2811 matches found
About the security content of iOS 13.3.1 and iPadOS 13.3.1 - Apple Support
About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...
USN-4390-1: Linux kernel vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Description It was discovered that the F2FS file system implementation in the Linux kernel did not properly perform bounds checking on xattrs in some situations. A local attacker could possibly use this to expose...
SUSE SLES12 Security Update : kernel (SUSE-SU-2020:1486-1)
This update for the Linux Kernel 4.4.121-92129 fixes several issues. The following security issues were fixed : CVE-2020-12653: Fixed a buffer overflow in mwifiexcmdappendvsietlv which could have allowed local users to gain privileges or cause a denial of service bsc1171254. CVE-2020-12654: Fixed...
USN-4391-1: Linux kernel vulnerabilities
It was discovered that the ext4 file system implementation in the Linux kernel did not properly handle setxattr operations in some situations. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2019-19319 It was discovered that memory...
USN-4390-1: Linux kernel vulnerabilities
It was discovered that the F2FS file system implementation in the Linux kernel did not properly perform bounds checking on xattrs in some situations. A local attacker could possibly use this to expose sensitive information kernel memory. CVE-2020-0067 It was discovered that memory contents...
USN-4390-1 linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities
It was discovered that the F2FS file system implementation in the Linux kernel did not properly perform bounds checking on xattrs in some situations. A local attacker could possibly use this to expose sensitive information kernel memory. CVE-2020-0067 It was discovered that memory contents...
Ubuntu: Security Advisory (USN-4390-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-4388-1)
The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4388-1 advisory. It was discovered that the F2FS file system implementation in the Linux kernel did not properly perform bounds checking on xattrs in some situations. A...
Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-4390-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4390-1 advisory. It was discovered that the F2FS file system implementation in the Linux kernel did not properly perform bounds checking on xattrs in some...
Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-4391-1)
The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4391-1 advisory. It was discovered that the ext4 file system implementation in the Linux kernel did not properly handle setxattr operations in some situations. A local...
USN-4388-1: Linux kernel vulnerabilities
It was discovered that the F2FS file system implementation in the Linux kernel did not properly perform bounds checking on xattrs in some situations. A local attacker could possibly use this to expose sensitive information kernel memory. CVE-2020-0067 It was discovered that memory contents...
Amazon Linux 2 : kernel (ALAS-2020-1431)
The version of kernel installed on the remote host is prior to 4.14.181-140.257. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1431 advisory. In the Linux kernel 5.0.21, a setxattr operation, after a mount of a crafted ext4 image, can cause a slab-...
Amazon Linux AMI : kernel (ALAS-2020-1377)
The version of kernel installed on the remote host is prior to 4.14.181-108.257. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1377 advisory. In the Linux kernel 5.0.21, a setxattr operation, after a mount of a crafted ext4 image, can cause a slab-...
CVE-2020-3220
A vulnerability in the hardware crypto driver of Cisco IOS XE Software for Cisco 4300 Series Integrated Services Routers and Cisco Catalyst 9800-L Wireless Controllers could allow an unauthenticated, remote attacker to disconnect legitimate IPsec VPN sessions to an affected device. The...
Design/Logic Flaw
A vulnerability in the hardware crypto driver of Cisco IOS XE Software for Cisco 4300 Series Integrated Services Routers and Cisco Catalyst 9800-L Wireless Controllers could allow an unauthenticated, remote attacker to disconnect legitimate IPsec VPN sessions to an affected device. The...
CVE-2020-3220 Cisco IOS XE Software IPsec VPN Denial of Service Vulnerability
A vulnerability in the hardware crypto driver of Cisco IOS XE Software for Cisco 4300 Series Integrated Services Routers and Cisco Catalyst 9800-L Wireless Controllers could allow an unauthenticated, remote attacker to disconnect legitimate IPsec VPN sessions to an affected device. The...
CVE-2020-3220
The CVE-2020-3220 issue affects Cisco IOS XE Software on Cisco 4300 Series ISRs and Cisco Catalyst 9800-L Wireless Controllers, where the hardware crypto driver fails to properly verify ESP packet authenticity. This can allow an unauthenticated, remote attacker to perform a man-in-the-middle tamp...
CVE-2020-3220 Cisco IOS XE Software IPsec VPN Denial of Service Vulnerability
A vulnerability in the hardware crypto driver of Cisco IOS XE Software for Cisco 4300 Series Integrated Services Routers and Cisco Catalyst 9800-L Wireless Controllers could allow an unauthenticated, remote attacker to disconnect legitimate IPsec VPN sessions to an affected device. The...
Cisco IOS XE Software IPsec VPN Denial of Service Vulnerability
A vulnerability in the hardware crypto driver of Cisco IOS XE Software for Cisco 4300 Series Integrated Services Routers and Cisco Catalyst 9800-L Wireless Controllers could allow an unauthenticated, remote attacker to disconnect legitimate IPsec VPN sessions to an affected device. The...
Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2020-1618)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...