369 matches found
SUSE-SU-2026:20822-1 Security update for systemd
This update for systemd fixes the following issues: Security issues: - CVE-2026-4105: privilege escalation due to improper access control in RegisterMachine D-Bus method bsc1259650. - CVE-2026-29111: local unprivileged user can trigger an assert in systemd bsc1259418. - udev: check for invalid...
CVE-2025-68257
CVE-2025-68257 : Linux kernel COMEDI subsystem vulnerability where compat ioctl handlers could dereference a NULL callback when the device was not attached. Root cause: compat ioctls lacked a proper sanity check of device attached status, allowing a NULL dereference in path leading to a crash. Fi...
EUVD-2018-6659
Malware in sbrugna...
UBUNTU-CVE-2020-29573
sysdeps/i386/ldbl2mpn.c in the GNU C Library aka glibc or libc6 before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a...
Information Leakage
The kernel packages is vulnerable to an information leakage. A flaw was found in the printfatalsignal implementation in the Linux kernel. When "/proc/sys/kernel/print-fatal-signals" is set to 1 the default value is 0, memory that is reachable by the kernel could be leaked to user-space. This issu...
Design/Logic Flaw
tssalloc in sys/arch/i386/i386/gdt.c in OpenBSD 6.2 and 6.3 has a Local Denial of Service system crash due to incorrect I/O port access control on the i386 architecture...
CVE-2018-14775
tssalloc in sys/arch/i386/i386/gdt.c in OpenBSD 6.2 and 6.3 has a Local Denial of Service system crash due to incorrect I/O port access control on the i386 architecture...
CVE-2018-14775
tssalloc in sys/arch/i386/i386/gdt.c in OpenBSD 6.2 and 6.3 has a Local Denial of Service system crash due to incorrect I/O port access control on the i386 architecture...
CVE-2018-14775
CVE-2018-14775 affects OpenBSD 6.2 and 6.3, where the function tss_alloc in sys/arch/i386/i386/gdt.c mishandles I/O port access control on the i386 architecture. This leads to a Local Denial of Service (system crash). The impact is local, with no information about remote exploitation provided. Pa...
UBUNTU-CVE-2017-18269
An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library aka glibc or libc6 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in...
USN-3542-1: Linux kernel vulnerabilities
Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. This update provide...
MGASA-2017-0201 Updated libffi packages fix security vulnerability
libffi, a library used to call code written in one language from code written in a different language, was enforcing an executable stack on the i386 architecture. While this might not be considered a vulnerability by itself, this could be leveraged when exploiting other vulnerabilities, such as t...
Debian DSA-3889-1 : libffi - security update (Stack Clash)
libffi, a library used to call code written in one language from code written in a different language, was enforcing an executable stack on the i386 architecture. While this might not be considered a vulnerability by itself, this could be leveraged when exploiting other vulnerabilities, like for...
PT-2017-3250 · Gnu +1 · Libffi +1
Name of the Vulnerable Software and Affected Versions: libffi versions prior to 3.1 Description: The issue is caused by libffi requesting an executable stack, allowing attackers to more easily trigger arbitrary code execution by overwriting the stack. This is due to a buffer overflow operation in...
Debian: Security Advisory (DSA-3889-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 2393)
This kernel update fixes the following security problems : - A bug within the UDF filesystem that caused machine hangs when truncating files on the filesystem was fixed. 186226. CVE-2006-4145 - A potential crash when receiving IPX packets was fixed. This problem is thought not to be exploitable...
[USN-1029-1] OpenSSL vulnerabilities
=========================================================== Ubuntu Security Notice USN-1029-1 December 08, 2010 openssl vulnerabilities CVE-2008-7270, CVE-2010-4180 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS...
CentOS 5 : kernel (CESA-2010:0147)
Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...
Solaris 4 (x86) : 104663-10
CDE 1.0.2x86: dtfile patch. Date this patch was last updated by Sun : Apr/22/99 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
Openswan和strongSwan DPD报文远程拒绝服务漏洞
BUGTRAQ ID: 34296 CVECAN ID: CVE-2009-0790 Openswan和strongSwan都是Linux系统下的IPSEC实现。 死亡对等体检测(DPD)是IPsec IKE通知消息,使用ICOOKIE/RCOOKIE机制将入站报文匹配到已知的安全关联(ISAKMP)。在一个端点的ISAKMP状态已过期但另一个端点仍在使用旧状态发送DPD通知的情况下,如果远程攻击者向Openswan和strongSwan发送了恶意的RUTHERE或 RUTHEREACK通知报文的话,就会在不存在的状态对象st上触发空指针引用,导致pluto IKE守护程序崩溃并重启。...