
It was discovered that the Upper Level Protocol (ULP) subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly...
7.9CVSS
8AI Score
0.002EPSS
Linux kernel (BlueField) vulnerabilities
Releases Ubuntu 20.04 LTS Packages linux-bluefield - Linux kernel for NVIDIA BlueField platforms Details It was discovered that the Upper Level Protocol (ULP) subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a...
7.9CVSS
8.1AI Score
0.002EPSS
CVE-2022-33301 Incorrect type conversion or cast in Audio
Memory corruption due to incorrect type conversion or cast in audio while using audio playback/capture when crafted address is sent from AGM IPC to...
6.7CVSS
8AI Score
0.0004EPSS
Security fix for the ALT Linux 10 package yandex-browser-stable version 23.1.2.1033-alt1
23.1.2.1033-alt1 built April 4, 2023 Yandex Browser Team in task #317282 March 20, 2023 Yandex Browser Team - browser updated to 23.1.2 + High CVE-2022-4436: Use after free in Blink Media. + High CVE-2022-4437: Use after free in Mojo IPC. + High CVE-2022-4438: Use after free in Blink...
9.6CVSS
8.5AI Score
0.035EPSS
A Royal Analysis of Royal Ransom
A Royal Analysis of Royal Ransom By Alexandre Mundo, and Max Kersten · April 3, 2023 We would like to thank Advanced Cyber Services team within Trellix Professional Services for the incident response-related data. Emerging in early 2022 as a private group which used multiple strains of ransomware,....
7.4AI Score
7.9CVSS
7.6AI Score
0.002EPSS
A Royal Analysis of Royal Ransom
A Royal Analysis of Royal Ransom By Max Kersten · April 3, 2023 This blog was also written by Alexandre Mundo We would like to thank Advanced Cyber Services team within Trellix Professional Services for the incident response-related data. Emerging in early 2022 as a private group which used...
7.2AI Score
linux-gcp-4.15 vulnerabilities
It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-3669) It was discovered that a use-after-free vulnerability existed in the SGI.....
7.9CVSS
8.8AI Score
0.002EPSS
Linux kernel (GCP) vulnerabilities
Releases Ubuntu 18.04 ESM Packages linux-gcp-4.15 - Linux kernel for Google Cloud Platform (GCP) systems Details It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of...
7.9CVSS
8.3AI Score
0.002EPSS
7.9CVSS
7.6AI Score
0.002EPSS
8.8CVSS
7.7AI Score
0.001EPSS
It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-3669) It was discovered that the KVM VMX implementation in the Linux kernel did....
8.8CVSS
8.4AI Score
0.001EPSS
linux, linux-aws, linux-dell300x, linux-kvm, linux-oracle, linux-raspi2 vulnerabilities
It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-3669) It was discovered that a use-after-free vulnerability existed in the SGI.....
7.9CVSS
8.8AI Score
0.002EPSS
Releases Ubuntu 18.04 ESM Packages linux-aws-5.4 - Linux kernel for Amazon Web Services (AWS) systems linux-azure-5.4 - Linux kernel for Microsoft Azure cloud systems linux-gcp-5.4 - Linux kernel for Google Cloud Platform (GCP) systems linux-hwe-5.4 - Linux hardware enablement (HWE) kernel...
8.8CVSS
8.3AI Score
0.001EPSS
7.9CVSS
7.6AI Score
0.002EPSS
Releases Ubuntu 18.04 ESM Packages linux - Linux kernel linux-aws - Linux kernel for Amazon Web Services (AWS) systems linux-dell300x - Linux kernel for Dell 300x platforms linux-kvm - Linux kernel for cloud environments linux-oracle - Linux kernel for Oracle Cloud systems linux-raspi2 - Linux...
7.9CVSS
8.3AI Score
0.002EPSS
8.8CVSS
7.7AI Score
0.001EPSS
linux-aws-hwe, linux-hwe, linux-oracle vulnerabilities
It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-3669) It was discovered that a use-after-free vulnerability existed in the SGI.....
7.9CVSS
9.2AI Score
0.002EPSS
It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-3669) It was discovered that the KVM VMX implementation in the Linux kernel did....
8.8CVSS
8.4AI Score
0.001EPSS
Releases Ubuntu 20.04 LTS Packages linux - Linux kernel linux-aws - Linux kernel for Amazon Web Services (AWS) systems linux-azure - Linux kernel for Microsoft Azure Cloud systems linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems linux-gke - Linux kernel for Google Container...
8.8CVSS
8.3AI Score
0.001EPSS
Releases Ubuntu 16.04 ESM Packages linux-aws-hwe - Linux kernel for Amazon Web Services (AWS-HWE) systems linux-hwe - Linux hardware enablement (HWE) kernel linux-oracle - Linux kernel for Oracle Cloud systems Details It was discovered that the System V IPC implementation in the Linux kernel...
7.9CVSS
8.3AI Score
0.002EPSS
8.8CVSS
8.1AI Score
0.002EPSS
Updated on 2023-04-11: Please note that when USN 5975-1 was originally published, it incorrectly included the linux-gcp kernel for Ubuntu 16.04 ESM. References to that kernel have been removed from this USN and the correct information for it has been published in USN 6007-1. Original advisory...
8.8CVSS
9.7AI Score
0.002EPSS
Releases Ubuntu 16.04 ESM Packages linux-azure - Linux kernel for Microsoft Azure Cloud systems Details Updated on 2023-04-11: Please note that when USN 5975-1 was originally published, it incorrectly included the linux-gcp kernel for Ubuntu 16.04 ESM. References to that kernel have been...
8.8CVSS
9.2AI Score
0.002EPSS
linux-ibm, linux-ibm-5.4 vulnerabilities
It was discovered that the Upper Level Protocol (ULP) subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly...
7.9CVSS
8.2AI Score
0.002EPSS
Linux kernel (IBM) vulnerabilities
Releases Ubuntu 20.04 LTS Ubuntu 18.04 ESM Packages linux-ibm - Linux kernel for IBM cloud systems linux-ibm-5.4 - Linux kernel for IBM cloud systems Details It was discovered that the Upper Level Protocol (ULP) subsystem in the Linux kernel did not properly handle sockets entering the LISTEN...
7.9CVSS
8.2AI Score
0.002EPSS
Memory corruption due to improper authentication in Qualcomm IPC while loading unsigned lib in audio...
7.8CVSS
7.9AI Score
0.0004EPSS
Memory corruption due to improper authentication in Qualcomm IPC while loading unsigned lib in audio...
7.8CVSS
7.9AI Score
0.0004EPSS
Memory corruption due to improper authentication in Qualcomm IPC while loading unsigned lib in audio...
7.8CVSS
7.9AI Score
0.0004EPSS
linux-raspi-5.4 vulnerabilities
It was discovered that the Upper Level Protocol (ULP) subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly...
7.9CVSS
8.2AI Score
0.002EPSS
Linux kernel (Raspberry Pi) vulnerabilities
Releases Ubuntu 18.04 ESM Packages linux-raspi-5.4 - Linux kernel for Raspberry Pi systems Details It was discovered that the Upper Level Protocol (ULP) subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free...
7.9CVSS
8.2AI Score
0.002EPSS
It was discovered that the Upper Level Protocol (ULP) subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly...
7.9CVSS
8.2AI Score
0.002EPSS
Linux kernel (GCP) vulnerabilities
Releases Ubuntu 18.04 ESM Packages linux-gcp-5.4 - Linux kernel for Google Cloud Platform (GCP) systems Details It was discovered that the Upper Level Protocol (ULP) subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a...
7.9CVSS
8.2AI Score
0.002EPSS
6.9AI Score
0.002EPSS