Mozilla: Out of bound write due to lazy initialization

A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound write. This vulnerability affects Firefox ESR 78.10, Thunderbird 78.10, and Firefox 88...

Mozilla: Out of bound write due to lazy initialization

A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound write. This vulnerability affects Firefox ESR 78.10, Thunderbird 78.10, and Firefox 88...

Mozilla: Out of bound write due to lazy initialization

A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound write. This vulnerability affects Firefox ESR 78.10, Thunderbird 78.10, and Firefox 88...

Ubuntu 20.04 LTS : Linux kernel (OEM) vulnerabilities (USN-4752-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4752-1 advisory. Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen discovered that legacy pairing and secure- connections pairing authentication in the...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2021-1531)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-4752-1: Linux kernel (OEM) vulnerabilities

Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen discovered that legacy pairing and secure-connections pairing authentication in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. A physically proxima...

USN-4660-2: Linux kernel regression | Cloud Foundry

Severity Unknown Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Description USN-4660-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a regression in the software raid10 driver when used with fstrim that could lead to data corruption. This updat...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2021-9001)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9001 advisory. - fbdev, newportcon: Move FONTEXTRAWORDS macros into linux/font.h Peilin Ye Orabug: 32176267 CVE-2020-28915 Tenable has extracted the preceding...

USN-4659-2: Linux kernel regression

USN-4659-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a regression in the software raid10 driver when used with fstrim that could lead to data corruption. This update fixes the problem. Original advisory details: It was discovered that a race condition existe...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel regression (USN-4658-2)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-4658-2 advisory. USN-4658-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a regression in the software raid10 driver when used with...

USN-4659-1: Linux kernel vulnerabilities

It was discovered that a race condition existed in the binder IPC implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-0423 Daniele Antonioli, Nils Ole...

openSUSE Security Update : the Linux Kernel (openSUSE-2020-2034)

The openSUSE Leap 15.1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2020-28915: A buffer over-read at the framebuffer layer in the fbcon code could be used by local attackers to read kernel memory, aka CID-6735b4632def bnc1178886. -...

CVE-2020-28915

A buffer over-read at the framebuffer layer in the fbcon code in the Linux kernel before 5.8.15 could be used by local attackers to read kernel memory, aka CID-6735b4632def...

Buffer overflow

A buffer over-read at the framebuffer layer in the fbcon code in the Linux kernel before 5.8.15 could be used by local attackers to read kernel memory, aka CID-6735b4632def...

CVE-2020-28915

A buffer over-read at the framebuffer layer in the fbcon code in the Linux kernel before 5.8.15 could be used by local attackers to read kernel memory, aka CID-6735b4632def...

CVE-2020-28915

A buffer over-read at the framebuffer layer in the fbcon code in the Linux kernel before 5.8.15 could be used by local attackers to read kernel memory, aka CID-6735b4632def...

CVE-2017-15124

VNC server implementation in Quick Emulator QEMU was found to be vulnerable to an unbounded memory allocation issue, as it did not throttle the framebuffer updates sent to its client. If the client did not consume these updates, VNC server allocates growing memory to hold onto this data. A...

UBUNTU-CVE-2017-14156

The atyfbioctl function in drivers/video/fbdev/aty/atyfbbase.c in the Linux kernel through 4.12.10 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory by reading locations associated with padding bytes...

USN-3361-1: Linux kernel (HWE) vulnerabilities

USN-3358-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.04. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 17.04 for Ubuntu 16.04 LTS. Please note that this update changes the Linux HWE kernel to the 4.10 based kernel from Ubuntu...

DEBIAN-CVE-2017-1000044

gtk-vnc 0.4.2 and older doesn't check framebuffer boundaries correctly when updating framebuffer which may lead to memory corruption when rendering...