12 matches found
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, if the IMA appraisal method is used with the “imaappraise=log” boot parameter, lockdown can be circumvented using kexec on any machine when Secure Boot is disabled or unavailable. IMA prevents the “imaappraise=log” parameter from being set during boot, but this does not cover...
EUVD-2022-26729
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-21505
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the linux kernel, if IMA appraisal is used with the imaappraise=log boot param, lockdown can be defeated with kexec on any machine when Secure Boot is disabl...
CVE-2022-21505
In the linux kernel, if IMA appraisal is used with the "imaappraise=log" boot param, lockdown can be defeated with kexec on any machine when Secure Boot is disabled or unavailable. IMA prevents setting "imaappraise=log" from the boot param when Secure Boot is enabled, but this does not cover case...
CVE-2022-21505
In the linux kernel, if IMA appraisal is used with the "imaappraise=log" boot param, lockdown can be defeated with kexec on any machine when Secure Boot is disabled or unavailable. IMA prevents setting "imaappraise=log" from the boot param when Secure Boot is enabled, but this does not cover case...
DEBIAN-CVE-2022-21505
In the linux kernel, if IMA appraisal is used with the "imaappraise=log" boot param, lockdown can be defeated with kexec on any machine when Secure Boot is disabled or unavailable. IMA prevents setting "imaappraise=log" from the boot param when Secure Boot is enabled, but this does not cover case...
CVE-2022-21505
In the linux kernel, if IMA appraisal is used with the "imaappraise=log" boot param, lockdown can be defeated with kexec on any machine when Secure Boot is disabled or unavailable. IMA prevents setting "imaappraise=log" from the boot param when Secure Boot is enabled, but this does not cover case...
CVE-2022-21505
In the linux kernel, if IMA appraisal is used with the "imaappraise=log" boot param, lockdown can be defeated with kexec on any machine when Secure Boot is disabled or unavailable. IMA prevents setting "imaappraise=log" from the boot param when Secure Boot is enabled, but this does not cover case...
Authentication Bypass
Linux kernel is vulnerable to Authentication Bypass. The vulnerability exists because the library does not properly enforce policy in certain conditions, which allows an attacker to bypass the Kernel lockdown restrictions when UEFI secure boot is disabled or unavailable and IMA appraisal is enabl...
Mageia: Security Advisory (MGASA-2022-0279)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2022-21505
In the linux kernel, if IMA appraisal is used with the "imaappraise=log" boot param, lockdown can be defeated with kexec on any machine when Secure Boot is disabled or unavailable. IMA prevents setting "imaappraise=log" from the boot param when Secure Boot is enabled, but this does not cover case...
PT-2022-4442 · Linux +7 · Linux Kernel +7
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the Linux kernel's IMA appraisal feature, which can be used to bypass lockdown mechanisms when Secure Boot is disabled or unavailable. This can be achieved by...