188 matches found
Linux Distros Unpatched Vulnerability : CVE-2008-4996
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - init in initramfs-tools 0.92f allows local users to overwrite arbitrary files via a symlink attack on the /tmp/initramfs.debug temporary file. NOTE: the vendor...
Linux Distros Unpatched Vulnerability : CVE-2016-8637
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A local information disclosure issue was found in dracut before 045 when generating initramfs images with world-readable permissions when 'early cpio' is used,...
CVE-2008-4996
init in initramfs-tools 0.92f allows local users to overwrite arbitrary files via a symlink attack on the /tmp/initramfs.debug temporary file. NOTE: the vendor disputes this vulnerability, stating that "init is used in a single-user context; there's no possibility that this is exploitable...
kernel: initramfs: avoid filename buffer overrun
In the Linux kernel, the following vulnerability has been resolved: initramfs: avoid filename buffer overrun The initramfs filename field is defined in Documentation/driver-api/early-userspace/buffer-format.rst as: 37 cpiofile := ALGN4 + cpioheader + filename + "\0" + ALGN4 + data ... 55...
Oracle Linux VM Restored to Azure Fails to Boot
Challenge After restoring a VM to Azure that ran Oracle Linux, that VM fails to boot. Cause Some Oracle Linux deployments may not include the Hyper-V-related UEK Unbreakable Enterprise Kernel modules, such as: hvvmbus hvstorvsc hvutils hvnetvsc When these modules are missing, issues can occur...
The vulnerability of the do_name() function in the init/initramfs.c module of the Linux kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the doname function in the init/initramfs.c module of the Linux kernel is related to memory allocation beyond the bounds of the allocated buffer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the...
Linux Distros Unpatched Vulnerability : CVE-2024-53142
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - initramfs: avoid filename buffer overrun The initramfs filename field is defined in Documentation/driver- api/early-userspace/buffer-format.rst as: 37 cpiofile ...
CLSA-2025-1739525834 kernel: Fix of 24 CVEs
media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat CVE-2024-53104 - wifi: ath9k: add range check for connrspepid in htcconnectservice CVE-2024-53156 - xsk: fix OOB map writes when deleting elements CVE-2024-56614 - hvsock: Initializing vsk-trans to NULL to prevent a...
CLSA-2025-1739525795 kernel: Fix of 24 CVEs
media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat CVE-2024-53104 - wifi: ath9k: add range check for connrspepid in htcconnectservice CVE-2024-53156 - xsk: fix OOB map writes when deleting elements CVE-2024-56614 - hvsock: Initializing vsk-trans to NULL to prevent a...
CLSA-2025-1739292069 kernel: Fix of 13 CVEs
media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat CVE-2024-53104 - btrfs: fix information leak in btrfsioctllogicaltoino CVE-2024-35849 - net: afcan: do not leave a dangling sk pointer in cancreate CVE-2024-56603 - netfilter: xtables: fix LED ID check in ledtgcheck...
CLSA-2025-1738672047 kernel: Fix of 15 CVEs
drm/amdgpu: add missing size check in amdgpudebugfsgprwaveread CVE-2024-50282 - drm/amdgpu: fix usage slab after free CVE-2024-56551 - Bluetooth: L2CAP: fix use-after-free in l2capconndel CVE-2022-3640 - netfilter: ipset: add missing range check in bitmapipuadt CVE-2024-53141 - ceph: prevent...
CLSA-2025-1738592614 kernel: Fix of 26 CVEs
xsk: fix OOB map writes when deleting elements CVE-2024-56614 - hvsock: Initializing vsk-trans to NULL to prevent a dangling pointer CVE-2024-53103 - scsi: sg: Fix slab-use-after-free read in sgrelease CVE-2024-56631 - net: inet: do not leave a dangling sk pointer in inetcreate CVE-2024-56601 -...
initramfs: avoid filename buffer overrun
...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix fortify source warning while accessing Eth segment CVE-2024-26907 In the Linux kernel, the following vulnerability has been resolved: i3c: Use i3cdev-desc-info instead of calling i3cdevicegetinfo to...
CVE-2024-53142
In the Linux kernel, the following vulnerability has been resolved: initramfs: avoid filename buffer overrun The initramfs filename field is defined in Documentation/driver-api/early-userspace/buffer-format.rst as: 37 cpiofile := ALGN4 + cpioheader + filename + "\0" + ALGN4 + data ... 55...
SUSE CVE-2024-53142
In the Linux kernel, the following vulnerability has been resolved: initramfs: avoid filename buffer overrun The initramfs filename field is defined in Documentation/driver-api/early-userspace/buffer-format.rst as: 37 cpiofile := ALGN4 + cpioheader + filename + "\0" + ALGN4 + data ... 55...
CVE-2024-53142
In the Linux kernel, the following vulnerability has been resolved: initramfs: avoid filename buffer overrun The initramfs filename field is defined in Documentation/driver-api/early-userspace/buffer-format.rst as: 37 cpiofile := ALGN4 + cpioheader + filename + "\0" + ALGN4 + data ... 55...
AZL-54087 CVE-2024-53142 affecting package kernel for versions less than 5.15.176.3-1
In the Linux kernel, the following vulnerability has been resolved: initramfs: avoid filename buffer overrun The initramfs filename field is defined in Documentation/driver-api/early-userspace/buffer-format.rst as: 37 cpiofile := ALGN4 + cpioheader + filename + "\0" + ALGN4 + data ... 55...
DEBIAN-CVE-2024-53142
In the Linux kernel, the following vulnerability has been resolved: initramfs: avoid filename buffer overrun The initramfs filename field is defined in Documentation/driver-api/early-userspace/buffer-format.rst as: 37 cpiofile := ALGN4 + cpioheader + filename + "\0" + ALGN4 + data ... 55...
AZL-54094 CVE-2024-53142 affecting package kernel for versions less than 6.6.64.2-1
In the Linux kernel, the following vulnerability has been resolved: initramfs: avoid filename buffer overrun The initramfs filename field is defined in Documentation/driver-api/early-userspace/buffer-format.rst as: 37 cpiofile := ALGN4 + cpioheader + filename + "\0" + ALGN4 + data ... 55...