33 matches found
EUVD-2011-2202
Malware in sbrugna...
EUVD-2010-3858
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2024-42106
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - inetdiag: Initialize pad field in struct inetdiagreqv2 KMSAN reported uninit-value access in rawlookup 1. Diag for raw sockets uses the pad field in struct...
Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2024-12618)
The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12618 advisory. - net: mana: Fix possible double free in error handling path Ma Ke Orabug: 36897038 CVE-2024-42069 - net: relax socket state check at accept time...
Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2024-12610)
The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12610 advisory. - MIPS: Octeon: Add PCIe link status check Dave Kleikamp Orabug: 36947196 CVE-2024-40968 - drm/amdgpu: Fix signedness bug in sdmav40processtrapirq...
SUSE-SU-2024:3189-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-43907: drm/amdgpu/pm: fix the null pointer dereference in applystateadjustrules bsc1229787. - CVE-2024-43905: drm/amd/pm: fix the null pointer dereferenc...
SUSE CVE-2024-42106
In the Linux kernel, the following vulnerability has been resolved: inetdiag: Initialize pad field in struct inetdiagreqv2 KMSAN reported uninit-value access in rawlookup 1. Diag for raw sockets uses the pad field in struct inetdiagreqv2 for the underlying protocol. This field corresponds to the...
CVE-2024-42106
In the Linux kernel, the following vulnerability has been resolved: inetdiag: Initialize pad field in struct inetdiagreqv2 KMSAN reported uninit-value access in rawlookup 1. Diag for raw sockets uses the pad field in struct inetdiagreqv2 for the underlying protocol. This field corresponds to the...
CVE-2024-42106
In the Linux kernel, the following vulnerability has been resolved: inetdiag: Initialize pad field in struct inetdiagreqv2 KMSAN reported uninit-value access in rawlookup 1. Diag for raw sockets uses the pad field in struct inetdiagreqv2 for the underlying protocol. This field corresponds to the...
CVE-2024-42106 inet_diag: Initialize pad field in struct inet_diag_req_v2
In the Linux kernel, the following vulnerability has been resolved: inetdiag: Initialize pad field in struct inetdiagreqv2 KMSAN reported uninit-value access in rawlookup 1. Diag for raw sockets uses the pad field in struct inetdiagreqv2 for the underlying protocol. This field corresponds to the...
CVE-2024-42106 inet_diag: Initialize pad field in struct inet_diag_req_v2
In the Linux kernel, the following vulnerability has been resolved: inetdiag: Initialize pad field in struct inetdiagreqv2 KMSAN reported uninit-value access in rawlookup 1. Diag for raw sockets uses the pad field in struct inetdiagreqv2 for the underlying protocol. This field corresponds to the...
CVE-2021-47597 inet_diag: fix kernel-infoleak for UDP sockets
In the Linux kernel, the following vulnerability has been resolved: inetdiag: fix kernel-infoleak for UDP sockets KMSAN reported a kernel-infoleak 1, that can exploited by unpriv users. After analysis it turned out UDP was not initializing r-idiagexpires. Other users of inetskdiagfill might make...
CVE-2021-47597 inet_diag: fix kernel-infoleak for UDP sockets
In the Linux kernel, the following vulnerability has been resolved: inetdiag: fix kernel-infoleak for UDP sockets KMSAN reported a kernel-infoleak 1, that can exploited by unpriv users. After analysis it turned out UDP was not initializing r-idiagexpires. Other users of inetskdiagfill might make...
OESA-2023-1180 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: A flaw in the Linux Kernel found. Fail if no bound addresses can be used for a given scope. A type confusion can happen in inetdiagmsgsctpasocfill in net/sctp/diag.c, which uses a type confused pointer to return information to...
GSD-2021-1002740 inet_diag: fix kernel-infoleak for UDP sockets
inetdiag: fix kernel-infoleak for UDP sockets This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.11 by commit...
GSD-2021-1002695 inet_diag: fix kernel-infoleak for UDP sockets
inetdiag: fix kernel-infoleak for UDP sockets This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.88 by commit...
GSD-2021-1002671 inet_diag: fix kernel-infoleak for UDP sockets
inetdiag: fix kernel-infoleak for UDP sockets This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.168 by commit...
openSUSE Security Update : the Linux Kernel (openSUSE-2020-2034)
The openSUSE Leap 15.1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2020-28915: A buffer over-read at the framebuffer layer in the fbcon code could be used by local attackers to read kernel memory, aka CID-6735b4632def bnc1178886. -...
DEC Alpha Linux <= 3.0 - Local Root Exploit
No description provided by source. / DEC Alpha Linux = 3.0 local root exploit by Dan Rosenberg @djrbliss Usage: $ gcc alpha-omega.c -o alpha-omega $ ./alpha-omega Notes: -Payload specific to = 2.6.28 no cred struct, modify as needed -Socket trigger tested on 2.6.28 adjust offset as needed -INETDI...
openSUSE Security Update : kernel (openSUSE-SU-2012:0236-1)
The openSUSE 11.4 kernel was updated to fix bugs and security issues. Following security issues have been fixed: CVE-2011-4604: If root does read on a specific socket, it's possible to corrupt kernel memory over network, with an ICMP packet, if the B.A.T.M.A.N. mesh protocol is used. CVE-2011-269...