182 matches found
SUSE SLES15 Security Update : kernel (Live Patch 7 for SLE 15 SP2) (SUSE-SU-2021:2387-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2387-1 advisory. This update for the Linux Kernel 5.3.18-2437 fixes several issues. The following security issues were fixed: - CVE-2021-0512: Fixed a possible...
SUSE SLES12: kernel-livepatch-5_3_18-24_52-default / etc (SUSE-SU-2021:2366-1)
The remote SUSE Linux SLES12 / SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:2366-1 advisory. This update for the Linux Kernel 4.12.14-12271 fixes one issue. The following security issue was fixed: - CVE-2021-23133: Fixed a race conditio...
SUSE SLES12: kernel-livepatch-4_12_14-197_83-default / etc (SUSE-SU-2021:2332-1)
The remote SUSE Linux SLES12 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2332-1 advisory. This update for the Linux Kernel 4.12.14-12263 fixes several issues. The following security issues were fixed: - CVE-2021-0512: Fixed ...
CVE-2021-0515
In Factory::CreateStrictFunctionMap of factory.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2021-0514
In several functions of the V8 library, there is a possible use after free due to a race condition. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
Out-of-bounds
In Factory::CreateStrictFunctionMap of factory.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
Race condition
In several functions of the V8 library, there is a possible use after free due to a race condition. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2021-0515
In Factory::CreateStrictFunctionMap of factory.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2021-0514
CVE-2021-0514 affects the Android platform through a race condition in several functions of the V8 library, causing a use-after-free that can enable remote code execution in an unprivileged process. Exploitation is possible with network access (no user interaction required) and affects Android ve...
CVE-2021-0514
In several functions of the V8 library, there is a possible use after free due to a race condition. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2021-9349)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9349 advisory. - Bluetooth: verify AMP hcichan before ampdestroy Archie Pusaka Orabug: 32912101 CVE-2021-33034 - bluetooth: eliminate the potential race condition whe...
ASB-A-167389063
In Factory::CreateStrictFunctionMap of factory.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation...
Ubuntu 16.04 ESM / 18.04 LTS : Linux kernel vulnerabilities (USN-5003-1)
The remote Ubuntu 16.04 ESM / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5003-1 advisory. Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free...
TLB Poisoning Attacks on AMD Secure Encrypted Virtualization (SEV)
Bulletin ID: AMD-SB-1023 Potential Impact: Loss of Integrity, Confidentiality and Availability Summary A malicious hypervisor HV along with an unprivileged process controlled by an attacker and executing in a guest VM, may maliciously control the process of flushing the Translation Lookaside Buff...
MalwareFox Anti-Malware 安全漏洞
MalwareFox Anti-Malware is an application from the American company MalwareFox. A malicious code detection software. A security vulnerability exists in MalwareFox AntiMalware 2.74.0.150, which allows the execution of ring 0 code to be exposed in the context of a driver, allowing an unprivileged...
Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 5.10.33 and fixes at least the following security issues: A race condition in Linux kernel SCTP sockets net/sctp/socket.c before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If...
Huawei EulerOS: Security Advisory for libjpeg-turbo (EulerOS-SA-2021-1810)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP3 : libjpeg-turbo (EulerOS-SA-2021-1810)
According to the version of the libjpeg-turbo packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In generatejsimdyccrgbconvertneon of jsimdarm64neon.S, there is a possible out of bounds write due to a missing bounds check. This could lea...
CVE-2021-23133
A race condition in Linux kernel SCTP sockets net/sctp/socket.c before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctpdestroysock is called without socknetsk-sctp.addrwqlock then an element is removed from the...
CVE-2021-23133
A race condition in Linux kernel SCTP sockets net/sctp/socket.c before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctpdestroysock is called without socknetsk-sctp.addrwqlock then an element is removed from the...