2808 matches found
USN-4391-1: Linux kernel vulnerabilities
It was discovered that the ext4 file system implementation in the Linux kernel did not properly handle setxattr operations in some situations. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2019-19319 It was discovered that memory...
USN-4390-1: Linux kernel vulnerabilities
It was discovered that the F2FS file system implementation in the Linux kernel did not properly perform bounds checking on xattrs in some situations. A local attacker could possibly use this to expose sensitive information kernel memory. CVE-2020-0067 It was discovered that memory contents...
USN-4390-1 linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities
It was discovered that the F2FS file system implementation in the Linux kernel did not properly perform bounds checking on xattrs in some situations. A local attacker could possibly use this to expose sensitive information kernel memory. CVE-2020-0067 It was discovered that memory contents...
Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-4391-1)
The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4391-1 advisory. It was discovered that the ext4 file system implementation in the Linux kernel did not properly handle setxattr operations in some situations. A local...
Ubuntu: Security Advisory (USN-4390-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-4388-1)
The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4388-1 advisory. It was discovered that the F2FS file system implementation in the Linux kernel did not properly perform bounds checking on xattrs in some situations. A...
Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-4390-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4390-1 advisory. It was discovered that the F2FS file system implementation in the Linux kernel did not properly perform bounds checking on xattrs in some...
USN-4388-1: Linux kernel vulnerabilities
It was discovered that the F2FS file system implementation in the Linux kernel did not properly perform bounds checking on xattrs in some situations. A local attacker could possibly use this to expose sensitive information kernel memory. CVE-2020-0067 It was discovered that memory contents...
Amazon Linux AMI : kernel (ALAS-2020-1377)
The version of kernel installed on the remote host is prior to 4.14.181-108.257. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1377 advisory. In the Linux kernel 5.0.21, a setxattr operation, after a mount of a crafted ext4 image, can cause a slab-...
Amazon Linux 2 : kernel (ALAS-2020-1431)
The version of kernel installed on the remote host is prior to 4.14.181-140.257. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1431 advisory. In the Linux kernel 5.0.21, a setxattr operation, after a mount of a crafted ext4 image, can cause a slab-...
CVE-2020-3220
A vulnerability in the hardware crypto driver of Cisco IOS XE Software for Cisco 4300 Series Integrated Services Routers and Cisco Catalyst 9800-L Wireless Controllers could allow an unauthenticated, remote attacker to disconnect legitimate IPsec VPN sessions to an affected device. The...
Design/Logic Flaw
A vulnerability in the hardware crypto driver of Cisco IOS XE Software for Cisco 4300 Series Integrated Services Routers and Cisco Catalyst 9800-L Wireless Controllers could allow an unauthenticated, remote attacker to disconnect legitimate IPsec VPN sessions to an affected device. The...
CVE-2020-3220 Cisco IOS XE Software IPsec VPN Denial of Service Vulnerability
A vulnerability in the hardware crypto driver of Cisco IOS XE Software for Cisco 4300 Series Integrated Services Routers and Cisco Catalyst 9800-L Wireless Controllers could allow an unauthenticated, remote attacker to disconnect legitimate IPsec VPN sessions to an affected device. The...
CVE-2020-3220 Cisco IOS XE Software IPsec VPN Denial of Service Vulnerability
A vulnerability in the hardware crypto driver of Cisco IOS XE Software for Cisco 4300 Series Integrated Services Routers and Cisco Catalyst 9800-L Wireless Controllers could allow an unauthenticated, remote attacker to disconnect legitimate IPsec VPN sessions to an affected device. The...
CVE-2020-3220
The CVE-2020-3220 issue affects Cisco IOS XE Software on Cisco 4300 Series ISRs and Cisco Catalyst 9800-L Wireless Controllers, where the hardware crypto driver fails to properly verify ESP packet authenticity. This can allow an unauthenticated, remote attacker to perform a man-in-the-middle tamp...
Cisco IOS XE Software IPsec VPN Denial of Service Vulnerability
A vulnerability in the hardware crypto driver of Cisco IOS XE Software for Cisco 4300 Series Integrated Services Routers and Cisco Catalyst 9800-L Wireless Controllers could allow an unauthenticated, remote attacker to disconnect legitimate IPsec VPN sessions to an affected device. The...
Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2020-1618)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2020:1486-1 Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP2)
This update for the Linux Kernel 4.4.121-92129 fixes several issues. The following security issues were fixed: - CVE-2020-12653: Fixed a buffer overflow in mwifiexcmdappendvsietlv which could have allowed local users to gain privileges or cause a denial of service bsc1171254. - CVE-2020-12654:...
SUSE-SU-2020:1452-1 Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP1)
This update for the Linux Kernel 4.12.14-19740 fixes several issues. The following security issues were fixed: - CVE-2020-12653: Fixed a buffer overflow in mwifiexcmdappendvsietlv which could have allowed local users to gain privileges or cause a denial of service bsc1171254. - CVE-2020-12654:...
Huawei Data Communication: Multiple Vulnerabilities in IPsec IKE implementations of Huawei Firewall Products (huawei-sa-20180411-01-Bleichenbacher)
There is a Bleichenbacher Oracle vulnerability in the IPSEC IKEv1 implementations of Huawei Firewall products. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier...