Lucene search
+L

170 matches found

Tenable Nessus
Tenable Nessus
added 2024/12/12 12:0 a.m.34 views

Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel vulnerabilities (USN-7154-1)

"The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7154-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...

8.8CVSS6.8AI score0.00879EPSS
Exploits12References398
Cvelist
Cvelist
added 2024/12/05 10:20 p.m.32 views

CVE-2018-9386

In rebootblockcommand of htc rebootblock driver, there is a possible stack buffer overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

0.00085EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/12/05 12:0 a.m.11 views

PT-2024-10655 · Htc · Htc Reboot Block Driver

Name of the Vulnerable Software and Affected Versions: htc reboot block driver affected versions not specified Description: The issue is related to a possible stack buffer overflow in the reboot block command of the htc reboot block driver due to a missing bounds check. This could lead to local...

6.7CVSS7AI score0.00085EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2024/11/06 12:0 a.m.8 views

The vulnerability of the nbd_requeue_cmd() function in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the nbdrequeuecmd function in the drivers/block/nbd.c module of the Linux kernel is related to the reutilization of previously freed memory due to concurrent access to resources. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrit...

7CVSS6.9AI score0.00201EPSS
Exploits0References21Affected Software7
Tenable Nessus
Tenable Nessus
added 2024/11/04 12:0 a.m.18 views

RHEL 6 : qemu-kvm-rhev (RHSA-2014:0434)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:0434 advisory. KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provid...

8.6CVSS7.8AI score0.01002EPSS
Exploits3References19
Tenable Nessus
Tenable Nessus
added 2024/10/09 12:0 a.m.17 views

CentOS 7 : qemu-kvm-ma (RHSA-2020:1150)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1150 advisory. - An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 before 4.2.1 handled a response coming...

7.7CVSS7.9AI score0.04018EPSS
Exploits0References3
OSV
OSV
added 2024/07/19 11:8 a.m.12 views

OESA-2024-1863 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: rtnetlink: Correct nested IFLAVFVLANLIST attribute validation Each attribute inside a nested IFLAVFVLANLIST is assumed to be a struct iflavfvlaninfo so the size ...

9.8CVSS6.6AI score0.00762EPSS
Exploits1References34
BDU FSTEC
BDU FSTEC
added 2024/05/27 12:0 a.m.6 views

The vulnerability of the blkpg_do_ioctl() function in the block/ioctl.c driver for block devices in the Linux operating system allows a attacker to compromise the integrity and accessibility of the protected information.

The vulnerability of the blkpgdoioctl function in the block/ioctl.c driver for block devices in the Linux operating system is related to the lack of correspondence between the sizes of partitions and the sizes of blocks. Exploiting this vulnerability could allow an attacker to compromise the...

5.5CVSS6.1AI score0.00231EPSS
Exploits0References33Affected Software4
RedHat Linux
RedHat Linux
added 2024/05/22 10:3 a.m.6 views

kernel: null_blk: Always check queue mode setting from configfs

A missing validation flaw was found in the Linux kernel nullblk driver's configuration handling. A local user with access to configfs can configure a nullblk device with queuemode set to 1 legacy I/O path, which is no longer supported, causing the driver to proceed without proper validation and...

5.5CVSS7.2AI score0.00135EPSS
Exploits0References5
OSV
OSV
added 2024/05/21 4:15 p.m.1 views

DEBIAN-CVE-2023-52762

In the Linux kernel, the following vulnerability has been resolved: virtio-blk: fix implicit overflow on virtiomaxdmasize The following codes have an implicit conversion from sizet to u32: u32maxsize = sizetvirtiomaxdmasizevdev; This may lead overflow, Ex sizet4G - u320. Once virtiomaxdmasize has...

5.5CVSS5.7AI score0.00242EPSS
Exploits0References1
OSV
OSV
added 2024/03/18 10:19 a.m.5 views

CVE-2023-52618 block/rnbd-srv: Check for unlikely string overflow

In the Linux kernel, the following vulnerability has been resolved: block/rnbd-srv: Check for unlikely string overflow Since "devsearchpath" can technically be as large as PATHMAX, there was a risk of truncation when copying it and a second string into "fullpath" since it was also PATHMAX sized...

5.3CVSS5.9AI score0.00738EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2023/11/08 12:0 a.m.29 views

NewStart CGSL MAIN 6.06 : qemu Multiple Vulnerabilities (NS-SA-2023-0132)

The remote NewStart CGSL host, running version MAIN 6.06, has qemu packages installed that are affected by multiple vulnerabilities: - In QEMU 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg-8deb10u1, 1:3.1+dfsg-8+deb10u2, and 1:2.1+dfsg-12+deb8u12 fixed, when executing script in...

7.7AI score0.05447EPSS
Exploits1References15
RedHat Linux
RedHat Linux
added 2023/11/07 9:3 a.m.9 views

kernel: null_blk: Always check queue mode setting from configfs

A missing validation flaw was found in the Linux kernel nullblk driver's configuration handling. A local user with access to configfs can configure a nullblk device with queuemode set to 1 legacy I/O path, which is no longer supported, causing the driver to proceed without proper validation and...

5.5CVSS7.2AI score0.00135EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:4 a.m.4 views

SUSE CVE-2020-1711

An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 before 4.2.1 handled a response coming from an iSCSI server while checking the status of a Logical Address Block LBA in an iscsicoblockstatus routine. A remote user could use this flaw to...

8.6CVSS7.6AI score0.04018EPSS
Exploits0References11
Ubuntu
Ubuntu
added 2023/01/05 6:34 p.m.94 views

USN-5789-1: Linux kernel (OEM) vulnerabilities

It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Jann Horn discovered that the...

7.8CVSS7.3AI score0.21314EPSS
Exploits3
OpenVAS
OpenVAS
added 2022/12/13 12:0 a.m.24 views

Ubuntu: Security Advisory (USN-5773-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.3AI score0.21314EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2022/11/15 12:0 a.m.37 views

NewStart CGSL MAIN 6.02 : qemu Multiple Vulnerabilities (NS-SA-2022-0087)

The remote NewStart CGSL host, running version MAIN 6.02, has qemu packages installed that are affected by multiple vulnerabilities: - libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ipreass in ipinput.c. CVE-2019-15890 - An out-of-bounds read/write access flaw was found in the USB...

7.7CVSS7.5AI score0.05447EPSS
Exploits1References7
Ubuntu
Ubuntu
added 2022/10/27 7:9 p.m.59 views

USN-5706-1: Linux kernel (Azure CVM) vulnerabilities

It was discovered that the BPF verifier in the Linux kernel did not properly handle internal data structures. A local attacker could use this to expose sensitive information kernel memory. CVE-2021-4159 It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2...

7.8CVSS7.2AI score0.00419EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/10/21 2:24 p.m.58 views

USN-5695-1: Linux kernel (GCP) vulnerabilities

It was discovered that the SUNRPC RDMA protocol implementation in the Linux kernel did not properly calculate the header size of a RPC message payload. A local attacker could use this to expose sensitive information kernel memory. CVE-2022-0812 Moshe Kol, Amit Klein and Yossi Gilad discovered tha...

8.2CVSS6.7AI score0.02986EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/10/18 7:33 p.m.70 views

USN-5687-1: Linux kernel (Azure) vulnerabilities

It was discovered that the SUNRPC RDMA protocol implementation in the Linux kernel did not properly calculate the header size of a RPC message payload. A local attacker could use this to expose sensitive information kernel memory. CVE-2022-0812 Moshe Kol, Amit Klein and Yossi Gilad discovered tha...

8.2CVSS6.7AI score0.02986EPSS
Exploits1
Rows per page
Query Builder