11 matches found
UBUNTU-CVE-2026-43915
Coturn is a free open source implementation of TURN and STUN Server. Versions prior to 4.11.0 contain a stored cross-site scripting XSS vulnerability in the web-admin HTTPS interface. An attacker who can create a TURN allocation with a crafted USERNAME value can inject HTML/JavaScript that execut...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001256)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001256 advisory. An issue was discovered in the nsgetpath function in fs/nsfs.c in the Linux kernel before 4.11. Due to a race condition when accessing files, a Use After Free...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003241)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003241 advisory. The makeresponse function in drivers/block/xen-blkback/blkback.c in the Linux kernel before 4.11.8 allows guest OS users to obtain sensitive information from host OS...
PT-2025-44324
Name of the Vulnerable Software and Affected Versions Wazuh versions prior to 4.11.0 Description Wazuh is a platform for threat prevention, detection, and response. A flaw exists in the fim fetch attributes state implementation where it does not verify if time string is NULL before applying strle...
Linux kernel buffer overflow vulnerability (CNVD-2019-29638)
Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A buffer overflow vulnerability exists in the 'rdsrecvtracklatency' function in the net/rds/afrds.c file in versions of Linux kernel prior to 4.11. The vulnerability...
PT-2018-11456 · Xen +1 · Xen +1
Name of the Vulnerable Software and Affected Versions: Xen versions prior to 4.11 Description: An issue in Xen allows a malicious PV guest to crash the system, leading to a Denial of Service. The vulnerability can be triggered by a guest and is caused by an oversight in safety checks added to...
Linux kernel 'setup_ntlmv2_rsp()' function null pointer dereference vulnerability
Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A security vulnerability in the 'setupntlmv2rsp' function in the fs/cifs/cifsencrypt.c file in versions of Linux kernel prior to 4.11 stems from the program not proper...
Linux kernel denial of service vulnerability (CNVD-2018-06306)
The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A denial of service vulnerability exists in the blkcginitqueue function in block/blk-cgroup.c in the Linux kernel pri...
PT-2019-1113 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.11 Linux kernel versions 4.9.x before 4.9.187 Description: An issue was discovered in the Linux kernel that allows an attacker to control a pointer in kernel land and cause a general protection fault, or...
PT-2017-2770 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.11.1 Description: The issue is related to the sanity check raw super function in the Linux kernel, which does not properly validate the segment count. This allows local users to gain privileges via unspecified...
PT-2017-3574 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.11 Description: The issue is related to the blkcg init queue function in the Linux kernel, specifically in the block/blk-cgroup.c file. It is caused by a double free error, which can be exploited by local user...