10863 matches found
openSUSE Security Update : the Linux Kernel (openSUSE-2021-716)
The openSUSE Leap 15.2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2021-29650: The netfilter subsystem allowed attackers to cause a denial of service panic because net/netfilter/xtables.c and include/linux/netfilter/xtables.h lack a...
CVE-2019-25044
The block subsystem in the Linux kernel before 5.2 has a use-after-free that can lead to arbitrary code execution in the kernel context and privilege escalation, aka CID-c3e2219216c9. This is related to blkmqfreerqs and blkcleanupqueue...
CVE-2019-25044
The block subsystem in the Linux kernel before 5.2 has a use-after-free that can lead to arbitrary code execution in the kernel context and privilege escalation, aka CID-c3e2219216c9. This is related to blkmqfreerqs and blkcleanupqueue...
UBUNTU-CVE-2019-25044
The block subsystem in the Linux kernel before 5.2 has a use-after-free that can lead to arbitrary code execution in the kernel context and privilege escalation, aka CID-c3e2219216c9. This is related to blkmqfreerqs and blkcleanupqueue...
SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2021:1574-1)
The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2021-29650: Fixed an issue with the netfilter subsystem that allowed attackers to cause a denial of service panic because net/netfilter/xtables.c and...
RHEL 7 : kpatch-patch (RHSA-2021:1532)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:1532 advisory. This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel...
Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-4945-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4945-1 advisory. It was discovered that the Nouveau GPU driver in the Linux kernel did not properly handle error conditions in some situations. A local attack...
Ubuntu 20.04 LTS : Linux kernel (OEM) vulnerabilities (USN-4947-1)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4947-1 advisory. Kiyin discovered that the x25 implementation in the Linux kernel contained overflows when handling addresses from user space. A local attacker could use...
USN-4949-1: Linux kernel vulnerabilities
Ryota Shiga discovered that the eBPF implementation in the Linux kernel did not properly verify that a BPF program only reserved as much memory for a ring buffer as was allocated. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2021-3489...
USN-4948-1: Linux kernel (OEM) vulnerabilities
Ryota Shiga discovered that the eBPF implementation in the Linux kernel did not properly verify that a BPF program only reserved as much memory for a ring buffer as was allocated. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2021-3489...
USN-4947-1: Linux kernel (OEM) vulnerabilities
Kiyin 尹亮 discovered that the x25 implementation in the Linux kernel contained overflows when handling addresses from user space. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-35519 It was discovered that the fastrpc driver i...
CVE-2021-3489
A flaw out of bound memory write in the Linux kernel BPF subsystem was found in the way user writes to BPF ring buffer too fast, so larger buffer than available memory could be allocated. A local user could use this flaw to crash the system or possibly escalate their privileges on the system...
USN-4945-1 linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gke, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-kvm, linux-oracle, linux-oracle-5.4 vulnerabilities
It was discovered that the Nouveau GPU driver in the Linux kernel did not properly handle error conditions in some situations. A local attacker could use this to cause a denial of service system crash. CVE-2020-25639 Jan Beulich discovered that the Xen netback backend in the Linux kernel did not...
CVE-2021-32560
The Logging subsystem in OctoPrint before 1.6.0 has incorrect access control because it attempts to manage files that are not .log files...
Improper access control
The Logging subsystem in OctoPrint before 1.6.0 has incorrect access control because it attempts to manage files that are not .log files...
PYSEC-2021-29
The Logging subsystem in OctoPrint before 1.6.0 has incorrect access control because it attempts to manage files that are not .log files...
PYSEC-2021-29
The Logging subsystem in OctoPrint before 1.6.0 has incorrect access control because it attempts to manage files that are not .log files...
kernel: heap buffer overflow in the iSCSI subsystem
A flaw was found in the Linux kernel. A heap buffer overflow in the iSCSI subsystem is triggered by setting an iSCSI string attribute to a value larger than one page and then trying to read it. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...
OctoPrint 访问控制错误漏洞
OctoPrint is an application. Provides a fast web interface for controlling consumer 3D printers. A security vulnerability previously existed in OctoPrint version 1.6.0. The vulnerability stemmed from the Logging subsystem in the program having incorrect access control...
CVE-2021-3491
The iouring subsystem in the Linux kernel allowed the MAXRWCOUNT limit to be bypassed in the PROVIDEBUFFERS operation, which led to negative values being usedin memrw when reading /proc//mem. This could be used to create a heap overflow leading to arbitrary code execution in the kernel. It was...