218 matches found
Stack overflow
A stack information leak flaw was found in s390/s390x in the Linux kernel’s memory manager functionality, where it incorrectly writes to the /proc/sys/vm/cmmtimeout file. This flaw allows a local user to see the kernel data...
CVE-2020-10773
A stack information leak flaw was found in s390/s390x in the Linux kernel’s memory manager functionality, where it incorrectly writes to the /proc/sys/vm/cmmtimeout file. This flaw allows a local user to see the kernel data...
CVE-2020-10773
A stack information leak flaw was found in s390/s390x in the Linux kernel’s memory manager functionality, where it incorrectly writes to the /proc/sys/vm/cmmtimeout file. This flaw allows a local user to see the kernel data...
CVE-2020-10773
A stack information leak flaw was found in s390/s390x in the Linux kernel’s memory manager functionality, where it incorrectly writes to the /proc/sys/vm/cmmtimeout file. This flaw allows a local user to see the kernel data...
CVE-2020-10773
CVE-2020-10773 is a local-information-disclosure flaw in the Linux kernel for s390/s390x memory-management. The issue stems from incorrect writes to the /proc/sys/vm/cmm_timeout file, enabling a local attacker to read kernel data. The provided documents confirm the vulnerability and its affected ...
CVE-2020-10773
A stack information leak flaw was found in s390/s390x in the Linux kernel’s memory manager functionality, where it incorrectly writes to the /proc/sys/vm/cmmtimeout file. This flaw allows a local user to see the kernel data. Mitigation Mitigation for this issue is either not available or the...
Reliability improvements for VMs that are running on a Windows Server 2012 R2 or Windows Server 2012 host
Reliability improvements for VMs that are running on a Windows Server 2012 R2 or Windows Server 2012 host This article describes an update that improves the reliability for virtual machines VMs in Windows Server 2012 R2 or Windows Server 2012 host. The update fixes the following issues. Before yo...
CVE-2019-20172
Kernel/VM/MemoryManager.cpp in SerenityOS before 2019-12-30 does not reject syscalls with pointers into the kernel-only virtual address space, which allows local users to gain privileges by overwriting a return address that was found on the kernel stack...
CVE-2019-20172
Kernel/VM/MemoryManager.cpp in SerenityOS before 2019-12-30 does not reject syscalls with pointers into the kernel-only virtual address space, which allows local users to gain privileges by overwriting a return address that was found on the kernel stack...
SerenityOS Elevation of Privilege Vulnerability
SerenityOS is a graphical Unix-like operating system for x86 computers. A security vulnerability exists in the Kernel/VM/MemoryManager.cpp file in versions of SerenityOS prior to 2019-12-30. A local attacker can exploit this vulnerability to gain privileges by overwriting the return address...
F5 Networks BIG-IP : OpenSSH vulnerability (K62201745)
The shared memory manager associated with pre-authentication compression in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allowlocal users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the...
Microsoft Windows 10 1809 - LUAFV Delayed Virtualization Cache Manager Poisoning Privilege Escalation
Microsoft Windows 10 1809 - LUAFV Delayed Virtualization Cache Manager Poisoning Privilege Escalation Windows: LUAFV Delayed Virtualization Cache Manager Poisoning EoP Platform: Windows 10 1809 not tested earlier Class: Elevation of Privilege Security Boundary per Windows Security Service Criteri...
[SECURITY] [DLA 1731-1] linux security update
Package : linux Version : 3.16.64-1 CVE ID : CVE-2016-10741 CVE-2017-5753 CVE-2017-13305 CVE-2018-3639 CVE-2018-5848 CVE-2018-5953 CVE-2018-12896 CVE-2018-13053 CVE-2018-16862 CVE-2018-16884 CVE-2018-17972 CVE-2018-18281 CVE-2018-18690 CVE-2018-18710 CVE-2018-19824 CVE-2018-19985 CVE-2018-20169...
Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-3583-1)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3583-1 advisory. It was discovered that an out-of-bounds write vulnerability existed in the Flash-Friendly File System f2fs in the Linux kernel. An attacker could constru...
USN-3583-1 linux vulnerabilities
It was discovered that an out-of-bounds write vulnerability existed in the Flash-Friendly File System f2fs in the Linux kernel. An attacker could construct a malicious file system that, when mounted, could cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-0750 It...
USN-3583-1: Linux kernel vulnerabilities
It was discovered that an out-of-bounds write vulnerability existed in the Flash-Friendly File System f2fs in the Linux kernel. An attacker could construct a malicious file system that, when mounted, could cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-0750 It...
Ubuntu 14.04 LTS / 16.04 LTS : OpenSSH vulnerabilities (USN-3538-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3538-1 advisory. Jann Horn discovered that OpenSSH incorrectly loaded PKCS11 modules from untrusted directories. A remote attacker could possibly use this iss...
USN-3538-1: OpenSSH vulnerabilities
Jann Horn discovered that OpenSSH incorrectly loaded PKCS11 modules from untrusted directories. A remote attacker could possibly use this issue to execute arbitrary PKCS11 modules. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. CVE-2016-10009 Jann Horn discovered that OpenSSH...
Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-3444-1)
The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3444-1 advisory. Jan H. Schnherr discovered that the Xen subsystem did not properly handle block IO merges correctly in some situations. An attacker in a guest vm could u...
Ubuntu 14.04 LTS : Linux kernel (Xenial HWE) vulnerabilities (USN-3444-2)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3444-2 advisory. USN-3444-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enableme...