12 matches found
EUVD-2017-5405
Malware in sbrugna...
SUSE-SU-2020:0558-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-2732: Fixed an issue affecting Intel CPUs where an L2 guest may trick the L0 hypervisor into accessing sensitive L1 resources bsc1163971. -...
UBUNTU-CVE-2019-19815
In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause a NULL pointer dereference in f2fsrecoverfsyncdata in fs/f2fs/recovery.c. This is related to F2FSPSB in fs/f2fs/f2fs.h...
kernel: NULL pointer dereference in ext4/mballoc.c:ext4_process_freed_data() when mounting crafted ext4 image
The Linux kernel is vulnerable to a NULL pointer dereference in the ext4/mballoc.c:ext4processfreeddata function. An attacker could trick a legitimate user or a privileged attacker could exploit this by mounting a crafted ext4 image to cause a kernel panic...
CVE-2018-14611
An issue was discovered in the Linux kernel through 4.17.10. There is a use-after-free in trymergefreespace when mounting a crafted btrfs image, because of a lack of chunk type flag checks in btrfscheckchunkvalid in fs/btrfs/volumes.c...
CVE-2018-14614
An issue was discovered in the Linux kernel through 4.17.10. There is an out-of-bounds access in removedirtysegment in fs/f2fs/segment.c when mounting an f2fs image...
PT-2018-10156 Ā· LinuxĀ +5 Ā· Linux KernelĀ +5
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw was found in the Linux kernel's ext4 filesystem, allowing a local user to cause an out-of-bound access in the ext4 get group info function. This can lead to a denial of service...
CVE-2018-4176
An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "Disk Images" component. It allows attackers to trigger an app launch upon mounting a crafted disk image...
CVE-2017-13890
An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. macOS before 10.13 is affected. The issue involves the "CoreTypes" component. It allows remote attackers to trigger disk-image mounting via a crafted web site...
CVE-2017-13890
CVE-2017-13890 affects macOS CoreTypes (macOS
CVE-2017-13890
An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. macOS before 10.13 is affected. The issue involves the "CoreTypes" component. It allows remote attackers to trigger disk-image mounting via a crafted web site...
Linux Kernel EXT4 Error Handling Denial Of Service Vulnerability
Mounting a crafted EXT4 image as read-only leads to a kernel panic. Since the mounting procedure is a privileged operation, an attacker is probably not able to trigger this vulnerability on the commandline. Instead the automatic mounting feature of the GUI via a crafted USB-device is required...