Design/Logic Flaw

KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is triggered. CVSS 3.1 Base Score 6.7...

CVE-2022-21499

CVE-2022-21499: KGDB/KDB can read/write kernel memory if lockdown is triggered; attacker with serial-port access could trigger debugger. Connected advisories reiter the risk and note the need to ensure lockdown mode is respected, but do not specify a patched version or remediation beyond that. Th...

CVE-2022-21499

KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is triggered. CVSS 3.1 Base Score 6.7...

CVE-2022-21499

KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is triggered. CVSS 3.1 Base Score 6.7...

Ubuntu 20.04 LTS : Linux kernel (OEM) vulnerabilities (USN-5470-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-5470-1 advisory. It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker cou...

Ubuntu 16.04 ESM : Linux kernel vulnerabilities (USN-5465-1)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5465-1 advisory. It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged...

Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-5471-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5471-1 advisory. It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged...

LSN-0086-1: Kernel Live Patch Security Notice

It was discovered that a race condition existed in the network scheduling subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code.CVE-2021-39713 Yiqi Sun and Kevin Wang...

GtkRadiant 1.6.6 Buffer Overflow

===== Intro ===== GtkRadiant is a cross-platform level editor software for idtech game engines such as Quake. It comes with data authoring tools and a BSP map compiler called q3map2 which parses MAP files. The code has been around for a long time and uses unsafe string copy and format functions. ...

Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.15.43 and fixes at least the following security issues: A race condition in the perf subsystem allows for a local privilege escalation. NOTE: Mageia kernels by default has disabled the perf usage for unprivileged users, effectively rendering this...

Linux kernel 缓冲区错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from a buffer error vulnerability. An attacker exploits this vulnerability to bypass Linux kernel restrictions via a debugger in order to elevate his...

UBUNTU-CVE-2022-21499

KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is triggered. CVSS 3.1 Base Score 6.7...

CVE-2022-21499

KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is triggered. CVSS 3.1 Base Score 6.7...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2022-9425)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9425 advisory. - iouring: always use original task when preparing req identity Jens Axboe Orabug: 34186552 CVE-2022-1786 Tenable has extracted the preceding...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2022-9426)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9426 advisory. - iouring: always use original task when preparing req identity Jens Axboe Orabug: 34186552 CVE-2022-1786 Tenable has extracted the preceding...

Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2022-9423)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9423 advisory. 4.14.35-2047.513.2.2 - debug: Lock down kgdb Stephen Brennan Orabug: 34152700 CVE-2022-21499 Tenable has extracted the preceding description block directly from...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2022-9422)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9422 advisory. 4.1.12-124.62.3.1 - debug: Lock down kgdb Stephen Brennan Orabug: 34152701 CVE-2022-21499 Tenable has extracted the preceding description block directly fro...

Oracle Linux 7 : Unbreakable Enterprise kernel-container (ELSA-2022-9427)

The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2022-9427 advisory. 4.14.35-2047.513.2.2.el7 - debug: Lock down kgdb Stephen Brennan Orabug: 34152700 CVE-2022-21499 Tenable has extracted the preceding description block directly...

PT-2022-4133 · Linux +9 · Linux Kernel +9

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the insecure management of privileges when loading the KGDB and KDB debugging tools in Linux kernel's Lockdown Mode. This could allow an attacker to bypass...

Node.js: DNS rebinding in --inspect (again) via invalid IP addresses

A vulnerability was discovered in the Node.js debugger that allowed an attacker to gain access to the debugger and potentially execute remote code. This was possible due to a flaw in the IsAllowedHost check, which did not properly validate invalid IP addresses, allowing for DNS rebinding attacks...