10863 matches found
Security Bulletin: Publicly disclosed vulnerability from Kernel affects IBM Netezza Host Management
Summary Kernel is used by IBM Netezza Host Management. This bulletin provides mitigation for the reported vulnerability. Vulnerability Details CVEID: CVE-2020-14351 DESCRIPTION: Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by a...
AZL-6532 CVE-2021-27363 affecting package kernel for versions less than 5.10.78.1-1
An issue was discovered in the Linux kernel through 5.11.3. A kernel pointer leak can be used to determine the address of the iscsitransport structure. When an iSCSI transport is registered with the iSCSI subsystem, the transport's handle is available to unprivileged users via the sysfs file...
CVE-2021-27365
A flaw was found in the Linux kernel. A heap buffer overflow in the iSCSI subsystem is triggered by setting an iSCSI string attribute to a value larger than one page and then trying to read it. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...
PT-2021-2243 · Linux +8 · Linux Kernel +8
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.11.3 Description: The issue is related to a buffer overflow in the iSCSI subsystem of the Linux kernel, which can be exploited by sending specially crafted Netlink messages. This can allow an attacker to cause...
PT-2021-2247
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.11.4 Linux kernel versions prior to 5.10.21 Linux kernel versions prior to 5.4.103 Linux kernel versions prior to 4.19.179 Linux kernel versions prior to 4.14.224 Linux kernel versions prior to 4.9.260 Linux...
kernel: locking issue in drivers/tty/tty_jobctrl.c can lead to an use-after-free
A locking vulnerability was found in the tty subsystem of the Linux kernel in drivers/tty/ttyjobctrl.c. This flaw allows a local attacker to possibly corrupt memory or escalate privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...
kernel: locking issue in drivers/tty/tty_jobctrl.c can lead to an use-after-free
A locking vulnerability was found in the tty subsystem of the Linux kernel in drivers/tty/ttyjobctrl.c. This flaw allows a local attacker to possibly corrupt memory or escalate privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...
PT-2021-2251 · Cisco · Cisco Network Services Orchestrator
Name of the Vulnerable Software and Affected Versions: Cisco Network Services Orchestrator NSO affected versions not specified Description: A vulnerability in the API subsystem and web-management interface of Cisco Network Services Orchestrator NSO could allow an unauthenticated, remote attacker ...
USN-4749-1 linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-gke-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities
Bodong Zhao discovered a use-after-free in the Sun keyboard driver implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2020-25669 It was discovered that the jfs file system implementation in the Linux kernel...
USN-4752-1: Linux kernel (OEM) vulnerabilities
Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen discovered that legacy pairing and secure-connections pairing authentication in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. A physically proxima...
USN-4748-1 linux, linux-aws, linux-kvm, linux-lts-xenial, linux-raspi2, linux-snapdragon vulnerabilities
It was discovered that the jfs file system implementation in the Linux kernel contained an out-of-bounds read vulnerability. A local attacker could use this to possibly cause a denial of service system crash. CVE-2020-27815 It was discovered that the memory management subsystem in the Linux kerne...
USN-4748-1: Linux kernel vulnerabilities
It was discovered that the jfs file system implementation in the Linux kernel contained an out-of-bounds read vulnerability. A local attacker could use this to possibly cause a denial of service system crash. CVE-2020-27815 It was discovered that the memory management subsystem in the Linux kerne...
PT-2021-1525 · Google +1 · Android Kernel +1
Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a use after free in the io uring subsystem of the Linux kernel, which could lead to local escalation of privilege with System execution privileges needed. User interaction is not required fo...
The vulnerability of the media subsystem in Google Chrome web browser allows a hacker to execute arbitrary code.
The vulnerability of the media subsystem in Google Chrome browser is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...
Amazon Linux 2 : kernel (ALAS-2021-1600)
The version of kernel installed on the remote host is prior to 4.14.219-161.340. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2021-1600 advisory. 2024-05-23: CVE-2023-1390 was added to this advisory. A use-after-free flaw was found in kernel/trace/ringbuffer.c...
kernel: locking issue in drivers/tty/tty_jobctrl.c can lead to an use-after-free
A locking vulnerability was found in the tty subsystem of the Linux kernel in drivers/tty/ttyjobctrl.c. This flaw allows a local attacker to possibly corrupt memory or escalate privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...
kernel: locking issue in drivers/tty/tty_jobctrl.c can lead to an use-after-free
A locking vulnerability was found in the tty subsystem of the Linux kernel in drivers/tty/ttyjobctrl.c. This flaw allows a local attacker to possibly corrupt memory or escalate privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...
Debian DLA-2557-1 : linux-4.19 security update
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2020-27815 A flaw was reported in the JFS filesystem code allowing a local attacker with the ability to set extended attributes to cause a denial o...
SUSE SLES15 Security Update : kernel (SUSE-SU-2021:0438-1)
The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2021-3348: Fixed a use-after-free in nbdaddsocket that could be triggered by local attackers with access to the nbd device via an I/O request at a certain point...
SUSE-SU-2021:0408-1 Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP3)
This update for the Linux Kernel 4.4.180-94116 fixes several issues. The following security issues were fixed: - CVE-2020-36158: Fixed a potential remote code execution in the Marvell mwifiex driver bsc1180562. - CVE-2020-0465: Fixed multiple missing bounds checks in hid-multitouch.c that could...