Lucene search
K

10863 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2021/03/08 10:24 a.m.218 views

Security Bulletin: Publicly disclosed vulnerability from Kernel affects IBM Netezza Host Management

Summary Kernel is used by IBM Netezza Host Management. This bulletin provides mitigation for the reported vulnerability. Vulnerability Details CVEID: CVE-2020-14351 DESCRIPTION: Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by a...

7.8CVSS1.1AI score0.00302EPSS
Exploits0Affected Software1
OSV
OSV
added 2021/03/07 4:15 a.m.3 views

AZL-6532 CVE-2021-27363 affecting package kernel for versions less than 5.10.78.1-1

An issue was discovered in the Linux kernel through 5.11.3. A kernel pointer leak can be used to determine the address of the iscsitransport structure. When an iSCSI transport is registered with the iSCSI subsystem, the transport's handle is available to unprivileged users via the sysfs file...

4.4CVSS6.7AI score0.00711EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2021/03/05 7:4 p.m.44 views

CVE-2021-27365

A flaw was found in the Linux kernel. A heap buffer overflow in the iSCSI subsystem is triggered by setting an iSCSI string attribute to a value larger than one page and then trying to read it. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...

7.8CVSS8AI score0.02079EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2021/03/04 12:0 a.m.13 views

PT-2021-2243 · Linux +8 · Linux Kernel +8

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.11.3 Description: The issue is related to a buffer overflow in the iSCSI subsystem of the Linux kernel, which can be exploited by sending specially crafted Netlink messages. This can allow an attacker to cause...

9.8CVSS7.4AI score0.88106EPSS
Exploits224References1229
Positive Technologies
Positive Technologies
added 2021/03/04 12:0 a.m.5 views

PT-2021-2247

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.11.4 Linux kernel versions prior to 5.10.21 Linux kernel versions prior to 5.4.103 Linux kernel versions prior to 4.19.179 Linux kernel versions prior to 4.14.224 Linux kernel versions prior to 4.9.260 Linux...

9.8CVSS7.6AI score0.78684EPSS
Exploits55References616
RedHat Linux
RedHat Linux
added 2021/03/03 11:46 a.m.1 views

kernel: locking issue in drivers/tty/tty_jobctrl.c can lead to an use-after-free

A locking vulnerability was found in the tty subsystem of the Linux kernel in drivers/tty/ttyjobctrl.c. This flaw allows a local attacker to possibly corrupt memory or escalate privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

7.8CVSS6.7AI score0.01129EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2021/03/03 9:36 a.m.2 views

kernel: locking issue in drivers/tty/tty_jobctrl.c can lead to an use-after-free

A locking vulnerability was found in the tty subsystem of the Linux kernel in drivers/tty/ttyjobctrl.c. This flaw allows a local attacker to possibly corrupt memory or escalate privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

7.8CVSS6.7AI score0.01129EPSS
Exploits2References4
Positive Technologies
Positive Technologies
added 2021/03/03 12:0 a.m.5 views

PT-2021-2251 · Cisco · Cisco Network Services Orchestrator

Name of the Vulnerable Software and Affected Versions: Cisco Network Services Orchestrator NSO affected versions not specified Description: A vulnerability in the API subsystem and web-management interface of Cisco Network Services Orchestrator NSO could allow an unauthenticated, remote attacker ...

7.5CVSS6.2AI score0.01606EPSS
Exploits0References11
OSV
OSV
added 2021/02/25 7:5 a.m.17 views

USN-4749-1 linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-gke-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities

Bodong Zhao discovered a use-after-free in the Sun keyboard driver implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2020-25669 It was discovered that the jfs file system implementation in the Linux kernel...

8.8CVSS6.8AI score0.01129EPSS
Exploits6References10
Ubuntu
Ubuntu
added 2021/02/25 6:54 a.m.215 views

USN-4752-1: Linux kernel (OEM) vulnerabilities

Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen discovered that legacy pairing and secure-connections pairing authentication in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. A physically proxima...

7.8CVSS8AI score0.03292EPSS
Exploits13
OSV
OSV
added 2021/02/25 6:21 a.m.4 views

USN-4748-1 linux, linux-aws, linux-kvm, linux-lts-xenial, linux-raspi2, linux-snapdragon vulnerabilities

It was discovered that the jfs file system implementation in the Linux kernel contained an out-of-bounds read vulnerability. A local attacker could use this to possibly cause a denial of service system crash. CVE-2020-27815 It was discovered that the memory management subsystem in the Linux kerne...

7.8CVSS6.9AI score0.01129EPSS
Exploits5References6
Ubuntu
Ubuntu
added 2021/02/25 6:21 a.m.191 views

USN-4748-1: Linux kernel vulnerabilities

It was discovered that the jfs file system implementation in the Linux kernel contained an out-of-bounds read vulnerability. A local attacker could use this to possibly cause a denial of service system crash. CVE-2020-27815 It was discovered that the memory management subsystem in the Linux kerne...

7.8CVSS7.1AI score0.01129EPSS
Exploits5
Positive Technologies
Positive Technologies
added 2021/02/21 12:0 a.m.5 views

PT-2021-1525 · Google +1 · Android Kernel +1

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a use after free in the io uring subsystem of the Linux kernel, which could lead to local escalation of privilege with System execution privileges needed. User interaction is not required fo...

6.8CVSS4.7AI score0.00563EPSS
Exploits0References17
BDU FSTEC
BDU FSTEC
added 2021/02/19 12:0 a.m.4 views

The vulnerability of the media subsystem in Google Chrome web browser allows a hacker to execute arbitrary code.

The vulnerability of the media subsystem in Google Chrome browser is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

7.3CVSS8.3AI score0.01273EPSS
Exploits1References12Affected Software6
Tenable Nessus
Tenable Nessus
added 2021/02/19 12:0 a.m.58 views

Amazon Linux 2 : kernel (ALAS-2021-1600)

The version of kernel installed on the remote host is prior to 4.14.219-161.340. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2021-1600 advisory. 2024-05-23: CVE-2023-1390 was added to this advisory. A use-after-free flaw was found in kernel/trace/ringbuffer.c...

8.1CVSS6.7AI score0.06563EPSS
Exploits1References16
RedHat Linux
RedHat Linux
added 2021/02/16 2:32 p.m.3 views

kernel: locking issue in drivers/tty/tty_jobctrl.c can lead to an use-after-free

A locking vulnerability was found in the tty subsystem of the Linux kernel in drivers/tty/ttyjobctrl.c. This flaw allows a local attacker to possibly corrupt memory or escalate privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

7.8CVSS6.7AI score0.01129EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2021/02/16 2:28 p.m.5 views

kernel: locking issue in drivers/tty/tty_jobctrl.c can lead to an use-after-free

A locking vulnerability was found in the tty subsystem of the Linux kernel in drivers/tty/ttyjobctrl.c. This flaw allows a local attacker to possibly corrupt memory or escalate privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

7.8CVSS6.7AI score0.01129EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2021/02/16 12:0 a.m.55 views

Debian DLA-2557-1 : linux-4.19 security update

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2020-27815 A flaw was reported in the JFS filesystem code allowing a local attacker with the ability to set extended attributes to cause a denial o...

8.8CVSS7.4AI score0.06563EPSS
Exploits5References14
Tenable Nessus
Tenable Nessus
added 2021/02/12 12:0 a.m.49 views

SUSE SLES15 Security Update : kernel (SUSE-SU-2021:0438-1)

The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2021-3348: Fixed a use-after-free in nbdaddsocket that could be triggered by local attackers with access to the nbd device via an I/O request at a certain point...

9.8CVSS7.7AI score0.06563EPSS
Exploits14References112
OSV
OSV
added 2021/02/10 10:49 a.m.9 views

SUSE-SU-2021:0408-1 Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP3)

This update for the Linux Kernel 4.4.180-94116 fixes several issues. The following security issues were fixed: - CVE-2020-36158: Fixed a potential remote code execution in the Marvell mwifiex driver bsc1180562. - CVE-2020-0465: Fixed multiple missing bounds checks in hid-multitouch.c that could...

8.8CVSS7.4AI score0.02209EPSS
Exploits3References12
Rows per page
Query Builder