10852 matches found
Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-5390-1)
The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5390-1 advisory. David Bouman discovered that the netfilter subsystem in the Linux kernel did not properly validate passed user register indices. A local attacker could u...
SUSE-SU-2022:1335-1 Security update for the Linux Kernel (Live Patch 27 for SLE 15 SP1)
This update for the Linux Kernel 4.12.14-197102 fixes several issues. The following security issues were fixed: - CVE-2022-1016: Fixed a vulnerability in the nftables component of the netfilter subsystem. This vulnerability gives an attacker a powerful primitive that can be used to both read from...
Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-5383-1)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5383-1 advisory. David Bouman discovered that the netfilter subsystem in the Linux kernel did not properly validate passed user register indices. A local attacker could u...
EulerOS 2.0 SP10 : kernel (EulerOS-SA-2022-1475)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An out of memory bounds write flaw 1 or 2 bytes of memory in the Linux kernel NFS subsystem was found in the way users use mirroring replication...
Ubuntu 20.04 LTS : Linux kernel (OEM) vulnerabilities (USN-5381-1)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5381-1 advisory. David Bouman discovered that the netfilter subsystem in the Linux kernel did not properly validate passed user register indices. A local attacker could u...
USN-5383-1 linux, linux-aws, linux-aws-5.13, linux-azure, linux-azure-5.13, linux-gcp, linux-gcp-5.13, linux-hwe-5.13, linux-kvm, linux-oracle, linux-oracle-5.13, linux-raspi vulnerabilities
David Bouman discovered that the netfilter subsystem in the Linux kernel did not properly validate passed user register indices. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2022-1015 Brendan Dolan-Gavitt discovered that the Marvell WiFi-Ex...
Implications of Windows Subsystem for Linux for Adversaries & Defenders (Part 2)
This post is the second of a multi-part blog series that explores and highlights the different risks that Windows Subsystem for Linux WSL poses to an enterprise IT environment. Here we examine different TTPs that abuse WSL and assess different methods to defend against such threats. ← Go to Part ...
USN-5381-1: Linux kernel (OEM) vulnerabilities
David Bouman discovered that the netfilter subsystem in the Linux kernel did not properly validate passed user register indices. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2022-1015 It was discovered that the block layer subsystem in the...
USN-5381-1 linux-oem-5.14 vulnerabilities
David Bouman discovered that the netfilter subsystem in the Linux kernel did not properly validate passed user register indices. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2022-1015 It was discovered that the block layer subsystem in the...
SUSE SLES15 Security Update : kernel (SUSE-SU-2022:1255-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1255-1 advisory. The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: -...
SUSE SLES12: kernel-azure / kernel-azure-base / kernel-azure-devel / etc (SUSE-SU-2022:1266-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1266-1 advisory. The SUSE Linux Enterprise 12 SP5 kernel was updated. The following security bugs were fixed: - CVE-2022-28356: Fixed a refcount bug...
EulerOS 2.0 SP10 : kernel (EulerOS-SA-2022-1489)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Rogue backends can cause DoS of guests via high frequency events This CNA information record relates to multiple CVEs; the text explains which...
Important: kernel
Issue Overview: A use-after-free flaw was found in the Linux kernel's sound subsystem in the way a user triggers concurrent calls of PCM hwparams. The hwfree ioctls or similar race condition happens inside ALSA PCM for other ioctls. This flaw allows a local user to crash or potentially escalate...
EulerOS 2.0 SP9 : kernel (EulerOS-SA-2022-1429)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A double free bug in packetsetring in net/packet/afpacket.c can be exploited by a local user through crafted syscalls to escalate privileges or...
EulerOS Virtualization 2.10.1 : kernel (EulerOS-SA-2022-1376)
According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in the Linux kernel through 5.2.13. nbdgenlstatus in drivers/block/nbd.c does not check the...
EulerOS 2.0 SP9 : kernel (EulerOS-SA-2022-1450)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose handler could happen if removing device that is not...
CVE-2022-24487
Windows Local Security Authority Subsystem Service LSASS Remote Code Execution Vulnerability...
The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state.
...
SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2022:1196-1)
The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1196-1 advisory. - Product: AndroidVersions: Android kernelAndroid ID: A-173788806References: Upstream kernel CVE-2021-39713 - ...
Ubuntu 20.04 LTS : Linux kernel (BlueField) vulnerabilities (USN-5377-1)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5377-1 advisory. It was discovered that the network traffic control implementation in the Linux kernel contained a use- after-free vulnerability. A local attacker could u...