Ubuntu 14.04 LTS / 18.04 LTS : Linux kernel (Azure) vulnerabilities (USN-7233-2)

The remote Ubuntu 14.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7233-2 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...

USN-7173-3: Linux kernel (Raspberry Pi) vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Several security issues were discover...

The vulnerability of the scsi_host_busy() function in the drivers/scsi/scsi_error.c component of the Linux kernel allows a malicious actor to cause a service failure.

The vulnerability of the scsihostbusy function in the drivers/scsi/scsierror.c component of the Linux kernel relates to the recovery of unreliable data in memory. Exploiting this vulnerability can allow an attacker to cause a service failure...

K82131333: Linux kernel vulnerability CVE-2019-19066

Security Advisory Description A memory leak in the bfadimgetstats function in drivers/scsi/bfa/bfadattr.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service memory consumption by triggering bfaportgetstats failures, aka CID-0e62395da2bd. CVE-2019-19066 Impact There i...

OracleVM 3.4 : kernel-uek (OVMSA-2022-0031)

The remote OracleVM system is missing necessary patches to address security updates: - In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfsqueuework in fs/btrfs/async-thread.c. CVE-2019-19377 - Ther...

The vulnerability of the scsi_ioctl function in the Linux operating system’s kernel allows a hacker to disclose protected information.

The vulnerability of the scsiioctl function drivers/scsi/scsiioctl.c in the Linux operating system is related to the lack of protection for service data. Exploiting this vulnerability can allow an attacker to disclose the protected information...

AZL-9240 CVE-2022-0494 affecting package kernel for versions less than 5.15.37.1-2

A kernel information leak flaw was identified in the scsiioctl function in drivers/scsi/scsiioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege CAPSYSADMIN or CAPSYSRAWIO to create issues with confidentiality...

SUSE: Security Advisory (SUSE-SU-2019:2951-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-27364

An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsitransportiscsi.c is adversely affected by the ability of an unprivileged user to craft Netlink messages...

CVE-2021-27364

An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsitransportiscsi.c is adversely affected by the ability of an unprivileged user to craft Netlink messages...

kernel: Memory leak in drivers/scsi/libsas/sas_expander.c

A memory leak flaw was found in the Linux kernel. An error in the resource cleanup of the sasexdiscoverexpander function can allow an attacker to induce error conditions that could crash the system. The highest threat from this vulnerability is to system availability...

NewStart CGSL MAIN 4.05 : kernel Multiple Vulnerabilities (NS-SA-2020-0021)

The remote NewStart CGSL host, running version MAIN 4.05, has kernel packages installed that are affected by multiple vulnerabilities: - The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the...

CVE-2018-10021

The code in the drivers/scsi/libsas/sasscsihost.c file in the Linux kernel allow a physically proximate attacker to cause a memory leak in the ATA command queue and, thus, denial of service by triggering certain failure conditions...

CVE-2019-19965

In the Linux kernel through 5.4.6, there is a NULL pointer dereference in drivers/scsi/libsas/sasdiscover.c because of mishandling of port disconnection during discovery, related to a PHY down race condition, aka CID-f70267f379b5...

SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:2946-1)

The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a race condition in the Instruction Fetch Unit of the Intel CPU to cause a Machine Exception...

SUSE SLES12 Security Update : kernel (SUSE-SU-2019:2953-1)

The SUSE Linux Enterprise 15-SP1 Azure Kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a race condition in the Instruction Fetch Unit of the Intel CPU to cause a Machine...

CVE-2019-11810

A flaw was found in the Linux kernel, prior to version 5.0.7, in drivers/scsi/megaraid/megaraidsasbase.c, where a NULL pointer dereference can occur when megasascreateframepool fails in megasasalloccmds. An attacker can crash the system if they were able to load the megaraidsas kernel module and...

RHEL 7 : kernel (RHSA-2019:2837)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2837 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: Kernel: page cache side channel attack...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

CVE-2019-15807

In the Linux kernel before 5.1.13, there is a memory leak in drivers/scsi/libsas/sasexpander.c when SAS expander discovery fails. This will cause a BUG and denial of service...