Lucene search
K

774 matches found

RedHat Linux
RedHat Linux
added 2023/11/07 9:3 a.m.3 views

kernel: dm stats: check for and propagate alloc_percpu failure

In the Linux kernel, the following vulnerability has been resolved: dm stats: check for and propagate allocpercpu failure Check allocprecpu's return value and return an error from dmstatsinit if it fails. Update allocdev to fail if dmstatsinit does. Otherwise, a NULL pointer dereference will occu...

5.5CVSS6.3AI score0.00168EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.42 views

Rocky Linux 9 : device-mapper-multipath (RLSA-2022:8453)

The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:8453 advisory. - A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, exploited alone or in conjuncti...

7.8CVSS7.4AI score0.00658EPSS
Exploits4References3
RedHat Linux
RedHat Linux
added 2023/10/10 4:31 p.m.5 views

kernel: LoadPin bypass via dm-verity table reload

A flaw was found in the Linux kernel. Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module and firmware loads to just the trusted root filesystem. Device-mapper table reloads currently allow users with root privileges to switch out...

6.9CVSS6.8AI score0.0035EPSS
Exploits1References5
Ubuntu
Ubuntu
added 2023/09/26 6:39 p.m.88 views

USN-6397-1: Linux kernel (BlueField) vulnerabilities

Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. CVE-2022-40982 Ruihan Li discovered that the bluetooth subsystem ...

10CVSS7.9AI score0.05794EPSS
Exploits5
OSV
OSV
added 2023/09/26 6:39 p.m.11 views

USN-6397-1 linux-bluefield vulnerabilities

Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. CVE-2022-40982 Ruihan Li discovered that the bluetooth subsystem ...

10CVSS7.3AI score0.05794EPSS
Exploits5References15
Tenable Nessus
Tenable Nessus
added 2023/09/26 12:0 a.m.39 views

Ubuntu 20.04 LTS : Linux kernel (BlueField) vulnerabilities (USN-6397-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6397-1 advisory. Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions...

10CVSS8.1AI score0.05794EPSS
Exploits5References15
Ubuntu
Ubuntu
added 2023/09/19 5:44 p.m.75 views

USN-6385-1: Linux kernel (OEM) vulnerabilities

It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. CVE-2022-27672 William Zhao discovered that the Traffic Control TC...

10CVSS7.6AI score0.16642EPSS
Exploits7
Redos
Redos
added 2023/09/18 12:0 a.m.39 views

ROS-20230915-10

A vulnerability in the Linux kernel memory management system is related to the lack of randomization of the exception handling stacks. of the exception handling stack. Exploitation of the vulnerability could allow an attacker to gain unauthorized access to protected information. Vulnerability of...

7.9CVSS6.2AI score0.0788EPSS
Exploits14
OSV
OSV
added 2023/09/11 2:24 p.m.2 views

USN-6357-1 linux-ibm, linux-ibm-5.4 vulnerabilities

Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. CVE-2022-40982 Ruihan Li discovered that the bluetooth subsystem ...

10CVSS7.3AI score0.05794EPSS
Exploits5References15
OSV
OSV
added 2023/09/08 9:36 p.m.3 views

USN-6340-2 linux-azure-5.4, linux-gcp-5.4, linux-gkeop, linux-raspi, linux-raspi-5.4, linux-xilinx-zynqmp vulnerabilities

Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service bluetooth communication. CVE-2023-2002 Zi Fan Tan discovered that the binder IPC...

10CVSS7.1AI score0.03546EPSS
Exploits2References10
Ubuntu
Ubuntu
added 2023/09/08 9:36 p.m.95 views

USN-6340-2: Linux kernel vulnerabilities

Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service bluetooth communication. CVE-2023-2002 Zi Fan Tan discovered that the binder IPC...

10CVSS7.7AI score0.03546EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/09/08 8:18 p.m.67 views

USN-6342-2: Linux kernel (Azure)

Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information. CVE-2023-20593 Zheng Zhang discovered that the device-mapper implementation in the Linux kernel...

7.8CVSS7.7AI score0.05794EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/09/06 4:59 p.m.71 views

USN-6349-1: Linux kernel (Azure) vulnerabilities

Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service bluetooth communication. CVE-2023-2002 Zi Fan Tan discovered that the binder IPC...

10CVSS7.7AI score0.03546EPSS
Exploits2
OSV
OSV
added 2023/09/06 4:59 p.m.13 views

USN-6349-1 linux-azure vulnerabilities

Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service bluetooth communication. CVE-2023-2002 Zi Fan Tan discovered that the binder IPC...

10CVSS7.1AI score0.03546EPSS
Exploits2References10
Ubuntu
Ubuntu
added 2023/09/06 3:43 p.m.71 views

USN-6347-1: Linux kernel (Azure CVM) vulnerabilities

William Zhao discovered that the Traffic Control TC subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service kernel deadlock. CVE-2022-4269 It was discovered that the NTFS file system...

10CVSS7.4AI score0.0406EPSS
Exploits4
Ubuntu
Ubuntu
added 2023/09/06 12:31 a.m.77 views

USN-6342-1: Linux kernel vulnerabilities

Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information. CVE-2023-20593 Zheng Zhang discovered that the device-mapper implementation in the Linux kernel...

7.8CVSS7.7AI score0.05794EPSS
Exploits1
OSV
OSV
added 2023/09/06 12:31 a.m.6 views

USN-6342-1 linux, linux-aws, linux-aws-hwe, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle vulnerabilities

Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information. CVE-2023-20593 Zheng Zhang discovered that the device-mapper implementation in the Linux kernel...

7.8CVSS7.2AI score0.05794EPSS
Exploits1References7
OpenVAS
OpenVAS
added 2023/09/06 12:0 a.m.31 views

Ubuntu: Security Advisory (USN-6340-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.3AI score0.03546EPSS
Exploits2References2
OSV
OSV
added 2023/09/05 11:35 p.m.6 views

USN-6340-1 linux, linux-aws, linux-aws-5.4, linux-gcp, linux-hwe-5.4, linux-iot, linux-kvm, linux-oracle, linux-oracle-5.4 vulnerabilities

Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service bluetooth communication. CVE-2023-2002 Zi Fan Tan discovered that the binder IPC...

10CVSS7.1AI score0.03546EPSS
Exploits2References10
OSV
OSV
added 2023/08/31 9:51 p.m.6 views

USN-6327-1 linux-kvm vulnerabilities

Zheng Zhang discovered that the device-mapper implementation in the Linux kernel did not properly handle locking during tableclear operations. A local attacker could use this to cause a denial of service kernel deadlock. CVE-2023-2269 It was discovered that a use-after-free vulnerability existed ...

7.8CVSS6.9AI score0.00517EPSS
Exploits0References7
Rows per page
Query Builder