565 matches found
Huawei EulerOS: Security Advisory for kexec-tools (EulerOS-SA-2022-2907)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Malicious code in node-kexec (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5c935f2cf93a69d3611bc002c76fb751088ccfda5985581797976d42dc55ce94 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-4887 Malicious code in node-kexec (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5c935f2cf93a69d3611bc002c76fb751088ccfda5985581797976d42dc55ce94 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
EulerOS Virtualization 2.10.0 : kexec-tools (EulerOS-SA-2022-2907)
According to the versions of the kexec-tools package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the permissions of a log file created by kexec-tools. This flaw allows a local unprivileged user to read...
EulerOS Virtualization 2.10.1 : kexec-tools (EulerOS-SA-2022-2933)
According to the versions of the kexec-tools package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the permissions of a log file created by kexec-tools. This flaw allows a local unprivileged user to read...
PT-2022-7637 · Linux +4 · Linux Kernel +4
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the regulator component da9211 in the Linux kernel. If the system does not come from reset, like when it is kexec, the regulator might have an IRQ waiting...
kexec-tools bug fix and enhancement update
An update is available for kexec-tools. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux...
kexec-tools bug fix and enhancement update
An update is available for kexec-tools. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux...
Huawei EulerOS: Security Advisory for kexec-tools (EulerOS-SA-2022-2687)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for kexec-tools (EulerOS-SA-2022-2655)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP10 : kexec-tools (EulerOS-SA-2022-2655)
According to the versions of the kexec-tools package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the permissions of a log file created by kexec-tools. This flaw allows a local unprivileged user to read this file and...
EulerOS 2.0 SP10 : kexec-tools (EulerOS-SA-2022-2687)
According to the versions of the kexec-tools package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the permissions of a log file created by kexec-tools. This flaw allows a local unprivileged user to read this file and...
GSD-2022-1005689 RISC-V: kexec: Fixup use of smp_processor_id() in preemptible context
RISC-V: kexec: Fixup use of smpprocessorid in preemptible context This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.61 by commit...
PT-2022-34208 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.211 Description: The issue is related to the RISC-V architecture in the Linux Kernel. It involves the crash kexec function, which has a fast call path that may pose a potential security risk. The actual...
PT-2022-34020 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.138 Description: The issue is related to the RISC-V architecture in the Linux Kernel. It involves the crash kexec function, which has a potential security impact that has not yet been fully proven. The...
GSD-2022-1005370 RISC-V: kexec: Fixup use of smp_processor_id() in preemptible context
RISC-V: kexec: Fixup use of smpprocessorid in preemptible context This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.2 by commit...
Amazon Linux 2 : kernel (ALASKERNEL-5.15-2022-006)
The version of kernel installed on the remote host is prior to 5.15.57-29.131. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2022-006 advisory. A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary...
Malicious Package
Overview node-kexec is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...
Important: kernel
Issue Overview: An out-of-bounds write flaw was found in the Linux kernels framebuffer-based console driver functionality in the way a user triggers ioctl FBIOPUTVSCREENINFO with malicious data. This flaw allows a local user to crash or potentially escalate their privileges on the system...
SUSE: Security Advisory (SUSE-SU-2022:2803-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...