10859 matches found
CVE-2021-4032
A vulnerability was found in the Linux kernel's KVM subsystem in arch/x86/kvm/lapic.c kvmfreelapic when a failure allocation was detected. In this flaw the KVM subsystem may crash the kernel due to mishandling of memory errors that happens during VCPU construction, which allows an attacker with...
CVE-2021-43976
A denial of service flaw was found in mwifiexusbrecv in drivers/net/wireless/marvell/mwifiex/usb.c in the usb subsystem of the Linux kernel. This is due to a missing clean-up for a malfunctioning usb device with an unknown recvtype. Mitigation Mitigation for this issue is either not available or...
SUSE SLES12: kernel-livepatch-4_12_14-150_63-default / etc (SUSE-SU-2021:3684-1)
The remote SUSE Linux SLES12 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3684-1 advisory. This update for the Linux Kernel 4.12.14-12251 fixes several issues. The following security issues were fixed: - CVE-2021-0935: Fixed...
PT-2021-6401 · Oracle +6 · Mysql Server +5
Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.26 and prior Description: The issue is related to errors in resource release in the MySQL Server component, specifically in the Optimizer subsystem. This can be exploited by a remote attacker to cause a denial of...
Ubuntu: Security Advisory (USN-5137-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 5.10.78 and fixes at least the following security issues: A use-after-free vulnerability in the NFC stack can lead to a threat to confidentiality, integrity, and system availability CVE-2021-3760. A flaw in the SCTP stack where a blind attacker may be...
Updated kernel packages fix security vulnerabilities
This kernel update is based on upstream 5.10.78 and fixes at least the following security issues: A use-after-free vulnerability in the NFC stack can lead to a threat to confidentiality, integrity, and system availability CVE-2021-3760. A flaw in the SCTP stack where a blind attacker may be able ...
LSN-0082-1 Kernel Live Patch Security Notice
Jann Horn discovered that the tty subsystem of the Linux kernel did not use consistent locking in some situations, leading to a read-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly expose sensitive information kernel...
USN-5139-1: Linux kernel (OEM 5.10) vulnerabilities
Ilja Van Sprundel discovered that the SCTP implementation in the Linux kernel did not properly perform size validations on incoming packets in some situations. An attacker could possibly use this to expose sensitive information kernel memory. CVE-2021-3655 It was discovered that the AMD...
RHEL 8 : kernel-rt (RHSA-2021:4140)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4140 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...
SUSE SLES15: kernel-azure / kernel-azure-devel / kernel-devel-azure / etc (SUSE-SU-2021:3640-1)
The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3640-1 advisory. The SUSE Linux Enterprise 15 SP2 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: -...
The vulnerability of the Mac OS X operating system arises from insufficient checks on the data entered by users in the kernel subsystem of the operating system. This allows attackers to trigger a service failure.
The vulnerability of the Mac OS X operating system arises from insufficient checks on the data entered by users in the kernel subsystem of the operating system. Exploiting this vulnerability allows a remote attacker to cause service interruptions...
kernel: double free in bluetooth subsystem when the HCI device initialization fails
A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system...
kernel: heap overflow in __cgroup_bpf_run_filter_getsockopt()
A flaw buffer overflow in the Linux kernel BPF subsystem was found in the way user running BPF script calling getsockopt. A local user could use this flaw to crash the system or possibly escalate their privileges on the system...
kernel: slab out-of-bounds read in hci_extended_inquiry_result_evt() in net/bluetooth/hci_event.c
A flaw out of bounds memory access in the Linux kernel bluetooth subsystem was found in the way when some data being read about the bluetooth device with the hciextendedinquiryresultevt call. A local user could use this flaw to crash the system or read some data out of memory bounds that can lead...
kernel: locking inconsistency in drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c can lead to a read-after-free
A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel. A local user could use this flaw to read numerical value from memory after free...
kernel: out-of-bounds reads in pinctrl subsystem.
A flaw was found in the Linux pinctrl system. It is possible to trigger an of bounds read due to a use after free. This could lead to local information disclosure with no additional execution privileges needed...
kernel: double free in bluetooth subsystem when the HCI device initialization fails
A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system...
kernel: slab out-of-bounds read in hci_extended_inquiry_result_evt() in net/bluetooth/hci_event.c
A flaw out of bounds memory access in the Linux kernel bluetooth subsystem was found in the way when some data being read about the bluetooth device with the hciextendedinquiryresultevt call. A local user could use this flaw to crash the system or read some data out of memory bounds that can lead...
kernel: out-of-bounds reads in pinctrl subsystem.
A flaw was found in the Linux pinctrl system. It is possible to trigger an of bounds read due to a use after free. This could lead to local information disclosure with no additional execution privileges needed...