ALBA-2022:1548 device-mapper-multipath bug fix and enhancement update

The device-mapper-multipath packages provide tools that use the device-mapper multipath kernel module to manage multipath devices. Bug Fixes and Enhancements: multipathd.socket is missing start conditions BZ2054877...

device-mapper-multipath bug fix and enhancement update

The device-mapper-multipath packages provide tools that use the device-mapper multipath kernel module to manage multipath devices. Bug Fixes and Enhancements: multipathd.socket is missing start conditions BZ2054877...

Ubuntu: Security Advisory (USN-5377-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-0615

CVE-2022-0615 affects the eset_rtp kernel module used in ESET’s Linux products. The vulnerability is described as a use-after-free in the kernel module, enabling a potential attacker to trigger a denial-of-service condition on the system. The available documents confirm the affected component (es...

ESET Endpoint Antivirus 资源管理错误漏洞

Eset Endpoint Antivirus is an on-premise and cloud-based anti-malware and security suite for small, medium and large organizations from Eset Slovakia. For anti-malware, remote management, endpoint security, file security, firewall, virtualization security, email security, network control and bot...

CVE-2022-0615

Use-after-free in esetrtp kernel module used in ESET products for Linux allows potential attacker to trigger denial-of-service condition on the system...

(Pwn2Own) TP-Link AC1750 NetUSB Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NetUSB.ko kernel module. The issue results from the lack of proper...

CVE-2022-21816

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager nvidia.ko, where a user in the guest OS can cause a GPU interrupt storm on the hypervisor host, leading to a denial of service...

cryptsetup security update

An update for cryptsetup is now available for Rocky Linux 8. Rocky Linux Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

CVE-2022-0322

A flaw was found in the sctpmakestrresetreq function in net/sctp/smmakechunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUGON issue, leading to a denial of service DOS. Mitigation...

[SECURITY] Fedora 35 Update: cryptsetup-2.4.3-1.fc35

The cryptsetup package contains a utility for setting up disk encryption using dm-crypt kernel module...

PT-2025-37618

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a memory leak within the orangefs sysfs init function when the orangefs module is inserted and removed. This results in unreferenced kobjects leaking memory. Th...

CVE-2021-45608

Certain D-Link, Edimax, NETGEAR, TP-Link, Tenda, and Western Digital devices are affected by an integer overflow by an unauthenticated attacker. Remote code execution from the WAN interface TCP port 20005 cannot be ruled out; however, exploitability was judged to be of "rather significant...

CVE-2021-45608

CVE-2021-45608 is a buffer/integer overflow in KCodes NetUSB kernel module (SoftwareBus_dispatchNormalEPMsgOut) affecting D-Link, Edimax, NETGEAR, TP-Link, Tenda and Western Digital devices. Affected NETGEAR models include D7800 (before 1.0.1.68), R6400v2 (before 1.0.4.122), and R6700v3 (before 1...

CVE-2021-44733

A use-after-free flaw in the Linux kernel TEE Trusted Execution Environment subsystem was found in the way user calls ioctl TEEIOCOPENSESSION or TEEIOCINVOKE. A local user could use this flaw to crash the system or escalate their privileges on the system. If the Linux system non configured with t...

Huawei HarmonyOS Stack Buffer Overflow Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A stack buffer overflow vulnerability exists in the Kernel module of Huawei HarmonyOS. An attacker can exploit the vulnerability to cause an out-of-bounds re...

Huawei HarmonyOS Stack Buffer Overflow Vulnerability (CNVD-2021-99966)

Huawei HarmonyOS is an operating system from Huawei China. It provides a microkernel-based distributed operating system. A stack buffer overflow vulnerability exists in the Kernel module of Huawei HarmonyOS, which provides a microkernel-based, full-scenario distributed operating system. An attack...

Huawei HarmonyOS stack buffer overflow vulnerability (CNVD-2021-99968)

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A stack buffer overflow vulnerability exists in the Kernel module of Huawei HarmonyOS. An attacker can exploit this vulnerability to cause the device to beco...

Huawei HarmonyOS Stack Buffer Overflow Vulnerability (CNVD-2021-99967)

Huawei HarmonyOS is an operating system from Huawei China. It provides a microkernel-based distributed operating system. A stack buffer overflow vulnerability exists in the Kernel module of Huawei HarmonyOS, which provides a microkernel-based, full-scenario distributed operating system. An attack...

Security Bulletin: Publicly disclosed vulnerabilities from Kernel affect IBM Netezza Host Management

Summary Kernel is used by IBM Netezza Host Management. This bulletin provides mitigation for the reported CVEs. Vulnerability Details CVEID: CVE-2021-3772 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by improper validation of integrity check value by the Linux SCTP stack...