341 matches found
CVE-2019-19377
A flaw was found in the Linux kernel's implementation of the BTRFS file system. A local attacker, with the ability to mount a file system, can create a use-after-free memory fault after the file system has been unmounted. This may lead to memory corruption or privilege escalation. Mitigation As t...
CVE-2010-4661
udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules...
CVE-2019-15920
An issue was discovered in the Linux kernel's implementation of the CIFS protocol. The SMB2read function has a possible use-after-free when CIFS function tracing is enabled. While data is used after being freed, it is has not been determined how it could be used for privilege escalation. Mitigati...
PT-2019-4206 · Linux +5 · Linux Kernel +5
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.3.8 Description: The issue is related to four memory leaks in the acp hw init function in the Linux kernel, which can cause a denial of service due to memory consumption. This can be triggered by failures in m...
CVE-2019-1932
A vulnerability in Cisco Advanced Malware Protection AMP for Endpoints for Windows could allow an authenticated, local attacker with administrator privileges to execute arbitrary code. The vulnerability is due to insufficient validation of dynamically loaded modules. An attacker could exploit thi...
USN-4044-1 znc vulnerability
Fix vulnerability where an authenticated non-admin users could load a module with a crafted name, then escalate privileges and run arbitrary code...
CVE-2019-12816
Modules.cpp in ZNC before 1.7.4-rc1 allows remote authenticated non-admin users to escalate privileges and execute arbitrary code by loading a module with a crafted name...
UBUNTU-CVE-2019-12816
Modules.cpp in ZNC before 1.7.4-rc1 allows remote authenticated non-admin users to escalate privileges and execute arbitrary code by loading a module with a crafted name...
OPENSUSE-SU-2019:1284-1 Security update for ceph
This update for ceph version 13.2.4 fixes the following issues: Security issues fixed: - CVE-2018-14662: Fixed an issue with LUKS 'config-key' safety bsc1111177 - CVE-2018-10861: Fixed an authorization bypass on OSD pool ops in ceph-mon bsc1099162 - CVE-2018-1128: Fixed signature check bypass in...
CVE-2011-1830
Ekiga versions before 3.3.0 attempted to load a module from /tmp/ekigatest.so...
CVE-2011-1830
Removed by vendor...
CVE-2011-1830
CVE-2011-1830 affects Ekiga versions before 3.3.0. The vulnerability arises when Ekiga attempts to load a module from /tmp/ekiga_test.so, enabling potential code execution via dlopen of an untrusted shared object. Multiple connected sources (SUSE, Red Hat, NVD, Ubuntu, Debian) confirm the vulnera...
Ubuntu: Security Advisory (USN-3935-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-3935-1 busybox vulnerabilities
Tyler Hicks discovered that BusyBox incorrectly handled symlinks inside tar archives. If a user or automated system were tricked into processing a specially crafted tar archive, a remote attacker could overwrite arbitrary files outside of the current directory. This issue only affected Ubuntu 14....
UBUNTU-CVE-2019-7653
The Debian python-rdflib-tools 4.2.2-1 package for RDFLib 4.2.2 has CLI tools that can load Python modules from the current working directory, allowing code injection, because "python -m" looks in this directory, as demonstrated by rdf2dot. This issue is specific to use of the debian/scripts...
Privilege Escalation
autofs is vulnerable to privilege escalation. It was found that program-based automounter maps that used interpreted languages such as Python would use standard environment variables to locate and load modules of those languages. A local attacker could potentially use this flaw to escalate their...
USN-3835-1: Linux kernel vulnerabilities
Jann Horn discovered that the procfs file system implementation in the Linux kernel did not properly restrict the ability to inspect the kernel stack of an arbitrary task. A local attacker could use this to expose sensitive information. CVE-2018-17972 Jann Horn discovered that the mremap system...
USN-3832-1: Linux kernel (AWS) vulnerabilities
Jann Horn discovered that the procfs file system implementation in the Linux kernel did not properly restrict the ability to inspect the kernel stack of an arbitrary task. A local attacker could use this to expose sensitive information. CVE-2018-17972 Jann Horn discovered that the mremap system...
Ubuntu 18.10 : Linux kernel (AWS) vulnerabilities (USN-3832-1)
Jann Horn discovered that the procfs file system implementation in the Linux kernel did not properly restrict the ability to inspect the kernel stack of an arbitrary task. A local attacker could use this to expose sensitive information. CVE-2018-17972 Jann Horn discovered that the mremap system...
DEBIAN-CVE-2018-18653
The Linux kernel, as used in Ubuntu 18.10 and when booted with UEFI Secure Boot enabled, allows privileged local users to bypass intended Secure Boot restrictions and execute untrusted code by loading arbitrary kernel modules. This occurs because a modified kernel/module.c, in conjunction with...