CVE-2021-29155

CVE-2021-29155 is a Linux kernel issue affecting the eBPF verifier path (kernel/bpf/verifier.c) that allows speculative-out-of-bounds memory accesses to leak kernel memory via side-channels. The description from connected documents ties the vulnerability to Spectre mitigations and notes that a lo...

USN-4890-1: Linux kernel vulnerabilities | Cloud Foundry

Severity High Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Description Piotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not properly compute a speculative execution limit on pointer arithmetic in some situations. A local attacker could use this to expose...

The vulnerability in the implementation of the TLS protocol by the OpenSSL library, which allows a attacker to cause a service failure

The vulnerability of the TLS protocol implementation in the OpenSSL library is related to pointer arithmetic errors. Exploiting this vulnerability allows a malicious actor to cause a service failure by using a specially crafted “ClientHello” message...

The vulnerability of the LDAP server of the Samba networking software package, related to pointer arithmetic errors, allows a hacker to trigger a service failure.

The vulnerability of the Samba networking software’s LDAP server is related to pointer arithmetic errors. Exploiting this vulnerability can allow a malicious actor to cause service failures...

Fedora 33 : kernel (2021-e49da8a226)

The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-e49da8a226 advisory. - An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c performs undesirable out- of-bounds speculation on pointer...

CVE-2020-27171

An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c has an off-by-one error with a resultant integer underflow affecting out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information...

AZL-6525 CVE-2020-27170 affecting package kernel for versions less than 5.10.78.1-1

An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory, aka CID-f232326f6966. This...

CVE-2020-27170

An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory, aka CID-f232326f6966. This...

CVE-2020-27171

An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c has an off-by-one error with a resultant integer underflow affecting out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information...

CVE-2020-27170

An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory, aka CID-f232326f6966. This...

CVE-2020-27170

An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory, aka CID-f232326f6966. This...

[SECURITY] Fedora 34 Update: gnome-calculator-40~rc-1.fc34

gnome-calculator is a powerful graphical calculator with financial, logical and scientific modes. It uses a multiple precision package to do its arithmetic to give a high degree of accuracy...

CVE-2020-27170

An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory, aka CID-f232326f6966. This...

The vulnerability of Linux operating system kernels, related to pointer arithmetic errors, allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of Linux operating system kernels is related to pointer arithmetic errors. Exploiting this vulnerability can allow attackers to access confidential data, compromise its integrity, and cause service failures...

The vulnerability of the Go programming language, related to incorrect calculations, allows attackers to disclose protected information and compromise the integrity of that information.

The vulnerability in the crypto/elliptic/p224.go programming language is related to incorrect calculations. Exploiting this vulnerability can allow a remote attacker to disclose protected information and compromise the integrity of that information...

CVE-2020-11296

Arithmetic overflow can happen while processing NOA IE due to improper error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon...

Buffer overflow

Arithmetic overflow can happen while processing NOA IE due to improper error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon...

CVE-2020-11296

CVE-2020-11296 concerns an arithmetic overflow in processing NOA IE across multiple Qualcomm Snapdragon platforms (Auto, Compute, Connectivity, etc.). Root cause is improper error handling, leading to an overflow that can impact Snapdragon families including Mobile, IoT, Automotive lines and rela...

CVE-2020-11296

Arithmetic overflow can happen while processing NOA IE due to improper error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon...

PT-2021-9304 · Qualcomm · Snapdragon Compute +9

Name of the Vulnerable Software and Affected Versions: Snapdragon Auto affected versions not specified Snapdragon Compute affected versions not specified Snapdragon Connectivity affected versions not specified Snapdragon Consumer Electronics Connectivity affected versions not specified Snapdragon...