Lucene search
K

10859 matches found

RedhatCVE
RedhatCVE
added 2021/11/29 3:21 p.m.27 views

CVE-2021-4032

A vulnerability was found in the Linux kernel's KVM subsystem in arch/x86/kvm/lapic.c kvmfreelapic when a failure allocation was detected. In this flaw the KVM subsystem may crash the kernel due to mishandling of memory errors that happens during VCPU construction, which allows an attacker with...

4.9CVSS1.2AI score0.00393EPSS
Exploits3References5
RedhatCVE
RedhatCVE
added 2021/11/19 5:24 p.m.62 views

CVE-2021-43976

A denial of service flaw was found in mwifiexusbrecv in drivers/net/wireless/marvell/mwifiex/usb.c in the usb subsystem of the Linux kernel. This is due to a missing clean-up for a malfunctioning usb device with an unknown recvtype. Mitigation Mitigation for this issue is either not available or...

4.6CVSS6.3AI score0.00648EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/11/18 12:0 a.m.37 views

SUSE SLES12: kernel-livepatch-4_12_14-150_63-default / etc (SUSE-SU-2021:3684-1)

The remote SUSE Linux SLES12 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3684-1 advisory. This update for the Linux Kernel 4.12.14-12251 fixes several issues. The following security issues were fixed: - CVE-2021-0935: Fixed...

7.9CVSS6.8AI score0.01751EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2021/11/15 12:0 a.m.3 views

PT-2021-6401 · Oracle +6 · Mysql Server +5

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.26 and prior Description: The issue is related to errors in resource release in the MySQL Server component, specifically in the Optimizer subsystem. This can be exploited by a remote attacker to cause a denial of...

10CVSS7AI score0.87816EPSS
Exploits22References786
OpenVAS
OpenVAS
added 2021/11/12 12:0 a.m.28 views

Ubuntu: Security Advisory (USN-5137-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7AI score0.02014EPSS
Exploits6References2
Mageia
Mageia
added 2021/11/11 3:2 p.m.63 views

Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on upstream 5.10.78 and fixes at least the following security issues: A use-after-free vulnerability in the NFC stack can lead to a threat to confidentiality, integrity, and system availability CVE-2021-3760. A flaw in the SCTP stack where a blind attacker may be...

9.8CVSS7.6AI score0.57853EPSS
Exploits4References4
Mageia
Mageia
added 2021/11/11 3:2 p.m.61 views

Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.10.78 and fixes at least the following security issues: A use-after-free vulnerability in the NFC stack can lead to a threat to confidentiality, integrity, and system availability CVE-2021-3760. A flaw in the SCTP stack where a blind attacker may be able ...

9.8CVSS7.6AI score0.57853EPSS
Exploits4References4
OSV
OSV
added 2021/11/11 6:14 a.m.11 views

LSN-0082-1 Kernel Live Patch Security Notice

Jann Horn discovered that the tty subsystem of the Linux kernel did not use consistent locking in some situations, leading to a read-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly expose sensitive information kernel...

7.8CVSS7.1AI score0.01129EPSS
Exploits5References5
Ubuntu
Ubuntu
added 2021/11/11 5:32 a.m.141 views

USN-5139-1: Linux kernel (OEM 5.10) vulnerabilities

Ilja Van Sprundel discovered that the SCTP implementation in the Linux kernel did not properly perform size validations on incoming packets in some situations. An attacker could possibly use this to expose sensitive information kernel memory. CVE-2021-3655 It was discovered that the AMD...

7.8CVSS7.3AI score0.00674EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2021/11/11 12:0 a.m.46 views

RHEL 8 : kernel-rt (RHSA-2021:4140)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4140 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

8.8CVSS7.5AI score0.07604EPSS
Exploits12References94
Tenable Nessus
Tenable Nessus
added 2021/11/10 12:0 a.m.40 views

SUSE SLES15: kernel-azure / kernel-azure-devel / kernel-devel-azure / etc (SUSE-SU-2021:3640-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3640-1 advisory. The SUSE Linux Enterprise 15 SP2 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: -...

7.8CVSS7.1AI score0.01476EPSS
Exploits5References65
BDU FSTEC
BDU FSTEC
added 2021/11/10 12:0 a.m.3 views

The vulnerability of the Mac OS X operating system arises from insufficient checks on the data entered by users in the kernel subsystem of the operating system. This allows attackers to trigger a service failure.

The vulnerability of the Mac OS X operating system arises from insufficient checks on the data entered by users in the kernel subsystem of the operating system. Exploiting this vulnerability allows a remote attacker to cause service interruptions...

7.8CVSS6.8AI score0.01651EPSS
Exploits0References8Affected Software5
RedHat Linux
RedHat Linux
added 2021/11/09 6:6 p.m.10 views

kernel: double free in bluetooth subsystem when the HCI device initialization fails

A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system...

5.5CVSS6.7AI score0.00481EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2021/11/09 6:6 p.m.5 views

kernel: heap overflow in __cgroup_bpf_run_filter_getsockopt()

A flaw buffer overflow in the Linux kernel BPF subsystem was found in the way user running BPF script calling getsockopt. A local user could use this flaw to crash the system or possibly escalate their privileges on the system...

7.8CVSS7.5AI score0.00396EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/11/09 6:6 p.m.1 views

kernel: slab out-of-bounds read in hci_extended_inquiry_result_evt() in net/bluetooth/hci_event.c

A flaw out of bounds memory access in the Linux kernel bluetooth subsystem was found in the way when some data being read about the bluetooth device with the hciextendedinquiryresultevt call. A local user could use this flaw to crash the system or read some data out of memory bounds that can lead...

7.1CVSS7.1AI score0.00536EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2021/11/09 6:6 p.m.1 views

kernel: locking inconsistency in drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c can lead to a read-after-free

A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel. A local user could use this flaw to read numerical value from memory after free...

4.4CVSS7.2AI score0.00468EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2021/11/09 6:6 p.m.2 views

kernel: out-of-bounds reads in pinctrl subsystem.

A flaw was found in the Linux pinctrl system. It is possible to trigger an of bounds read due to a use after free. This could lead to local information disclosure with no additional execution privileges needed...

5.5CVSS6.9AI score0.00492EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/11/09 5:26 p.m.8 views

kernel: double free in bluetooth subsystem when the HCI device initialization fails

A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system...

5.5CVSS6.7AI score0.00481EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2021/11/09 5:26 p.m.3 views

kernel: slab out-of-bounds read in hci_extended_inquiry_result_evt() in net/bluetooth/hci_event.c

A flaw out of bounds memory access in the Linux kernel bluetooth subsystem was found in the way when some data being read about the bluetooth device with the hciextendedinquiryresultevt call. A local user could use this flaw to crash the system or read some data out of memory bounds that can lead...

7.1CVSS7.1AI score0.00536EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2021/11/09 5:26 p.m.3 views

kernel: out-of-bounds reads in pinctrl subsystem.

A flaw was found in the Linux pinctrl system. It is possible to trigger an of bounds read due to a use after free. This could lead to local information disclosure with no additional execution privileges needed...

5.5CVSS6.9AI score0.00492EPSS
Exploits0References4
Rows per page
Query Builder