EUVD-2021-26916

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2021-3612

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl...

K01311313: Linux kernel vulnerability CVE-2021-3612

Security Advisory Description An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the...

kernel: joydev: zero size passed to joydev_handle_JSIOCSBTNMAP()

An out-of-bounds memory write flaw was found in the Linux kernel’s joystick devices subsystem, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to...

NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Vulnerability (NS-SA-2022-0015)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel packages installed that are affected by a vulnerability: - An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl...

NewStart CGSL MAIN 6.02 : kernel Vulnerability (NS-SA-2022-0068)

The remote NewStart CGSL host, running version MAIN 6.02, has kernel packages installed that are affected by a vulnerability: - An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP...

NewStart CGSL CORE 5.05 / MAIN 5.05 : kernel Multiple Vulnerabilities (NS-SA-2022-0040)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has kernel packages installed that are affected by multiple vulnerabilities: - An issue was discovered in the Linux kernel before 4.14.11. A double free may be caused by the function allocatetracebuffer in the file...

Debian DLA-2843-1 : linux - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2843 advisory. - Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached dccpshctxccid object as a listene...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel (Raspberry Pi) vulnerabilities (USN-5071-3)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5071-3 advisory. It was discovered that the KVM hypervisor implementation in the Linux kernel did not properly perform reference counting in some situations,...

Ubuntu 16.04 ESM / 18.04 LTS : Linux kernel (GCP) vulnerabilities (USN-5073-2)

The remote Ubuntu 16.04 ESM / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5073-2 advisory. Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM ...

Ubuntu 16.04 ESM / 18.04 LTS : Linux kernel vulnerabilities (USN-5073-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5073-1 advisory. Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM ...

Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-5070-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5070-1 advisory. Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable...

Security update for the Linux Kernel (important)

openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2021:2687-1 Rating: important References: 1065729 1085224 1094840 1113295 1152472 1152489 1153274 1154353 1155518 1156395 1170511 1176447 1176940 1179243 1180092 1180814 1183871 1184114 1184350 1184631...

openSUSE: Security Advisory for the (openSUSE-SU-2021:2645-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE SLES15 Security Update : kernel (SUSE-SU-2021:2645-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2645-1 advisory. - An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54. The latest version...

Security update for the Linux Kernel (important)

openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2021:2645-1 Rating: important References: 1065729 1085224 1094840 1113295 1152472 1152489 1153274 1154353 1155518 1156395 1170511 1176447 1176940 1179243 1180092 1180814 1183871 1184114 1184350 1184631...

openSUSE 15 Security Update : kernel (openSUSE-SU-2021:1076-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1076-1 advisory. - A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/xtables.c. This allows an attacker to gain...

SUSE SLES15 Security Update : kernel (SUSE-SU-2021:2408-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2408-1 advisory. - A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/xtables.c. This allows an attacker to gain...

[ASA-202107-50] linux-hardened: privilege escalation

Arch Linux Security Advisory ASA-202107-50 ========================================== Severity: High Date : 2021-07-21 CVE-ID : CVE-2021-3609 CVE-2021-3612 CVE-2021-33909 Package : linux-hardened Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-2183 Summary ======...

SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2021:2416-1)

The remote SUSE Linux SLED12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2416-1 advisory. - An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after- free because th...