166 matches found
Important: postgresql
Issue Overview: Certain aggregate function calls receiving "unknown"-type arguments could disclose bytes of server memory from the end of the "unknown"-type value to the next zero byte. One typically gets an "unknown"-type value via a string literal having no type designation. We have not confirm...
Rocky Linux 8 : postgresql:13 (RLSA-2021:5236)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:5236 advisory. - When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker ca...
CVE-2023-4693
An out-of-bounds read flaw was found on grub2's NTFS filesystem driver. This issue may allow a physically present attacker to present a specially crafted NTFS file system image to read arbitrary memory locations. A successful attack allows sensitive data cached in memory or EFI variable values to...
CVE-2023-21510
Out-of-bounds Read vulnerability while processing BCTUICMDUPDATESCREEN in bctui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to read arbitrary memory...
SUSE CVE-2022-2785
There exists an arbitrary memory read within the Linux Kernel BPF - Constants provided to fill pointers in structs passed in to bpfsysbpf are not verified and can point anywhere, including memory not owned by BPF. An attacker with CAPBPF can arbitrarily read memory from anywhere on the system. We...
FreeBSD : LibreSSL -- Arbitrary memory read (1dd84344-a7da-11ed-86e9-d4c9ef517024)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 1dd84344-a7da-11ed-86e9-d4c9ef517024 advisory. - The OpenBSD project reports: A malicious certificate revocation list or timestamp response token woul...
Lenovo Diagnostics Driver Memory Access Exploit
This Metasploit module demonstrates how an incorrect access control for the Lenovo Diagnostics Driver allows a low-privileged user the ability to issue device IOCTLs to perform arbitrary physical/virtual memory reads and writes. This module requires Metasploit: https://metasploit.com/download...
VulnCheck KEV: CVE-2018-19323
The GPCIDrv and GDrv low-level drivers in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate privileges...
Arbitrary Memory read in BPF Linux Kernel
...
CVE-2022-2785
There exists an arbitrary memory read within the Linux Kernel BPF - Constants provided to fill pointers in structs passed in to bpfsysbpf are not verified and can point anywhere, including memory not owned by BPF. An attacker with CAPBPF can arbitrarily read memory from anywhere on the system. We...
DEBIAN-CVE-2022-2785
There exists an arbitrary memory read within the Linux Kernel BPF - Constants provided to fill pointers in structs passed in to bpfsysbpf are not verified and can point anywhere, including memory not owned by BPF. An attacker with CAPBPF can arbitrarily read memory from anywhere on the system. We...
CVE-2022-2785
There exists an arbitrary memory read within the Linux Kernel BPF - Constants provided to fill pointers in structs passed in to bpfsysbpf are not verified and can point anywhere, including memory not owned by BPF. An attacker with CAPBPF can arbitrarily read memory from anywhere on the system. We...
AZL-34860 CVE-2022-2785 affecting package kernel for versions less than 6.6.35.1-4
There exists an arbitrary memory read within the Linux Kernel BPF - Constants provided to fill pointers in structs passed in to bpfsysbpf are not verified and can point anywhere, including memory not owned by BPF. An attacker with CAPBPF can arbitrarily read memory from anywhere on the system. We...
UBUNTU-CVE-2022-2785
There exists an arbitrary memory read within the Linux Kernel BPF - Constants provided to fill pointers in structs passed in to bpfsysbpf are not verified and can point anywhere, including memory not owned by BPF. An attacker with CAPBPF can arbitrarily read memory from anywhere on the system. We...
CVE-2022-2785
There exists an arbitrary memory read within the Linux Kernel BPF - Constants provided to fill pointers in structs passed in to bpfsysbpf are not verified and can point anywhere, including memory not owned by BPF. An attacker with CAPBPF can arbitrarily read memory from anywhere on the system. We...
CVE-2022-2785 Arbitrary Memory read in BPF Linux Kernel
There exists an arbitrary memory read within the Linux Kernel BPF - Constants provided to fill pointers in structs passed in to bpfsysbpf are not verified and can point anywhere, including memory not owned by BPF. An attacker with CAPBPF can arbitrarily read memory from anywhere on the system. We...
CVE-2022-2785
CVE-2022-2785 affects the Linux kernel BPF subsystem. The vulnerability arises because constants used to fill pointers in structs passed to bpf_sys_bpf are not verified, allowing an attacker with CAP_BPF to read memory anywhere on the system. Affected systems can face arbitrary memory reads, with...
CVE-2022-2785
There exists an arbitrary memory read within the Linux Kernel BPF - Constants provided to fill pointers in structs passed in to bpfsysbpf are not verified and can point anywhere, including memory not owned by BPF. An attacker with CAPBPF can arbitrarily read memory from anywhere on the system. We...
SUSE-SU-2022:2836-1 Security update for ntfs-3g_ntfsprogs
This update for ntfs-3gntfsprogs fixes the following issues: Updated to version 2022.5.17 bsc1199978: - CVE-2022-30783: Fixed an issue where messages between NTFS-3G and the kernel could be intercepted when using libfuse-lite. - CVE-2022-30784: Fixed a memory exhaustion issue when opening a craft...
PT-2022-4895 · Linux · Linux Kernel Bpf
Name of the Vulnerable Software and Affected Versions: Linux Kernel BPF affected versions not specified Description: The issue is related to an arbitrary memory read within the Linux Kernel BPF. Constants provided to fill pointers in structs passed to bpf sys bpf are not verified and can point...