CVE-2022-23523

In versions prior to 0.8.1, the linux-loader crate uses the offsets and sizes provided in the ELF headers to determine the offsets to read from. If those offsets point beyond the end of the file this could lead to Virtual Machine Monitors using the linux-loader crate entering an infinite loop if...

CVE-2023-38486

A vulnerability in the secure boot implementation on affected Aruba 9200 and 9000 Series Controllers and Gateways allows an attacker to bypass security controls which would normally prohibit unsigned kernel images from executing. An attacker can use this vulnerability to execute arbitrary runtime...

CVE-2023-38486

A vulnerability in the secure boot implementation on affected Aruba 9200 and 9000 Series Controllers and Gateways allows an attacker to bypass security controls which would normally prohibit unsigned kernel images from executing. An attacker can use this vulnerability to execute arbitrary...

CVE-2023-38486

The CVE-2023-38486 entry describes a flaw in the secure boot implementation on Aruba 9200 and 9000 Series Controllers and Gateways. The issue allows bypassing the secure-boot protections that normally prohibit unsigned kernel images from executing, enabling an attacker to run arbitrary runtime op...

CVE-2023-38486 Hardware Root of Trust Bypass in 9200 and 9000 Series Controllers and Gateways

A vulnerability in the secure boot implementation on affected Aruba 9200 and 9000 Series Controllers and Gateways allows an attacker to bypass security controls which would normally prohibit unsigned kernel images from executing. An attacker can use this vulnerability to execute arbitrary...

CVE-2023-38486 Hardware Root of Trust Bypass in 9200 and 9000 Series Controllers and Gateways

A vulnerability in the secure boot implementation on affected Aruba 9200 and 9000 Series Controllers and Gateways allows an attacker to bypass security controls which would normally prohibit unsigned kernel images from executing. An attacker can use this vulnerability to execute arbitrary...

PT-2023-26466 · Aruba · Aruba 9000 Series Gateways +3

Name of the Vulnerable Software and Affected Versions: Aruba 9200 and 9000 Series Controllers and Gateways affected versions not specified Description: A vulnerability in the secure boot implementation allows an attacker to bypass security controls, which would normally prohibit unsigned kernel...

CVE-2022-23523

In versions prior to 0.8.1, the linux-loader crate uses the offsets and sizes provided in the ELF headers to determine the offsets to read from. If those offsets point beyond the end of the file this could lead to Virtual Machine Monitors using the linux-loader crate entering an infinite loop if...

GHSA-52H2-M2CF-9JH6 linux-loader reading beyond EOF could lead to infinite loop

Impact The linux-loader crate used the offsets and sizes provided in the ELF headers to determine the offsets to read from. If those offsets pointed beyond the end of the file this could lead to an infinite loop. Virtual Machine Monitors using the linux-loader crate could enter an infinite loop i...

Scientific Linux Security Update : xen on SL5.x i386/x86_64 (20120731)

The xen packages contain administration tools and the xend service for managing the kernel-xen kernel for virtualization on Scientific Linux. A flaw was found in the way the pyGrub boot loader handled compressed kernel images. A privileged guest user in a para-virtualized guest a DomU could use...

Debian DSA-1592-1 : linux-2.6 - heap overflow

Two vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or arbitrary code execution. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-1673 Wei Wang from McAfee reported a potential heap overflow in the ASN.1...

Ubuntu 4.10 : linux-source-2.6.8.1 vulnerability (USN-39-1)

USN-30-1 fixed several flaws in the Linux ELF binary loader's handling of setuid binaries. Unfortunately it was found that these patches were not sufficient to prevent all possible attacks on 64-bit platforms, so previous amd64 kernel images were still vulnerable to root privilege escalation if...

PT-2004-3658 · Debian +3 · Debian +3

Name of the Vulnerable Software and Affected Versions: usbvision-kmp-default versions affected versions not specified usbvision-kmp-bigsmp versions affected versions not specified usbvision-kmp-xenpae versions affected versions not specified usbvision-kmp-xen versions affected versions not...