USN-5791-3 linux-azure-5.4, linux-azure-fde vulnerabilities

It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-20421 David Leadbeater...

EulerOS Virtualization 2.9.0 : kernel (EulerOS-SA-2023-1223)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Insufficient control flow management for the IntelR 82599 Ethernet Controllers and Adapters may allow an authenticated user to...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-5792-2)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5792-2 advisory. Mingwei Zhang discovered that the KVM implementation for AMD processors in the Linux kernel did not properly handle cache coherency with Secu...

USN-5792-2 linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15, linux-azure-fde vulnerabilities

Mingwei Zhang discovered that the KVM implementation for AMD processors in the Linux kernel did not properly handle cache coherency with Secure Encrypted Virtualization SEV. A local attacker could possibly use this to cause a denial of service host system crash. CVE-2022-0171 It was discovered th...

USN-5792-2: Linux kernel vulnerabilities

Mingwei Zhang discovered that the KVM implementation for AMD processors in the Linux kernel did not properly handle cache coherency with Secure Encrypted Virtualization SEV. A local attacker could possibly use this to cause a denial of service host system crash. CVE-2022-0171 It was discovered th...

CVE-2023-0036

platformcallbackstub in misc subsystem within OpenHarmony-v3.0.5 and prior versions has an authentication bypass vulnerability which allows an "SA relay attack".Local attackers can bypass authentication and attack other SAs with high privilege...

CVE-2023-0035

softbusclientstub in communication subsystem within OpenHarmony-v3.0.5 and prior versions has an authentication bypass vulnerability which allows an "SA relay attack".Local attackers can bypass authentication and attack other SAs with high privilege...

CVE-2023-0035

softbusclientstub in communication subsystem within OpenHarmony-v3.0.5 and prior versions has an authentication bypass vulnerability which allows an "SA relay attack".Local attackers can bypass authentication and attack other SAs with high privilege...

Authentication flaw

platformcallbackstub in misc subsystem within OpenHarmony-v3.0.5 and prior versions has an authentication bypass vulnerability which allows an "SA relay attack".Local attackers can bypass authentication and attack other SAs with high privilege...

Authentication flaw

softbusclientstub in communication subsystem within OpenHarmony-v3.0.5 and prior versions has an authentication bypass vulnerability which allows an "SA relay attack".Local attackers can bypass authentication and attack other SAs with high privilege...

Stack overflow

Kernel subsystem within OpenHarmony-v3.1.4 and prior versions in kernelliteosa has a kernel stack overflow vulnerability when call SysTimerGettime. 4 bytes padding data from kernel stack are copied to user space incorrectly and leaked...

CVE-2023-0036

CVE-2023-0036 affects OpenHarmony v3.0.5 and earlier. The vulnerability is in the platform_callback_stub of the misc subsystem, causing an authentication bypass that enables a local attacker to bypass authentication and target other SAs with high privileges. No exploitation details are provided i...

CVE-2023-0035

OpenHarmony you’re looking at: affected product OpenHarmony v3.0.5 and earlier, with the issue in the softbus_client_stub of the communication subsystem. The root cause is an authentication bypass that enables an “SA relay attack,” allowing a local attacker to bypass authentication and target oth...

CVE-2022-43662 Kernel subsystem in kernel_liteos_a has a kernel stack overflow vulnerability when call SysTimerGettime.

Kernel subsystem within OpenHarmony-v3.1.4 and prior versions in kernelliteosa has a kernel stack overflow vulnerability when call SysTimerGettime. 4 bytes padding data from kernel stack are copied to user space incorrectly and leaked...

PT-2023-15962 · Unknown · Openharmony

Name of the Vulnerable Software and Affected Versions: OpenHarmony versions prior to 3.0.5 Description: The issue allows local attackers to bypass authentication and attack other SAs with high privilege through an "SA relay attack". This is due to an authentication bypass vulnerability in the...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2023-12008)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12008 advisory. - proc: procskipspaces shouldn't think it is working on C strings Linus Torvalds Orabug: 34882779 CVE-2022-4378 - proc: avoid integer type confusi...

Oracle Linux 7 : Unbreakable Enterprise kernel-container (ELSA-2023-12006)

The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2023-12006 advisory. - proc: procskipspaces shouldn't think it is working on C strings Linus Torvalds Orabug: 34882780 CVE-2022-4378 - proc: avoid integer type confusion in...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2023-12009)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12009 advisory. - proc: procskipspaces shouldn't think it is working on C strings Linus Torvalds Orabug: 34882779 CVE-2022-4378 - proc: avoid integer type confusi...

Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2023-12007)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-12007 advisory. - proc: procskipspaces shouldn't think it is working on C strings Linus Torvalds Orabug: 34882780 CVE-2022-4378 - proc: avoid integer type confusion in...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-5792-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5792-1 advisory. Mingwei Zhang discovered that the KVM implementation for AMD processors in the Linux kernel did not properly handle cache coherency with Secu...