11 matches found
MiracleLinux 7 : kernel-3.10.0-1160.53.1.el7 (AXSA:2022-2973:02)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-2973:02 advisory. kernel: perfeventparseaddrfilter memory CVE-2020-25704 kernel: fuse: fusedogetattr calls makebadinode in inappropriate situations CVE-2020-36322...
kernel: Heap buffer overflow in firedtv driver
A heap-based buffer overflow flaw was found in the Linux kernel FireDTV media card driver, where the user calls the CASENDMSG ioctl. This flaw allows a local user of the host machine to crash the system or escalate privileges on the system. The highest threat from this vulnerability is to...
The vulnerability of the kernel of the FireDTV driver in the Linux operating system allows a hacker to trigger an emergency shutdown of the system and compromise the confidentiality and integrity of the protected information.
The vulnerability of the FireDTV driver’s kernel in the Linux operating system arises due to an overflow in the buffer in the dynamic memory. Exploiting this vulnerability can allow an attacker to cause the system to crash and affect the confidentiality and integrity of the protected information...
USN-5267-2: Linux kernel regression
USN-5267-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a regression that caused the kernel to freeze when accessing CIFS shares in some situations. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered...
USN-5268-1 linux, linux-aws, linux-aws-hwe, linux-azure, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities
Keyu Man discovered that the ICMP implementation in the Linux kernel did not properly handle received ICMP error packets. A remote attacker could use this to facilitate attacks on UDP based services that depend on source port randomization. CVE-2021-20322 It was discovered that the Bluetooth...
USN-5266-1 linux-gke, linux-gke-5.4 vulnerabilities
It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-22600 Luo Likang discovered that the FireDTV Firewire...
kernel: Heap buffer overflow in firedtv driver
A heap-based buffer overflow flaw was found in the Linux kernel FireDTV media card driver, where the user calls the CASENDMSG ioctl. This flaw allows a local user of the host machine to crash the system or escalate privileges on the system. The highest threat from this vulnerability is to...
kernel: Heap buffer overflow in firedtv driver
A heap-based buffer overflow flaw was found in the Linux kernel FireDTV media card driver, where the user calls the CASENDMSG ioctl. This flaw allows a local user of the host machine to crash the system or escalate privileges on the system. The highest threat from this vulnerability is to...
USN-5207-1 linux-oem-5.10 vulnerabilities
Nadav Amit discovered that the hugetlb implementation in the Linux kernel did not perform TLB flushes under certain conditions. A local attacker could use this to leak or alter data from other processes that use huge pages. CVE-2021-4002 It was discovered that the eBPF implementation in the Linux...
USN-5165-1 linux-oem-5.14 vulnerabilities
It was discovered that the NFC subsystem in the Linux kernel contained a use-after-free vulnerability in its NFC Controller Interface NCI implementation. A local attacker could possibly use this to cause a denial of service system crash or execute arbitrary code. CVE-2021-3760 It was discovered...
CVE-2021-3542
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-42739. Reason: This candidate is a reservation duplicate of CVE-2021-42739. Notes: All CVE users should reference CVE-2021-42739 instead of this candidate. All references and descriptions in this candidate have been removed t...