USN-5635-1: Linux kernel (GKE) vulnerabilities

It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-33655 Duoming...

OESA-2022-1940 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided by the L1 guest to spawn/handle a nested guest L2. Due to improper...

Ubuntu: Security Advisory (USN-5630-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5634-1: Linux kernel (OEM) vulnerability

Domingo Dirutigliano and Nicola Guerrera discovered that the netfilter subsystem in the Linux kernel did not properly handle rules that truncated packets below the packet header size. When such rules are in place, a remote attacker could possibly use this to cause a denial of service system crash...

USN-5633-1: Linux kernel vulnerabilities

It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-33655 Duoming...

USN-5630-1: Linux kernel (Raspberry Pi) vulnerabilities

It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-33655 Moshe Ko...

USN-5630-1 linux-raspi-5.4 vulnerabilities

It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-33655 Moshe Ko...

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2022-9827)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9827 advisory. - posix-cpu-timers: Cleanup CPU timers before freeing them during exec Thadeu Lima de Souza Cascardo Orabug: 34495548 CVE-2022-2585 - netfilter:...

Ubuntu: Security Advisory (USN-5622-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5623-1 linux-hwe-5.15, linux-lowlatency-hwe-5.15 vulnerabilities

Asaf Modelevsky discovered that the IntelR 10GbE PCI Express ixgbe Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. CVE-2021-33061 It was discovered that the framebuffer driver on the Linux...

USN-5624-1: Linux kernel vulnerabilities

It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-33655 Duoming...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.20.3.6)

The version of AOS installed on the remote host is prior to 5.20.3.6. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.20.3.6 advisory. - In Expat aka libexpat before 2.4.5, there is an integer overflow in storeRawNames. CVE-2022-25315 - In Expat aka libexpat...

kernel: heap overflow in nft_set_elem_init()

A heap buffer overflow flaw was found in the Linux kernel’s Netfilter subsystem in the way a user provides incorrect input of the NFTDATAVERDICT type. This flaw allows a local user to crash or potentially escalate their privileges on the system...

kernel: heap overflow in nft_set_elem_init()

A heap buffer overflow flaw was found in the Linux kernel’s Netfilter subsystem in the way a user provides incorrect input of the NFTDATAVERDICT type. This flaw allows a local user to crash or potentially escalate their privileges on the system...

kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root

A use-after-free vulnerability was found in the Linux kernel's Netfilter subsystem in net/netfilter/nftablesapi.c. This flaw allows a local attacker with user access to cause a privilege escalation issue...

PT-2022-33981 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 5.10.138 through 5.10.141 Description: A potential security issue exists in the Linux Kernel, related to the bpf and cgroup subsystems. The issue is associated with a kernel BUG in purge effective progs. The actual impac...

PT-2022-33969 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.142 Description: The issue concerns an array out of bounds access in the gpio-fan component of the Linux Kernel's hwmon subsystem. The actual impact and potential for attack have not been proven yet...

An out-of-bounds access issue was found in the Linux kernel sound subsystem. It could occur when the 'id->name' provided by the user did not end with '\0'. A privileged local user could pass a specially crafted name through ioctl() interface and crash the system or potentially escalate their privileges on the system.

...

PT-2022-33335 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.4 Description: The issue is related to the ASoC SOF Intel hda-ipc, where IPC replies are processed before firmware boot. The actual impact and attack plausibility have not yet been proven. Recommendations:...

PT-2022-33384 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v5.17 through v5.19.3 Description: The issue is related to the ASoC DPCM component. It was introduced in version v5.17 and fixed in version v5.19.4. The actual impact and attack plausibility have not yet been proven...