Lucene search
K

105 matches found

Tenable Nessus
Tenable Nessus
added 2022/04/25 12:0 a.m.50 views

EulerOS 2.0 SP5 : kernel (EulerOS-SA-2022-1523)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An out of memory bounds write flaw 1 or 2 bytes of memory in the Linux kernel NFS subsystem was found in the way users use mirroring replication...

8CVSS7AI score0.05528EPSS
Exploits12References7
RedhatCVE
RedhatCVE
added 2022/03/24 7:9 p.m.20 views

CVE-2021-39648

In gadgetdevdescUDCshow of configfs.c, there is a possible disclosure of kernel heap memory due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

4.1CVSS3.5AI score0.00161EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2022/02/22 12:0 a.m.52 views

SUSE SLES15: cluster-md-kmp-rt / dlm-kmp-rt / gfs2-kmp-rt / kernel-devel-rt / etc (SUSE-SU-2022:0543-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0543-1 advisory. The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: -...

9CVSS7.4AI score0.67994EPSS
Exploits11References57
OSV
OSV
added 2022/02/21 12:51 p.m.9 views

SUSE-SU-2022:0543-1 Security update for the Linux RT Kernel

The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-0435: Fixed remote stack overflow in net/tipc module that validate domain record count on input bsc1195254. - CVE-2022-0286: Fixed null pointer...

7.8CVSS8.2AI score0.05918EPSS
Exploits9References48
OSV
OSV
added 2022/02/11 8:25 a.m.14 views

SUSE-SU-2022:0372-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-0435: Fixed remote stack overflow in net/tipc module that validate domain record count on input bsc1195254. - CVE-2021-3564: Fixed double-free...

9CVSS7.3AI score0.67994EPSS
Exploits10References55
OSV
OSV
added 2022/02/10 4:1 p.m.10 views

SUSE-SU-2022:0363-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-0435: Fixed remote stack overflow in net/tipc module that validate domain record count on input bsc1195254. - CVE-2022-0330: Fixed flush TLBs befo...

9CVSS7.8AI score0.67994EPSS
Exploits13References45
NVD
NVD
added 2021/12/15 7:15 p.m.15 views

CVE-2021-39648

In gadgetdevdescUDCshow of configfs.c, there is a possible disclosure of kernel heap memory due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

4.1CVSS0.00161EPSS
Exploits0References1
NVD
NVD
added 2021/12/15 7:15 p.m.20 views

CVE-2021-1042

In dsipaneldebugfsreadcmdset of dsipanel.c, there is a possible disclosure of freed kernel heap memory due to a use after free. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Androi...

4.4CVSS0.00119EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2021/12/15 7:15 p.m.35 views

CVE-2021-39648

In gadgetdevdescUDCshow of configfs.c, there is a possible disclosure of kernel heap memory due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

4.1CVSS7AI score0.00161EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2021/12/15 6:5 p.m.29 views

CVE-2021-39648

In gadgetdevdescUDCshow of configfs.c, there is a possible disclosure of kernel heap memory due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

4.1CVSS5.6AI score0.00161EPSS
Exploits0
CVE
CVE
added 2021/12/15 6:5 p.m.77 views

CVE-2021-1042

CVE-2021-1042 affects the Android kernel component dsi_panel.c (function dsi_panel_debugfs_read_cmdset). It describes a use-after-free that can disclose freed kernel heap memory, enabling local information disclosure with system privileges (no user interaction required). Connected sources (NVD, R...

4.4CVSS4.2AI score0.00119EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2021/12/01 12:0 a.m.11 views

PUB-A-160822094

In gadgetdevdescUDCshow of configfs.c, there is a possible disclosure of kernel heap memory due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation...

4.1CVSS5.3AI score0.00161EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/02/19 12:0 a.m.58 views

Amazon Linux 2 : kernel (ALAS-2021-1600)

The version of kernel installed on the remote host is prior to 4.14.219-161.340. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2021-1600 advisory. 2024-05-23: CVE-2023-1390 was added to this advisory. A use-after-free flaw was found in kernel/trace/ringbuffer.c...

8.1CVSS6.7AI score0.06563EPSS
Exploits1References16
ATTACKERKB
ATTACKERKB
added 2020/08/06 12:0 a.m.42 views

CVE-2020-7460

In FreeBSD 12.1-STABLE before r363918, 12.1-RELEASE before p8, 11.4-STABLE before r363919, 11.4-RELEASE before p2, and 11.3-RELEASE before p12, the sendmsg system call in the compat32 subsystem on 64-bit platforms has a time-of-check to time-of-use vulnerability allowing a mailcious userspace...

7CVSS2.9AI score0.00721EPSS
Exploits0References4
seebug.org
seebug.org
added 2017/12/15 12:0 a.m.50 views

MacOS getrusage stack leak through struct padding(CVE-2017-13869)

For 64-bit processes, the getrusage syscall handler converts a struct rusage to a struct user64rusage using mungeuser64rusage, then copies the struct user64rusage to userspace: int getrusagestruct proc p, struct getrusageargs uap, unused int32t retval struct rusage rup, rubuf; struct user64rusage...

6.6AI score0.04736EPSS
Exploits3
exploitpack
exploitpack
added 2017/12/11 12:0 a.m.28 views

Apple macOS - getrusage Stack Leak Through struct Padding

Apple macOS - getrusage Stack Leak Through struct Padding / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1405 For 64-bit processes, the getrusage syscall handler converts a struct rusage to a struct user64rusage using mungeuser64rusage, then copies the struct user64rusage to...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2017/12/11 12:0 a.m.35 views

Apple macOS - 'getrusage' Stack Leak Through struct Padding

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1405 For 64-bit processes, the getrusage syscall handler converts a struct rusage to a struct user64rusage using mungeuser64rusage, then copies the struct user64rusage to userspace: int getrusagestruct proc p, struct getrusagearg...

7.4AI score
Exploits0
NVD
NVD
added 2017/10/04 1:29 a.m.20 views

CVE-2017-14991

The sgioctl function in drivers/scsi/sg.c in the Linux kernel before 4.13.4 allows local users to obtain sensitive information from uninitialized kernel heap-memory locations via an SGGETREQUESTTABLE ioctl call for /dev/sg0...

5.5CVSS4.9AI score0.00414EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2017/10/03 7:0 a.m.32 views

CVE-2017-14991

The sgioctl function in drivers/scsi/sg.c in the Linux kernel before 4.13.4 allows local users to obtain sensitive information from uninitialized kernel heap-memory locations via an SGGETREQUESTTABLE ioctl call for /dev/sg0...

5.5CVSS6.2AI score0.00414EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2017/10/03 12:0 a.m.29 views

CVE-2017-14991

The sgioctl function in drivers/scsi/sg.c in the Linux kernel before 4.13.4 allows local users to obtain sensitive information from uninitialized kernel heap-memory locations via an SGGETREQUESTTABLE ioctl call for /dev/sg0...

5.5CVSS6.8AI score0.00414EPSS
Exploits0References5
Rows per page
Query Builder