182 matches found
Race condition
A race condition in Linux kernel SCTP sockets net/sctp/socket.c before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctpdestroysock is called without socknetsk-sctp.addrwqlock then an element is removed from the...
CVE-2021-23133
A race condition in Linux kernel SCTP sockets net/sctp/socket.c before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctpdestroysock is called without socknetsk-sctp.addrwqlock then an element is removed from the...
CVE-2021-23133 Linux Kernel sctp_destroy_sock race condition
A race condition in Linux kernel SCTP sockets net/sctp/socket.c before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctpdestroysock is called without socknetsk-sctp.addrwqlock then an element is removed from the...
CVE-2021-23133
CVE-2021-23133 is a race condition in the Linux kernel SCTP sockets (net/sctp/socket.c) prior to 5.12-rc8. If sctp_destroy_sock executes without sock_net(sk)->sctp.addr_wq_lock, an element is removed from the auto_asconf_splist list without proper locking, enabling a local attacker with networ...
CVE-2021-23133
A race condition in Linux kernel SCTP sockets net/sctp/socket.c before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctpdestroysock is called without socknetsk-sctp.addrwqlock then an element is removed from the...
FreeBSD : FreeBSD -- double free in accept_filter(9) socket configuration interface (f8e1e2a6-9791-11eb-b87a-901b0ef719ab)
An unprivileged process can configure an accept filter on a listening socket. This is done using the setsockopt2 system call. The process supplies the name of the accept filter which is to be attached to the socket, as well as a string containing filter-specific information. If the filter...
Code injection
In FreeBSD 13.0-STABLE before n245117, 12.2-STABLE before r369551, 11.4-STABLE before r369559, 13.0-RC5 before p1, 12.2-RELEASE before p6, and 11.4-RELEASE before p9, copy-on-write logic failed to invalidate shared memory page mappings between multiple processes allowing an unprivileged process t...
CVE-2021-0396
In Builtins::GenerateArgumentsAdaptorTrampoline of builtins-arm.cc and related files, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is n...
CVE-2021-0396
In Builtins::GenerateArgumentsAdaptorTrampoline of builtins-arm.cc and related files, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is n...
Out-of-bounds
In Builtins::GenerateArgumentsAdaptorTrampoline of builtins-arm.cc and related files, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is n...
EulerOS Virtualization 3.0.2.6 : libjpeg-turbo (EulerOS-SA-2021-1438)
According to the versions of the libjpeg-turbo package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In generatejsimdyccrgbconvertneon of jsimdarm64neon.S, there is a possible out of bounds write due to a missing bounds chec...
Huawei EulerOS: Security Advisory for libjpeg-turbo (EulerOS-SA-2021-1489)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for libjpeg-turbo (EulerOS-SA-2021-1405)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
ASB-A-160610106
In Builtins::GenerateArgumentsAdaptorTrampoline of builtins-arm.cc and related files, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is n...
CVE-2020-26603
An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 software. Sticker Center allows directory traversal for an unprivileged process to read arbitrary files. The Samsung ID is SVE-2020-18433 October 2020...
CVE-2020-26603
An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 software. Sticker Center allows directory traversal for an unprivileged process to read arbitrary files. The Samsung ID is SVE-2020-18433 October 2020...
CVE-2020-26602
An issue was discovered in EthernetNetwork on Samsung mobile devices with O8.1, P9.0, Q10.0, and R11.0 software. PendingIntent allows sdcard access by an unprivileged process. The Samsung ID is SVE-2020-18392 October 2020...
Code injection
An issue was discovered in EthernetNetwork on Samsung mobile devices with O8.1, P9.0, Q10.0, and R11.0 software. PendingIntent allows sdcard access by an unprivileged process. The Samsung ID is SVE-2020-18392 October 2020...
CVE-2020-26602
An issue was discovered in EthernetNetwork on Samsung mobile devices with O8.1, P9.0, Q10.0, and R11.0 software. PendingIntent allows sdcard access by an unprivileged process. The Samsung ID is SVE-2020-18392 October 2020...
CVE-2020-26604
An issue was discovered in SystemUI on Samsung mobile devices with O8.x, P9.0, Q10.0, and R11.0 software. PendingIntent allows an unprivileged process to access contact numbers. The Samsung ID is SVE-2020-18467 October 2020...