10859 matches found
Linux kernel denial of service vulnerability (CNVD-2021-60521)
Linux kernel is the kernel used by the Linux Foundation's open source operating system, Linux. Linux kernel is vulnerable due to a null pointer dereference flaw in the radiotap parser in the mac80211 subsystem. Through the mac80211 subsystem, a local attacker could exploit this vulnerability to...
Rockwellautomation Rslinx Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Products that use EDS Subsystem: Version 28.0.1 and prior FactoryTalk Linx software Previously called RSLinx Enterprise: Versions 6.00, 6.10, and 6.11, RSLinx Classic: Version 4.11.00 and prior, RSNetWorx software: Version 28.00.00 and prior, Studio 5000 Logix Designer software: Version 32 and...
CVE-2021-38206
The mac80211 subsystem in the Linux kernel before 5.12.13, when a device supporting only 5 GHz is used, allows attackers to cause a denial of service NULL pointer dereference in the radiotap parser by injecting a frame with 802.11a rates...
CVE-2021-38206
The mac80211 subsystem in the Linux kernel before 5.12.13, when a device supporting only 5 GHz is used, allows attackers to cause a denial of service NULL pointer dereference in the radiotap parser by injecting a frame with 802.11a rates...
UBUNTU-CVE-2021-38206
The mac80211 subsystem in the Linux kernel before 5.12.13, when a device supporting only 5 GHz is used, allows attackers to cause a denial of service NULL pointer dereference in the radiotap parser by injecting a frame with 802.11a rates...
CVE-2021-38206
The CVE-2021-38206 issue affects the Linux kernel mac80211 subsystem before 5.12.13: when a 5 GHz-only device is used, injecting a frame with 802.11a rates can trigger a NULL pointer dereference in the radiotap parser, causing a Denial of Service. The vulnerability is addressed in Linux kernel 5....
Linux kernel代码问题漏洞
Linux kernel is the kernel used by the Linux Foundation's open source operating system, Linux. Linux kernel is vulnerable due to a null pointer dereference flaw in the radiotap parser in the mac80211 subsystem. Through the mac80211 subsystem, a local attacker could exploit this vulnerability to...
The vulnerability of the sco_sock_sendmsg() function in the HCI subsystem of the Linux operating system allows a hacker to trigger an emergency shutdown of the system or increase their privileges.
The vulnerability of the scosocksendmsg function in the HCI subsystem of the Linux operating system is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to cause the system to terminate abnormally or increase their privileges...
CVE-2021-35477
A flaw in the Linux kernel allows a privileged BPF program to obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel in the eBPF subsystem Mitigation The default Red Hat Enterprise Linux kernel setting prevents unprivileged users from being able to use eBPF vi...
CVE-2021-3640
A flaw use-after-free in function scosocksendmsg of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIOREGISTER or other way triggers race condition of the call scoconndel together with the call scosocksendmsg with the expected controllable faulting memory page. A privilege...
SUSE SLES15: cluster-md-kmp-rt / dlm-kmp-rt / gfs2-kmp-rt / kernel-devel-rt / etc (SUSE-SU-2021:2426-1)
The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2426-1 advisory. The SUSE Linux Enterprise 15 SP2 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: -...
Apple macOS 权限许可和访问控制问题漏洞
Apple macOS is a suite of specialized operating systems developed for Mac computers by Apple Inc. in the United States. A privilege permission and access control issue vulnerability exists in macOS, which exists because an application does not properly impose security restrictions in the...
SUSE SLED12: cluster-md-kmp-default / dlm-kmp-default / gfs2-kmp-default / etc (SUSE-SU-2021:2416-1)
The remote SUSE Linux SLED12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2416-1 advisory. The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs...
Apple iOS和Apple iPadOS 授权问题漏洞
Apple iOS and Apple iPadOS are products of Apple Inc.Apple iOS is an operating system developed for mobile devices.Apple iPadOS is an operating system for iPad tablets.Apple iOS 14.7 and iPadOS 14.7 are vulnerable to an authorization issue in the OS Kernel subsystem logic. Apple iOS 14.7 and iPad...
SUSE SLES15: kernel-azure / kernel-azure-devel / kernel-devel-azure / etc (SUSE-SU-2021:2408-1)
The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2408-1 advisory. The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: -...
[ASA-202107-48] linux: privilege escalation
Arch Linux Security Advisory ASA-202107-48 ========================================== Severity: High Date : 2021-07-21 CVE-ID : CVE-2021-3609 CVE-2021-3612 CVE-2021-33909 Package : linux Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-2181 Summary ======= The...
USN-5018-1: Linux kernel vulnerabilities
It was discovered that the virtual file system implementation in the Linux kernel contained an unsigned to signed integer conversion error. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2021-33909 Piotr Krysiuk discovered that the eBPF...
[SECURITY] [DLA 2714-1] linux-4.19 security update
Debian LTS Advisory DLA-2714-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings July 20, 2021 https://wiki.debian.org/LTS Package : linux-4.19 Version : 4.19.194-3deb9u1 CVE ID : CVE-2020-36311 CVE-2021-3609 CVE-2021-33909 CVE-2021-34693 Debian Bug : 990072 Several...
CVE-2021-3640
A flaw use-after-free in function scosocksendmsg of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIOREGISTER or other way triggers race condition of the call scoconndel together with the call scosocksendmsg with the expected controllable faulting memory page. A privilege...
Important: kernel
Issue Overview: A vulnerability was found in the bluez, where Passkey Entry protocol used in Secure Simple Pairing SSP, Secure Connections SC and LE Secure Connections LESC of the Bluetooth Core Specification is vulnerable to an impersonation attack where an active attacker can impersonate the...