CVE-2020-24588

A flaw was found in the Linux kernels wifi implementation. An attacker within wireless broadcast range can inject custom data into the wireless communication circumventing checks on the data. This can cause the frame to pass checks and be considered a valid frame of a different type. Mitigation...

CVE-2021-3492

Shiftfs, an out-of-tree stacking file system included in Ubuntu Linux kernels, did not properly handle faults occurring during copyfromuser correctly. These could lead to either a double-free situation or memory not being freed at all. An attacker could use this to cause a denial of service kerne...

The vulnerability of the unix_stream_recvmsg function in Linux operating system kernels, which allows a hacker to cause a service failure

The vulnerability of the unixstreamrecvmsg function in Linux operating system kernels is related to uncontrolled resource consumption. Exploiting this vulnerability can allow an attacker to cause service failures...

DEBIAN-CVE-2021-3444

The bpf verifier in the Linux kernel did not properly handle mod32 destination register truncation when the source register was known to be 0. A local attacker with the ability to load bpf programs could use this gain out-of-bounds reads in kernel memory leading to information disclosure kernel...

UBUNTU-CVE-2020-24490

Improper buffer restrictions in BlueZ may allow an unauthenticated user to potentially enable denial of service via adjacent access. This affects all Linux kernel versions that support BlueZ...

The vulnerability of the enable_sacf_uaccess function in Linux operating system kernels, which allows a hacker to trigger a service failure

The vulnerability of the enablesacfuaccess function in Linux operating system kernels is related to errors during multi-threaded tasks race conditions. Exploiting this vulnerability can allow an attacker to cause service failures...

The vulnerability of the sg_write function in Linux operating system kernels, allowing a hacker to execute arbitrary code

The vulnerability of the sgwrite function in Linux operating system kernels is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

[SECURITY] [DSA 4539-2] openssh regression update

------------------------------------------------------------------------- Debian Security Advisory DSA-4539-2 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 07, 2019 https://www.debian.org/security/faq -...

[SECURITY] [DSA 4539-2] openssh regression update

------------------------------------------------------------------------- Debian Security Advisory DSA-4539-2 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 07, 2019 https://www.debian.org/security/faq -...

The vulnerability of the kvm_ioctl_create_device function in Linux operating system kernels allows a hacker to trigger a service failure.

The vulnerability of the kvmioctlcreatedevice function in Linux operating systems arises due to synchronization errors when using shared resources. Exploiting this vulnerability can allow a remote attacker to cause service failures...

Ubuntu: Security Advisory (USN-3931-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-9111

The msm gpu driver for custom Linux kernels on the Xiaomi perseus-p-oss MIX 3 device through 2018-11-26 has an integer overflow and OOPS because of missing checks of the count argument in sdeevtlogfilterwrite in drivers/gpu/drm/msm/sdedbg.c. This is exploitable for a device crash via a syscall by...

CVE-2018-20788

drivers/leds/leds-aw2023.c in the led driver for custom Linux kernels on the Xiaomi Redmi 6pro daisy-o-oss phone has several integer overflows because of a left-shifting operation when the right-hand operand can be equal to or greater than the integer length. This can be exploited by a crafted...

CVE-2018-20787

Affected software: ft5x46 touchscreen driver used in custom Linux kernels on the Xiaomi perseus-p-oss MIX 3. The issue is an integer overflow in tpdbg_write within drivers/input/touchscreen/ft5x46/ft5x46_ts.c caused by missing checks on the size argument, leading to an OOPS. Impact is a potential...

CVE-2019-9112

The CVE-2019-9112 vulnerability affects the MSM GPU driver for custom Linux kernels on the Xiaomi perseus-p-oss MIX 3 device (through 2018-11-26). It is caused by an integer overflow due to missing checks of the count argument in _sde_debugfs_conn_cmd_tx_write within drivers/gpu/drm/msm/sde/sde_c...

CVE-2019-9111

CVE-2019-9111 affects the msm gpu driver for custom Linux kernels on the Xiaomi perseus-p-oss MIX 3. The vulnerability is an integer overflow in sde_evtlog_filter_write (drivers/gpu/drm/msm/sde_dbg.c) caused by missing checks of the count argument, leading to an OOPS and potential device crash vi...

CVE-2018-20788

drivers/leds/leds-aw2023.c in the led driver for custom Linux kernels on the Xiaomi Redmi 6pro daisy-o-oss phone has several integer overflows because of a left-shifting operation when the right-hand operand can be equal to or greater than the integer length. This can be exploited by a crafted...

Privilege Escalation

modwsgi is vulnerable to privilege escalation attacks. The vulnerability exists as the modwsgi module before 3.5 for Apache, when daemon mode is enabled, does not properly handle error codes returned by setuid when run on certain Linux kernels, which allows local users to gain privileges via...

PT-2018-3842 · Oracle +2 · Oracle Linux Kernels +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Oracle Linux kernels affected versions not specified Description: The issue is related to incorrect clearance or release of resources in the Linux operating system kernel. It may allow a remote...

CVE-2018-19939

The Goodix GT9xx touchscreen driver for custom Linux kernels on Xiaomi daisy-o-oss and daisy-p-oss as used in Mi A2 Lite and RedMi6 pro devices through 2018-08-27 has a NULL pointer dereference in kfree after a kmalloc failure in gtpreadColor in drivers/input/touchscreen/gt917d/gt9xx.c...