141 matches found
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-1376)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Important: kernel
Issue Overview: A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system. CVE-2021-20321 This vulnerability allows local attackers to escalate privileges...
The vulnerability of the ccp-ops crypto driver in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the ccp-ops crypto driver in the Linux operating system is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a hacker to cause service failures...
CVE-2021-3744
A flaw was found in the Linux kernel. A memory leak in the ccp-ops crypto driver can allow attackers to cause a denial of service. This vulnerability is similar with the older CVE-2019-18808. The highest threat from this vulnerability is to system availability. Mitigation Mitigation for this issu...
PT-2021-8004 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a memory leak in the sun8i-ss crypto driver of the Linux kernel. This memory leak occurs on an error path and can be exploited by a remote attacker to cause a...
Cisco IOS XE Software IPsec VPN DoS (cisco-sa-iosxe-vpn-dos-edOmW28Z)
According to its self-reported version, Cisco IOS XE Software is affected by a denial of service DoS vulnerability in the hardware crypto driver due to insufficient verification of authenticity of received Encapsulating Security Payload ESP packets. An attacker could exploit this vulnerability by...
CVE-2020-3220
A vulnerability in the hardware crypto driver of Cisco IOS XE Software for Cisco 4300 Series Integrated Services Routers and Cisco Catalyst 9800-L Wireless Controllers could allow an unauthenticated, remote attacker to disconnect legitimate IPsec VPN sessions to an affected device. The...
CVE-2020-3220
The CVE-2020-3220 issue affects Cisco IOS XE Software on Cisco 4300 Series ISRs and Cisco Catalyst 9800-L Wireless Controllers, where the hardware crypto driver fails to properly verify ESP packet authenticity. This can allow an unauthenticated, remote attacker to perform a man-in-the-middle tamp...
Cisco IOS XE Software IPsec VPN Denial of Service Vulnerability
A vulnerability in the hardware crypto driver of Cisco IOS XE Software for Cisco 4300 Series Integrated Services Routers and Cisco Catalyst 9800-L Wireless Controllers could allow an unauthenticated, remote attacker to disconnect legitimate IPsec VPN sessions to an affected device. The...
F5 Networks BIG-IP : BIG-IP crypto driver vulnerability (K63558580)
The version of F5 Networks BIG-IP installed on the remote host is prior to 12.1.5 / 13.1.3.2 / 14.0.1.1 / 14.1.2.4 / 15.0.0. It is, therefore, affected by a vulnerability as referenced in the K63558580 advisory. - On BIG-IP 14.1.0-14.1.2.3, 14.0.0-14.0.1, 13.1.0-13.1.3.1, and 12.1.0-12.1.4.1, whe...
F5 Networks BIG-IP : BIG-IP crypto driver vulnerability (K43815022)
The version of F5 Networks BIG-IP installed on the remote host is prior to 12.1.5.1 / 14.1.2.4 / 15.1.0. It is, therefore, affected by a vulnerability as referenced in the K43815022 advisory. Under certain conditions, the Intel QuickAssist Technology QAT cryptography driver may produce a Traffic...
The vulnerability of the Sn5Crypto.sys driver of the Secret Net Studio security system, which allows a hacker to trigger a service failure.
The vulnerability of the Sn5Crypto.sys driver of the Secret Net Studio security system is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a service failure...
Remote code execution
A remote code execution vulnerability in the Qualcomm crypto driver. Product: Android. Versions: Android kernel. Android ID: A-34389927. References: QC-CR1091408...
CVE-2016-10230
CVE-2016-10230 is a remote code execution vulnerability in the Qualcomm crypto engine driver affecting the Android kernel. The Android bulletin (April 2017) lists the issue under the Qualcomm components and ties the fix to the 2017-04-05 patch level. Affected Google devices include Nexus 5X, Nexu...
Security Bulletin: NVIDIA Jetson TX1, Jetson TK1, Jetson TX2, and Tegra K1 L4T Security Updates for Multiple Vulnerabilities
Jetson and Tegra L4T contain vulnerabilities which may lead to denial of service, escalation of privileges, or information disclosure. Go to NVIDIA Product Security. Vulnerability Details The following sections summarize the potential vulnerabilities. Descriptions use CWE™ and risk assessments...
Google Android Qualcomm Crypto Driver Elevation of Privilege Vulnerability (CNVD-2017-31136)
Android is a free and open source Linux-based operating system led and developed by Google Inc. and the Open Handset Alliance. An elevation of privilege vulnerability exists in the Google Android Qualcomm encryption driver, which can be exploited by an attacker to elevate privileges...
The vulnerability of the hw/virtio/virtio-crypto.c component of the QEMU hardware emulation driver allows a attacker to trigger a service failure or execute arbitrary code.
The vulnerability of the hw/virtio/virtio-crypto.c component of the QEMU hardware emulation software is caused by a numerical overflow. Exploiting this vulnerability can allow an attacker acting locally to cause a service failure abrupt process termination or execute arbitrary code using a...
Vulnerability of the Qualcomm Android operating system’s crypto driver, allowing a hacker to execute arbitrary code
The vulnerability of Qualcomm’s Android operating system’s crypto driver is related to deficiencies in access control. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
CVE-2016-10289
An elevation of privilege vulnerability in the Qualcomm crypto driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions:...
CVE-2016-10289
An elevation of privilege vulnerability in the Qualcomm crypto driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions:...