18 matches found
MiracleLinux 8 : kernel-4.18.0-305.3.1.el8_4 (AXSA:2021-2223:13)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2223:13 advisory. kernel: userspace applications can misuse the KVM API to cause a write of 16 bytes at an offset up to 32 GB from vcpu-run CVE-2021-3501 kernel:...
K56499646: Linux kernel vulnerability CVE-2021-3501
Security Advisory Description A flaw was found in the Linux kernel in versions before 5.12. The value of internal.ndata, in the KVM API, is mapped to an array index, which can be updated by a user process at anytime which could lead to an out-of-bounds write. The highest threat from this...
CVE-2021-3501 affecting package kernel for versions less than 5.10.78.1-1
CVE-2021-3501 affecting package kernel for versions less than 5.10.78.1-1. A patched version of the package is available...
AlmaLinux 8 : kernel (ALSA-2021:2168)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:2168 advisory. - A flaw was found in the Linux kernel in versions before 5.12. The value of internal.ndata, in the KVM API, is mapped to an array index, which can be...
Rocky Linux 8 : kernel (RLSA-2021:2168)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:2168 advisory. - A flaw was found in the Linux kernel in versions before 5.12. The value of internal.ndata, in the KVM API, is mapped to an array index, which can be...
Ubuntu: Security Advisory (USN-4977-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Important: Red Hat Security Advisory: Red Hat Virtualization Host security update [ovirt-4.4.6]
An update for imgbased, redhat-release-virtualization-host, and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System...
Ubuntu 20.04 LTS : Linux kernel (OEM) vulnerabilities (USN-4983-1)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4983-1 advisory. Piotr Krysiuk discovered that the eBPF implementation in the Linux kernel did not properly enforce limits for pointer operations. A local attacker could...
RHEL 8 : kpatch-patch (RHSA-2021:2165)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2021:2165 advisory. This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fixe...
RHEL 8 : kernel (RHSA-2021:2168)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2168 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: userspace applications can...
USN-4983-1 linux-oem-5.10 vulnerabilities
Piotr Krysiuk discovered that the eBPF implementation in the Linux kernel did not properly enforce limits for pointer operations. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-33200 Piotr Krysiuk and Benedict Schlueter...
USN-4983-1: Linux kernel (OEM) vulnerabilities
Piotr Krysiuk discovered that the eBPF implementation in the Linux kernel did not properly enforce limits for pointer operations. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-33200 Piotr Krysiuk and Benedict Schlueter...
USN-4977-1: Linux kernel vulnerabilities
Kiyin 尹亮 discovered that the NFC LLCP protocol implementation in the Linux kernel contained a reference counting error. A local attacker could use this to cause a denial of service system crash. CVE-2020-25670 Kiyin 尹亮 discovered that the NFC LLCP protocol implementation in the Linux kernel did n...
Important: Red Hat Security Advisory: kpatch-patch security update
An update is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links...
Important: Red Hat Security Advisory: kernel-rt security and bug fix update
An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
RLSA-2021:2168 Important: kernel security and bug fix update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: userspace applications can misuse the KVM API to cause a write of 16 bytes at an offset up to 32 GB from vcpu-run CVE-2021-3501 kernel: nitroenclaves stale file descriptors on failed...
Important: kernel security and bug fix update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: userspace applications can misuse the KVM API to cause a write of 16 bytes at an offset up to 32 GB from vcpu-run CVE-2021-3501 kernel: nitroenclaves stale file descriptors on failed...
CVE-2021-3501
CVE-2021-3501 affects Linux kernels prior to 5.12. The vulnerability arises from the KVM API: the internal.ndata value is mapped to an array index and can be updated by a user process at any time, enabling an out-of-bounds write. Documented impact is data integrity and system availability. A patc...