15 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-3490
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The eBPF ALU32 bounds tracking for bitwise ops AND, OR and XOR in the Linux kernel did not properly update 32-bit bounds, which could be turned into out of boun...
K43346111: Linux kernel eBPF vulnerability CVE-2021-3490
Security Advisory Description The eBPF ALU32 bounds tracking for bitwise ops AND, OR and XOR in the Linux kernel did not properly update 32-bit bounds, which could be turned into out of bounds reads and writes in the Linux kernel and therefore, arbitrary code execution. This issue was fixed via...
Ubuntu: Security Advisory (USN-4950-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Metasploit Wrap-Up
Capture Credentials with our new SMB Server Our own Adam Galway revamped the old SMB capture module and now supports NTLMv1 and NTLMv2, as well as SMB1, SMB2 and SMB3. This was possible thanks to @zeroSteiner's new RubySMB server implementation. Metasploit is now able to capture NTLM hashes from...
Linux eBPF ALU32 32-bit Invalid Bounds Tracking Local Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Linux eBPF ALU32 32-bit Invalid Bounds Tracking LPE', 'Description' = %q Linux kernels from 5.7-rc1 prior to 5.13-rc4, 5.12.4, 5.11.21, and 5.10....
CVE-2021-3490
creationtimestamp| type| source ---|---|--- 2021-07-30 07:13:19+00:00| published-proof-of-concept| https://t.me/linkersec/98 2021-07-30 19:51:20+00:00| seen| https://t.me/ctinow/37820 2021-08-31 23:56:20+00:00| seen|...
Exploit for Improper Input Validation in Linux Linux_Kernel
LinuxLPEeBPFCVE-2021-3490 LPE exploit for CVE-2021-3490. T...
CVE-2021-3490
The eBPF ALU32 bounds tracking for bitwise ops AND, OR and XOR in the Linux kernel did not properly update 32-bit bounds, which could be turned into out of bounds reads and writes in the Linux kernel and therefore, arbitrary code execution. This issue was fixed via commit 049c4e13714e "bpf: Fix...
CVE-2021-3490
Technical details about CVE-2021-3490 are not publicly provided in the supplied documents. Monitor for updates.
Fedora: Security Advisory for kernel-headers (FEDORA-2021-286375de1e)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for kernel (FEDORA-2021-286375de1e)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for kernel-headers (FEDORA-2021-05152dbcf5)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for kernel (FEDORA-2021-05152dbcf5)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Ubuntu 21.04 : Linux kernel vulnerabilities (USN-4950-1)
The remote Ubuntu 21.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4950-1 advisory. Ryota Shiga discovered that the eBPF implementation in the Linux kernel did not properly verify that a BPF program only reserved as much memory for a ring...
Ubuntu: Security Advisory (USN-4948-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...