XVR 5x04, XVR 5x08, XVR 5x16, XVR 7x16, IPC-HDBW4XXX, IPC-HDBW5XXX Security Vulnerabilities

Ubuntu: Security Advisory (USN-6009-1)

The remote host is missing an update for...

Ubuntu: Security Advisory (USN-6013-1)

The remote host is missing an update for...

Ubuntu: Security Advisory (USN-6014-1)

The remote host is missing an update for...

linux, linux-kvm, linux-lts-xenial vulnerabilities

Xuewei Feng, Chuanpu Fu, Qi Li, Kun Sun, and Ke Xu discovered that the TCP implementation in the Linux kernel did not properly handle IPID assignment. A remote attacker could use this to cause a denial of service (connection termination) or inject forged data. (CVE-2020-36516) Ke Sun, Alyssa...

linux-aws vulnerabilities

Xuewei Feng, Chuanpu Fu, Qi Li, Kun Sun, and Ke Xu discovered that the TCP implementation in the Linux kernel did not properly handle IPID assignment. A remote attacker could use this to cause a denial of service (connection termination) or inject forged data. (CVE-2020-36516) Ke Sun, Alyssa...

Linux kernel vulnerabilities

Releases Ubuntu 16.04 ESM Ubuntu 14.04 ESM Packages linux - Linux kernel linux-kvm - Linux kernel for cloud environments linux-lts-xenial - Linux hardware enablement kernel from Xenial for Trusty Details Xuewei Feng, Chuanpu Fu, Qi Li, Kun Sun, and Ke Xu discovered that the TCP implementation...

Linux kernel (AWS) vulnerabilities

Releases Ubuntu 14.04 ESM Packages linux-aws - Linux kernel for Amazon Web Services (AWS) systems Details Xuewei Feng, Chuanpu Fu, Qi Li, Kun Sun, and Ke Xu discovered that the TCP implementation in the Linux kernel did not properly handle IPID assignment. A remote attacker could use this to...

linux-gcp vulnerabilities

It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-3669) It was discovered that a use-after-free vulnerability existed in the SGI.....

CVE-2022-43768

A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-7 LTE....

CVE-2022-43716

A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-7 LTE....

CVE-2022-43767

A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-7 LTE....

Linux kernel (GCP) vulnerabilities

Releases Ubuntu 16.04 ESM Packages linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems Details It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of...

Exploit for Out-of-bounds Read in Google Android

Fluoride Bluetooth stack Building and running on AOSP...

linux-aws vulnerabilities

Xuewei Feng, Chuanpu Fu, Qi Li, Kun Sun, and Ke Xu discovered that the TCP implementation in the Linux kernel did not properly handle IPID assignment. A remote attacker could use this to cause a denial of service (connection termination) or inject forged data. (CVE-2020-36516) Ke Sun, Alyssa...

Ubuntu: Security Advisory (USN-6001-1)

The remote host is missing an update for...

Linux kernel (AWS) vulnerabilities

Releases Ubuntu 16.04 ESM Packages linux-aws - Linux kernel for Amazon Web Services (AWS) systems Details Xuewei Feng, Chuanpu Fu, Qi Li, Kun Sun, and Ke Xu discovered that the TCP implementation in the Linux kernel did not properly handle IPID assignment. A remote attacker could use this to...

linux-bluefield vulnerabilities

It was discovered that the Upper Level Protocol (ULP) subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly...

Linux kernel (BlueField) vulnerabilities

Releases Ubuntu 20.04 LTS Packages linux-bluefield - Linux kernel for NVIDIA BlueField platforms Details It was discovered that the Upper Level Protocol (ULP) subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a...

CVE-2022-33301 Incorrect type conversion or cast in Audio

Memory corruption due to incorrect type conversion or cast in audio while using audio playback/capture when crafted address is sent from AGM IPC to...

Security fix for the ALT Linux 10 package yandex-browser-stable version 23.1.2.1033-alt1

23.1.2.1033-alt1 built April 4, 2023 Yandex Browser Team in task #317282 March 20, 2023 Yandex Browser Team - browser updated to 23.1.2 + High CVE-2022-4436: Use after free in Blink Media. + High CVE-2022-4437: Use after free in Mojo IPC. + High CVE-2022-4438: Use after free in Blink...

A Royal Analysis of Royal Ransom

A Royal Analysis of Royal Ransom By Alexandre Mundo, and Max Kersten · April 3, 2023 We would like to thank Advanced Cyber Services team within Trellix Professional Services for the incident response-related data. Emerging in early 2022 as a private group which used multiple strains of ransomware,....

Ubuntu: Security Advisory (USN-5991-1)

The remote host is missing an update for...

A Royal Analysis of Royal Ransom

A Royal Analysis of Royal Ransom By Max Kersten · April 3, 2023 This blog was also written by Alexandre Mundo We would like to thank Advanced Cyber Services team within Trellix Professional Services for the incident response-related data. Emerging in early 2022 as a private group which used...

linux-gcp-4.15 vulnerabilities

It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-3669) It was discovered that a use-after-free vulnerability existed in the SGI.....

Linux kernel (GCP) vulnerabilities

Releases Ubuntu 18.04 ESM Packages linux-gcp-4.15 - Linux kernel for Google Cloud Platform (GCP) systems Details It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of...

Ubuntu: Security Advisory (USN-5984-1)

The remote host is missing an update for...

Ubuntu: Security Advisory (USN-5985-1)

The remote host is missing an update for...

linux-aws-5.4, linux-azure-5.4, linux-gcp-5.4, linux-hwe-5.4, linux-ibm-5.4, linux-oracle-5.4, linux-raspi-5.4 vulnerabilities

It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-3669) It was discovered that the KVM VMX implementation in the Linux kernel did....

linux, linux-aws, linux-dell300x, linux-kvm, linux-oracle, linux-raspi2 vulnerabilities

It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-3669) It was discovered that a use-after-free vulnerability existed in the SGI.....

Linux kernel vulnerabilities

Releases Ubuntu 18.04 ESM Packages linux-aws-5.4 - Linux kernel for Amazon Web Services (AWS) systems linux-azure-5.4 - Linux kernel for Microsoft Azure cloud systems linux-gcp-5.4 - Linux kernel for Google Cloud Platform (GCP) systems linux-hwe-5.4 - Linux hardware enablement (HWE) kernel...

Ubuntu: Security Advisory (USN-5981-1)

The remote host is missing an update for...

Linux kernel vulnerabilities

Releases Ubuntu 18.04 ESM Packages linux - Linux kernel linux-aws - Linux kernel for Amazon Web Services (AWS) systems linux-dell300x - Linux kernel for Dell 300x platforms linux-kvm - Linux kernel for cloud environments linux-oracle - Linux kernel for Oracle Cloud systems linux-raspi2 - Linux...

Ubuntu: Security Advisory (USN-5980-1)

The remote host is missing an update for...

linux-aws-hwe, linux-hwe, linux-oracle vulnerabilities

It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-3669) It was discovered that a use-after-free vulnerability existed in the SGI.....

linux, linux-aws, linux-azure, linux-gcp, linux-gke, linux-gkeop, linux-ibm, linux-kvm, linux-oracle, linux-raspi vulnerabilities

It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-3669) It was discovered that the KVM VMX implementation in the Linux kernel did....

Linux kernel vulnerabilities

Releases Ubuntu 20.04 LTS Packages linux - Linux kernel linux-aws - Linux kernel for Amazon Web Services (AWS) systems linux-azure - Linux kernel for Microsoft Azure Cloud systems linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems linux-gke - Linux kernel for Google Container...

Linux kernel vulnerabilities

Releases Ubuntu 16.04 ESM Packages linux-aws-hwe - Linux kernel for Amazon Web Services (AWS-HWE) systems linux-hwe - Linux hardware enablement (HWE) kernel linux-oracle - Linux kernel for Oracle Cloud systems Details It was discovered that the System V IPC implementation in the Linux kernel...

Ubuntu: Security Advisory (USN-5975-1)

The remote host is missing an update for...

linux-azure vulnerabilities

Updated on 2023-04-11: Please note that when USN 5975-1 was originally published, it incorrectly included the linux-gcp kernel for Ubuntu 16.04 ESM. References to that kernel have been removed from this USN and the correct information for it has been published in USN 6007-1. Original advisory...

Linux kernel vulnerabilities

Releases Ubuntu 16.04 ESM Packages linux-azure - Linux kernel for Microsoft Azure Cloud systems Details Updated on 2023-04-11: Please note that when USN 5975-1 was originally published, it incorrectly included the linux-gcp kernel for Ubuntu 16.04 ESM. References to that kernel have been...

linux-ibm, linux-ibm-5.4 vulnerabilities

It was discovered that the Upper Level Protocol (ULP) subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly...

Linux kernel (IBM) vulnerabilities

Releases Ubuntu 20.04 LTS Ubuntu 18.04 ESM Packages linux-ibm - Linux kernel for IBM cloud systems linux-ibm-5.4 - Linux kernel for IBM cloud systems Details It was discovered that the Upper Level Protocol (ULP) subsystem in the Linux kernel did not properly handle sockets entering the LISTEN...

CVE-2022-33242

Memory corruption due to improper authentication in Qualcomm IPC while loading unsigned lib in audio...

CVE-2022-33242

Memory corruption due to improper authentication in Qualcomm IPC while loading unsigned lib in audio...

Authentication flaw

Memory corruption due to improper authentication in Qualcomm IPC while loading unsigned lib in audio...

linux-raspi-5.4 vulnerabilities

It was discovered that the Upper Level Protocol (ULP) subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly...

Linux kernel (Raspberry Pi) vulnerabilities

Releases Ubuntu 18.04 ESM Packages linux-raspi-5.4 - Linux kernel for Raspberry Pi systems Details It was discovered that the Upper Level Protocol (ULP) subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free...

linux-gcp-5.4 vulnerabilities

It was discovered that the Upper Level Protocol (ULP) subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly...

Linux kernel (GCP) vulnerabilities

Releases Ubuntu 18.04 ESM Packages linux-gcp-5.4 - Linux kernel for Google Cloud Platform (GCP) systems Details It was discovered that the Upper Level Protocol (ULP) subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a...

Debian: Security Advisory (DLA-325-1)

The remote host is missing an update for the...