10854 matches found
CVE-2021-39685
In various setup methods of the USB gadget subsystem, there is a possible out of bounds write due to an incorrect flag check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2021-44733
A use-after-free flaw in the Linux kernel TEE Trusted Execution Environment subsystem was found in the way user calls ioctl TEEIOCOPENSESSION or TEEIOCINVOKE. A local user could use this flaw to crash the system or escalate their privileges on the system. If the Linux system non configured with t...
PT-2021-6253 · Microsoft · Windows +2
Name of the Vulnerable Software and Affected Versions: Microsoft Local Security Authority LSA Server affected versions not specified Description: The issue is related to an information disclosure vulnerability in the Microsoft Local Security Authority Subsystem Service LSASS of the Microsoft...
The vulnerability of the Dallas Lock Linux event registration subsystem, related to memory release errors, allows a intruder to trigger a service failure on the workstation.
The vulnerability of the Dallas Lock Linux event registration subsystem is related to memory release errors. Exploiting this vulnerability can allow an attacker to cause a system failure by injecting a specially created executable script into the operating system...
Medium: kernel
Issue Overview: A flaw use-after-free in function scosocksendmsg of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIOREGISTER or other way triggers race condition of the call scoconndel together with the call scosocksendmsg with the expected controllable faulting memory...
CVE-2018-25020
The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. This affects kernel/bpf/core.c and net/core/filter.c...
CVE-2018-25020
The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. This affects kernel/bpf/core.c and net/core/filter.c...
Buffer overflow
The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. This affects kernel/bpf/core.c and net/core/filter.c...
CVE-2018-25020
The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. This affects kernel/bpf/core.c and net/core/filter.c...
UBUNTU-CVE-2018-25020
The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. This affects kernel/bpf/core.c and net/core/filter.c...
CVE-2018-25020
The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. This affects kernel/bpf/core.c and net/core/filter.c...
CVE-2018-25020
Summary of CVE-2018-25020 (Linux kernel BPF): The vulnerability is in the BPF subsystem where a long jump over an instruction sequence can cause an overflow. It specifically affects the kernel's BPF implementations in files kernel/bpf/core.c and net/core/filter.c, for Linux kernels prior to 4.17....
CVE-2018-25020
The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. This affects kernel/bpf/core.c and net/core/filter.c...
USN-5165-1: Linux kernel (OEM) vulnerabilities
It was discovered that the NFC subsystem in the Linux kernel contained a use-after-free vulnerability in its NFC Controller Interface NCI implementation. A local attacker could possibly use this to cause a denial of service system crash or execute arbitrary code. CVE-2021-3760 It was discovered...
USN-5162-1: Linux kernel vulnerabilities
Ilja Van Sprundel discovered that the SCTP implementation in the Linux kernel did not properly perform size validations on incoming packets in some situations. An attacker could possibly use this to expose sensitive information kernel memory. CVE-2021-3655 It was discovered that the AMD...
CVE-2021-4032
A vulnerability was found in the Linux kernel's KVM subsystem in arch/x86/kvm/lapic.c kvmfreelapic when a failure allocation was detected. In this flaw the KVM subsystem may crash the kernel due to mishandling of memory errors that happens during VCPU construction, which allows an attacker with...
CVE-2021-43976
A denial of service flaw was found in mwifiexusbrecv in drivers/net/wireless/marvell/mwifiex/usb.c in the usb subsystem of the Linux kernel. This is due to a missing clean-up for a malfunctioning usb device with an unknown recvtype. Mitigation Mitigation for this issue is either not available or...
SUSE SLES12: kernel-livepatch-4_12_14-150_63-default / etc (SUSE-SU-2021:3684-1)
The remote SUSE Linux SLES12 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3684-1 advisory. This update for the Linux Kernel 4.12.14-12251 fixes several issues. The following security issues were fixed: - CVE-2021-0935: Fixed...
PT-2021-6401 · Oracle +6 · Mysql Server +5
Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.26 and prior Description: The issue is related to errors in resource release in the MySQL Server component, specifically in the Optimizer subsystem. This can be exploited by a remote attacker to cause a denial of...
Ubuntu: Security Advisory (USN-5137-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...