Oracle Linux 8 : virt:ol / and / virt-devel:ol (ELSA-2021-4191)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-4191 advisory. - security: fix SELinux label generation logic CVE-2021-3631 - storagedriver: Unlock object on ACL fail in storagePoolLookupByTargetPath CVE-2021-3667 ...

Google Android 缓冲区错误漏洞

Google Android is a Linux-based open source operating system from Google. An elevation of privilege vulnerability exists in the Google Android Kernel. The vulnerability stems from an out-of-bounds write due to improper locking in the dwc3gadgetep0queue of ep0.c. An attacker could use this...

Google Android 信息泄露漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability. The vulnerability originates in monsmcloadsp in gs101-sc/plat/samsung/exynos/soc/exynos9845/smcbooting.S due to improper locking, which can be exploited b...

PUB-A-174049006

In regmapexit of regmap.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation...

PUB-A-174049066

In configfsopenfile of file.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation...

PUB-A-198713939

In monsmcloadsp of gs101-sc/plat/samsung/exynos/soc/exynos9845/smcbooting.S, there is a possible reinitialization of TEE due to improper locking. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation...

PUB-A-157294279

In dwc3gadgetep0queue of ep0.c, there is a possible out of bounds write due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

SUSE SLED15 / SLES15 Security Update : libvirt (SUSE-SU-2021:3586-1)

The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:3586-1 advisory. - An improper locking issue was found in the virStoragePoolLookupByTargetPath API of libvirt. It occurs in the storagePoolLookupByTargetPath...

SUSE SLES15 Security Update : libvirt (SUSE-SU-2021:3540-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:3540-1 advisory. - An improper locking issue was found in the virStoragePoolLookupByTargetPath API of libvirt. It occurs in the storagePoolLookupByTargetPath...

CVE-2021-0625

In ccu, there is a possible memory corruption due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05594996; Issue ID: ALPS05594996...

Memory corruption

In ccu, there is a possible memory corruption due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05594996; Issue ID: ALPS05594996...

CVE-2021-0940

In TBD of TBD, there is a possible out of bounds write due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

CVE-2021-0625

CVE-2021-0625 affects MediaTek’s ccu (camera control processor). The Red Hat/NVD entries describe memory corruption due to improper locking, enabling local escalation of privilege with System execution privileges required and no user interaction. The vulnerability impact is stated as local, with ...

CVE-2021-0625

In ccu, there is a possible memory corruption due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05594996; Issue ID: ALPS05594996...

SUSE: Security Advisory (SUSE-SU-2021:3277-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED12 / SLES12 Security Update : libvirt (SUSE-SU-2021:3277-1)

The remote SUSE Linux SLED12 / SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:3277-1 advisory. - An improper locking issue was found in the virStoragePoolLookupByTargetPath API of libvirt. It occurs in the...

SUSE-SU-2021:3277-1 Security update for libvirt

This update for libvirt fixes the following issues: - CVE-2021-3667: Fixed an improper locking on ACL failure in virStoragePoolLookupByTargetPath API. bsc1188843...

PUB-A-171315276

In TBD of TBD, there is a possible out of bounds write due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation...

PT-2021-7209 · Mariadb +5 · Mariadb Server +5

Name of the Vulnerable Software and Affected Versions: MariaDB Server versions prior to 10.7 Description: The issue is related to a denial of service vulnerability in the xbstream open method, located in extra/mariabackup/ds xbstream.cc. When an error occurs, specifically when stream ctxt-dest fi...

PT-2021-7211 · Mariadb +6 · Mariadb Server +6

Name of the Vulnerable Software and Affected Versions: MariaDB Server versions prior to 10.7 Description: The issue is related to a denial of service vulnerability. In the extra/mariabackup/ds compress.cc file, when an error occurs while executing the create worker threads method, the held lock i...