CVE-2021-47368 enetc: Fix illegal access when reading affinity_hint

In the Linux kernel, the following vulnerability has been resolved: enetc: Fix illegal access when reading affinityhint irqsetaffinityhit stores a reference to the cpumaskt parameter in the irq descriptor, and that reference can be accessed later from irqaffinityhintprocshow. Since the cpumask...

CVE-2021-47297 net: fix uninit-value in caif_seqpkt_sendmsg

In the Linux kernel, the following vulnerability has been resolved: net: fix uninit-value in caifseqpktsendmsg When nrsegs equal to zero in iovecfromuser, the object msg-msgiter.iov is uninit stack memory in caifseqpktsendmsg which is defined in syssendmsg. So we cann't just judge...

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2024-1644)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

kernel: Linux kernel: Information disclosure in VFIO Type1 module via uninitialized stack memory

A flaw was found in the Linux kernel's Virtual Function I/O VFIO Type1 module. This vulnerability allows a local user to expose uninitialized kernel stack memory to userspace, leading to information disclosure. The flaw occurs because a specific data structure, vfioiommutype1infocapmigration,...

Fedora 40 : bind / bind-dyndb-ldap (2023-687525fcca)

The remote Fedora 40 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-687525fcca advisory. BIND 9.18.19 Security Fixes - Previously, sending a specially crafted message over the control channel could cause the packet- parsing code to run o...

EulerOS Virtualization 2.11.0 : bind (EulerOS-SA-2024-1423)

According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The code that processes control channel messages sent to named calls certain functions recursively during packet parsing. Recursion...

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2024-1395)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.11.1 : bind (EulerOS-SA-2024-1395)

According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The code that processes control channel messages sent to named calls certain functions recursively during packet parsing. Recursion...

CVE-2024-0154

Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory...

CVE-2024-0173

Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory...

CVE-2024-0154

Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory...

EulerOS 2.0 SP8 : bind (EulerOS-SA-2024-1256)

According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The code that processes control channel messages sent to named calls certain functions recursively during packet parsing. Recursion depth is only...

PT-2024-2090 · Dell · Dell Poweredge Server Bios +1

Name of the Vulnerable Software and Affected Versions: Dell PowerEdge Server BIOS affected versions not specified Dell Precision Rack BIOS affected versions not specified Description: The issue is related to an improper parameter initialization, which could be exploited by a local low privileged...

CVE-2021-47097

An out-of-bounds OOB stack memory access flaw was found in elantechchangereportid in drivers/input/mouse/elantech.c in the Linux kernel’s elantech module. This flaw allows a local attacker to crash the system or leak kernel internal information...

CentOS 9 : gcc-toolset-13-binutils-2.40-8.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the gcc-toolset-13-binutils-2.40-8.el9 build changelog. - GNU binutils gold gold v1.11-v1.16 GNU binutils v2.21-v2.31.1 is affected by: Improper Input Validation, Signed/Unsigned...

CVE-2023-52452

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix accesses to uninit stack slots Privileged programs are supposed to be able to read uninitialized stack memory ever since 6715df8d5 but, before this patch, these accesses were permitted inconsistently. In particular,...

CVE-2023-52452 bpf: Fix accesses to uninit stack slots

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix accesses to uninit stack slots Privileged programs are supposed to be able to read uninitialized stack memory ever since 6715df8d5 but, before this patch, these accesses were permitted inconsistently. In particular,...

CVE-2023-52452

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix accesses to uninit stack slots Privileged programs are supposed to be able to read uninitialized stack memory ever since 6715df8d5 but, before this patch, these accesses were permitted inconsistently. In particular,...

CVE-2023-52452

CVE-2023-52452 affects the Linux kernel’s BPF verifier and stack handling. The issue allowed privileged programs to read uninitialized stack memory inconsistently, particularly for accesses near state->allocated_stack when growing the stack was required. The patch fixes these accesses in check...

EulerOS 2.0 SP5 : bind (EulerOS-SA-2024-1132)

According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The code that processes control channel messages sent to named calls certain functions recursively during packet parsing. Recursion depth is only...