7 matches found
Debian DLA-2610-1 : linux-4.19 security update
Several vulnerabilities have been discovered in the Linux kernel that may lead to the execution of arbitrary code, privilege escalation, denial of service, or information leaks. CVE-2020-27170, CVE-2020-27171 Piotr Krysiuk discovered flaws in the BPF subsystem's checks for information leaks throu...
Debian DLA-2586-1 : linux security update
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2019-19318, CVE-2019-19813, CVE-2019-19816 'Team bobfuzzer' reported bugs in Btrfs that could lead to a use-after-free or heap buffer overflow, and...
PT-2021-3110 · Linux +5 · Linux Kernel +5
Name of the Vulnerable Software and Affected Versions: Linux kernel versions 2.6.39 through 5.10.16 Description: An issue was discovered in the Linux kernel, as used in Xen, where block, net, and SCSI backends consider certain errors a plain bug, deliberately causing a kernel crash. This issue...
ALPINE-CVE-2017-10911
The makeresponse function in drivers/block/xen-blkback/blkback.c in the Linux kernel before 4.11.8 allows guest OS users to obtain sensitive information from host OS or other guest OS kernel memory by leveraging the copying of uninitialized padding fields in Xen block-interface response structure...
DEBIAN-CVE-2017-10911
The makeresponse function in drivers/block/xen-blkback/blkback.c in the Linux kernel before 4.11.8 allows guest OS users to obtain sensitive information from host OS or other guest OS kernel memory by leveraging the copying of uninitialized padding fields in Xen block-interface response structure...
blkif responses leak backend stack data
ISSUE DESCRIPTION The block interface response structure has some discontiguous fields. Certain backends populate the structure fields of an otherwise uninitialized instance of this structure on their stacks, leaking data through the internal or trailing padding field. IMPACT A malicious...
PT-2013-3558 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.10.5 Description: The issue allows guest OS users to cause a denial of service, resulting in data loss, by performing filesystem write operations on a read-only disk that supports either the BLKIF OP DISCARD...