USN-5981-1 linux-aws-hwe, linux-hwe, linux-oracle vulnerabilities

It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service memory exhaustion. CVE-2021-3669 It was discovered that a use-after-free vulnerability existed in the SGI GRU...

Ubuntu 16.04 ESM : Linux kernel vulnerabilities (USN-5975-1)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5975-1 advisory. Updated on 2023-04-11: Please note that when USN 5975-1 was originally published, it incorrectly included the linux-gcp kernel for Ubuntu 16.04 ESM...

Amazon Linux 2 : kernel, --advisory ALAS2-2023-1987 (ALAS-2023-1987)

The version of kernel installed on the remote host is prior to 4.14.309-231.529. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-1987 advisory. In the Linux kernel, the following vulnerability has been resolved: net: sched: fix memory leak in tcindexsetparms...

USN-5962-1 linux-intel-iotg vulnerabilities

It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...

LSN-0092-1 Kernel Live Patch Security Notice

Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service system crash or execute arbitrary code.CVE-2022-4378 Tamás Koczka discovered that the Bluetooth L2CAP handshake...

Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-5911-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5911-1 advisory. It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain...

USN-5920-1 linux, linux-aws, linux-dell300x, linux-gcp-4.15, linux-oracle vulnerabilities

It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...

Ubuntu 22.04 LTS : Linux kernel (HWE) vulnerabilities (USN-5879-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5879-1 advisory. Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause...

USN-5877-1 linux-gke-5.15 vulnerabilities

Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2022-4378 Tamás Koczka discovered that the Bluetooth L2CAP handshake...

USN-5876-1 linux-aws, linux-aws-5.15, linux-azure-fde, linux-gcp, linux-gcp-5.15, linux-intel-iotg vulnerabilities

It was discovered that a memory leak existed in the Unix domain socket implementation of the Linux kernel. A local attacker could use this to cause a denial of service memory exhaustion. CVE-2022-3543 It was discovered that the Bluetooth HCI implementation in the Linux kernel did not properly...

SA44193 - 2019-06: Out-of-Cycle Advisory: Multiple Linux Kernel and FreeBSD vulnerabilities

Ivanti 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. On June 17 2019, Netflix announced a group of new security advisories related to Linux Kernel and FreeBSD. These issues may affect Pulse Secure products. For a list of supported softwa...

Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-5813-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5813-1 advisory. It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer...

PT-2023-34305 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.85 Description: The issue is related to a buffer overflow in the setup handler of the USB gadget UVC driver. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux...

Ubuntu 20.04 LTS : Linux kernel (Azure) vulnerabilities (USN-5791-2)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5791-2 advisory. It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A loc...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-5792-2)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5792-2 advisory. Mingwei Zhang discovered that the KVM implementation for AMD processors in the Linux kernel did not properly handle cache coherency with Secu...

K000130275: Linux kernel vulnerabilities CVE-2022-41674, CVE-2022-42719, CVE-2022-42720, CVE-2022-42721, CVE-2022-42722

Security Advisory Description Description CVE-2022-41674 An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211bssinfoupdate function in net/mac80211/scan.c. CVE-2022-42719 A use-after-free in the mac80211...

USN-5755-2 linux-gcp-5.15, linux-gke, linux-gke-5.15 vulnerabilities

It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Jann Horn discovered that the...

Ubuntu 16.04 ESM : Linux kernel vulnerabilities (USN-5758-1)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5758-1 advisory. Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential...

Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-5757-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5757-1 advisory. Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential...

USN-5757-2 linux-aws-hwe, linux-gcp, linux-hwe, linux-oracle vulnerabilities

Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-427...