MiracleLinux 7 : kernel-3.10.0-1160.53.1.el7 (AXSA:2022-2973:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-2973:02 advisory. kernel: perfeventparseaddrfilter memory CVE-2020-25704 kernel: fuse: fusedogetattr calls makebadinode in inappropriate situations CVE-2020-36322...

kernel: Heap buffer overflow in firedtv driver

A heap-based buffer overflow flaw was found in the Linux kernel FireDTV media card driver, where the user calls the CASENDMSG ioctl. This flaw allows a local user of the host machine to crash the system or escalate privileges on the system. The highest threat from this vulnerability is to...

USN-5267-2: Linux kernel regression

USN-5267-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a regression that caused the kernel to freeze when accessing CIFS shares in some situations. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered...

USN-5268-1 linux, linux-aws, linux-aws-hwe, linux-azure, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities

Keyu Man discovered that the ICMP implementation in the Linux kernel did not properly handle received ICMP error packets. A remote attacker could use this to facilitate attacks on UDP based services that depend on source port randomization. CVE-2021-20322 It was discovered that the Bluetooth...

USN-5266-1 linux-gke, linux-gke-5.4 vulnerabilities

It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-22600 Luo Likang discovered that the FireDTV Firewire...

kernel: Heap buffer overflow in firedtv driver

A heap-based buffer overflow flaw was found in the Linux kernel FireDTV media card driver, where the user calls the CASENDMSG ioctl. This flaw allows a local user of the host machine to crash the system or escalate privileges on the system. The highest threat from this vulnerability is to...

kernel: Heap buffer overflow in firedtv driver

A heap-based buffer overflow flaw was found in the Linux kernel FireDTV media card driver, where the user calls the CASENDMSG ioctl. This flaw allows a local user of the host machine to crash the system or escalate privileges on the system. The highest threat from this vulnerability is to...

USN-5207-1 linux-oem-5.10 vulnerabilities

Nadav Amit discovered that the hugetlb implementation in the Linux kernel did not perform TLB flushes under certain conditions. A local attacker could use this to leak or alter data from other processes that use huge pages. CVE-2021-4002 It was discovered that the eBPF implementation in the Linux...

USN-5165-1 linux-oem-5.14 vulnerabilities

It was discovered that the NFC subsystem in the Linux kernel contained a use-after-free vulnerability in its NFC Controller Interface NCI implementation. A local attacker could possibly use this to cause a denial of service system crash or execute arbitrary code. CVE-2021-3760 It was discovered...

CVE-2021-3542

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-42739. Reason: This candidate is a reservation duplicate of CVE-2021-42739. Notes: All CVE users should reference CVE-2021-42739 instead of this candidate. All references and descriptions in this candidate have been removed t...