1723 matches found
UBUNTU-CVE-2021-46945
In the Linux kernel, the following vulnerability has been resolved: ext4: always panic when errors=panic is specified Before commit 014c9caa29d3 "ext4: make ext4abort use ext4error", the following series of commands would trigger a panic: 1. mount /dev/sda -o ro,errors=panic test 2. mount /dev/sd...
CVE-2021-46958 btrfs: fix race between transaction aborts and fsyncs leading to use-after-free
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between transaction aborts and fsyncs leading to use-after-free There is a race between a task aborting a transaction during a commit, a task doing an fsync and the transaction kthread, which leads to an...
Linux kernel security vulnerabilities
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a contention between a task that aborts a transaction during a commit, a task that performs fsync, and a...
Denial Of Service
man2html is vulnerable to Denial Of Service. The vulnerability is due a specific string being read from a file which will overwrite the size parameter in the top chunk of the heap. This causes the program to segmentation abort which leads to Denial Of Service...
CVE-2023-31289
Pexip Infinity before 31.2 has Improper Input Validation for signalling, allowing remote attackers to trigger an abort...
CVE-2023-31289
Pexip Infinity before 31.2 has Improper Input Validation for signalling, allowing remote attackers to trigger an abort...
CVE-2023-31455
Pexip Infinity before 31.2 has Improper Input Validation for RTCP, allowing remote attackers to trigger an abort...
CVE-2023-31455
Pexip Infinity before 31.2 has Improper Input Validation for RTCP, allowing remote attackers to trigger an abort...
Input validation
Pexip Infinity before 31.2 has Improper Input Validation for signalling, allowing remote attackers to trigger an abort...
CVE-2023-31455
Pexip Infinity before 31.2 has Improper Input Validation for RTCP, allowing remote attackers to trigger an abort...
CVE-2023-31289
CVE-2023-31289 affects Pexip Infinity prior to version 31.2. The root cause is improper input validation for signalling, allowing remote attackers to trigger a service abort. Impact is a potential denial of service. Remediation per available sources is to upgrade to version 31.2 or later or apply...
CVE-2023-31289
Pexip Infinity before 31.2 has Improper Input Validation for signalling, allowing remote attackers to trigger an abort...
Pexip Infinity Security Vulnerability
Pexip Infinity is a cloud collaboration platform for video conferencing from Pexip Norway. The product provides high quality and secure cloud conferencing capabilities. A security vulnerability exists in Pexip Infinity prior to version 31.2, which stems from the application having incorrect...
Pexip Infinity Security Vulnerability
Pexip Infinity is a cloud collaboration platform for video conferencing from Pexip Norway. The product provides high quality and secure cloud conferencing capabilities. A security vulnerability exists in Pexip Infinity prior to version 31.2, which stems from incorrect validation of RTCP inputs,...
kernel: rxrpc: Make it so that a waiting process can be aborted
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Make it so that a waiting process can be aborted When sendmsg creates an rxrpc call, it queues it to wait for a connection and channel to be assigned and then waits before it can start shovelling data as the encrypted DATA...
Rocky Linux 8 : virt:rhel (RLSA-2020:0279)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2020:0279 advisory. - TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via ...
RLSA-2023:4517 Important: kernel security and bug fix update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: use-after-free in l2capconnect and l2capleconnectreq in net/bluetooth/l2capcore.c CVE-2022-42896 kernel: tcindex: use-after-free vulnerability in traffic control index filter allows...
CVE-2023-4882
DOS vulnerability that could allow an attacker to register a new VNF Virtual Network Function value. This action could trigger the argsassets function defined in the arg-log.php file, which would then execute the args-abort.c file, causing the service to crash...
kernel: netfilter: nf_tables: fix chain binding transaction logic in the abort path of NFT_MSG_NEWRULE
A use-after-free vulnerability was found in the netfilter: nftables component in the Linux kernel due to a missing error handling in the abort path of NFTMSGNEWRULE. This flaw allows a local attacker with CAPNETADMIN access capability to cause a local privilege escalation problem...
kernel: netfilter: nf_tables: fix chain binding transaction logic in the abort path of NFT_MSG_NEWRULE
A use-after-free vulnerability was found in the netfilter: nftables component in the Linux kernel due to a missing error handling in the abort path of NFTMSGNEWRULE. This flaw allows a local attacker with CAPNETADMIN access capability to cause a local privilege escalation problem...