Lucene search
K

80 matches found

Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.26 views

Rocky Linux 8 : shim (RLSA-2021:1734)

The remote Rocky Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RLSA-2021:1734 advisory. - A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw...

8.2CVSS7.8AI score0.01738EPSS
Exploits0References15
SUSE CVE
SUSE CVE
added 2023/05/20 2:16 a.m.5 views

SUSE CVE-2023-32246

In the Linux kernel, the following vulnerability has been resolved: ksmbd: call rcubarrier in ksmbdserverexit racy issue is triggered the bug by racing between closing a connection and rmmod. In ksmbd, rcubarrier is not called at module unload time, so nothing prevents ksmbd from getting unloaded...

5.5CVSS6.6AI score0.00157EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:57 a.m.6 views

SUSE CVE-2020-14372

A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table SSDT containing code to overwrite the Linux kernel lockdow...

7.5CVSS6.6AI score0.01738EPSS
Exploits0References24
SUSE CVE
SUSE CVE
added 2023/02/15 3:29 a.m.10 views

SUSE CVE-2022-21505

In the linux kernel, if IMA appraisal is used with the "imaappraise=log" boot param, lockdown can be defeated with kexec on any machine when Secure Boot is disabled or unavailable. IMA prevents setting "imaappraise=log" from the boot param when Secure Boot is enabled, but this does not cover case...

6.7CVSS6.9AI score0.002EPSS
Exploits0References17
Oracle linux
Oracle linux
added 2022/11/22 12:0 a.m.23 views

ignition security, bug fix, and enhancement update

2.14.0-1 - New release - Add ignition-apply symlink - Add ignition-rmcfg symlink and ignition-delete-config.service 2.13.0-2 - Rename -validate-nonlinux subpackage to -validate-redistributable - Add static Linux binaries to -redistributable - Fix macro invocation in comment - Avoid kernel lockdow...

6.5CVSS2.5AI score0.01158EPSS
Exploits0
Amazon
Amazon
added 2022/09/12 12:0 a.m.10 views

Medium: kernel

Issue Overview: An out-of-bounds read flaw was found in the Linux kernel's TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flushtoldisc function. This flaw allows a local user...

7.5CVSS5AI score0.05542EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2022/08/23 12:0 a.m.64 views

Amazon Linux 2 : kernel (ALASKERNEL-5.15-2022-006)

The version of kernel installed on the remote host is prior to 5.15.57-29.131. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2022-006 advisory. A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary...

7.8CVSS7.4AI score0.04947EPSS
Exploits1References14
OSV
OSV
added 2022/08/10 7:23 a.m.12 views

SUSE-SU-2022:2741-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-36946: Fixed an incorrect packet trucation operation which could lead to denial of service bnc1201940. - CVE-2022-29581: Fixed improper update of reference...

7.8CVSS7.9AI score0.05542EPSS
Exploits11References48
OpenVAS
OpenVAS
added 2022/08/08 12:0 a.m.32 views

Mageia: Security Advisory (MGASA-2022-0279)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.5AI score0.04947EPSS
Exploits1References8
OSV
OSV
added 2022/07/30 11:4 a.m.6 views

OESA-2022-1794 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: The Linux kernel was found vulnerable out of bounds memory access in the drivers/video/fbdev/sm712fb.c:smtcfbread function. The vulnerability could result in local attackers being able to crash the kernel.CVE-2022-2380 In USB...

6.7CVSS6.3AI score0.00215EPSS
Exploits0References4
OSV
OSV
added 2022/07/21 12:4 a.m.4 views

SUSE-SU-2022:2461-1 Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-15020024112 fixes several issues. The following security issues were fixed: - CVE-2022-20154: Fixed a use after free due to a race condition in locksocknested of sock.c. This could lead to local escalation of privilege with System execution privileges neede...

7CVSS7.4AI score0.00612EPSS
Exploits0References7
OSV
OSV
added 2022/07/20 2:4 a.m.7 views

SUSE-SU-2022:2446-1 Security update for the Linux Kernel (Live Patch 22 for SLE 12 SP4)

This update for the Linux Kernel 4.12.14-9580 fixes several issues. The following security issues were fixed: - CVE-2022-20154: Fixed a use after free due to a race condition in locksocknested of sock.c. This could lead to local escalation of privilege with System execution privileges needed...

7CVSS7.4AI score0.00612EPSS
Exploits0References7
OSV
OSV
added 2022/07/19 9:4 p.m.11 views

SUSE-SU-2022:2444-1 Security update for the Linux Kernel (Live Patch 23 for SLE 12 SP4)

This update for the Linux Kernel 4.12.14-9583 fixes several issues. The following security issues were fixed: - CVE-2022-20154: Fixed a use after free due to a race condition in locksocknested of sock.c. This could lead to local escalation of privilege with System execution privileges needed...

7CVSS7.4AI score0.00612EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2022/07/19 5:0 p.m.36 views

CVE-2022-21505

In the linux kernel, if IMA appraisal is used with the "imaappraise=log" boot param, lockdown can be defeated with kexec on any machine when Secure Boot is disabled or unavailable. IMA prevents setting "imaappraise=log" from the boot param when Secure Boot is enabled, but this does not cover case...

6.7CVSS6.7AI score0.002EPSS
Exploits0References3
OSV
OSV
added 2022/07/19 3:33 p.m.6 views

SUSE-SU-2022:2438-1 Security update for the Linux Kernel (Live Patch 30 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122116 fixes several issues. The following security issues were fixed: - CVE-2022-20154: Fixed a use after free due to a race condition in locksocknested of sock.c. This could lead to local escalation of privilege with System execution privileges needed...

7CVSS7.4AI score0.00612EPSS
Exploits0References7
OSV
OSV
added 2022/06/20 8:31 a.m.7 views

SUSE-SU-2022:2116-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated. The following security bugs were fixed: - CVE-2022-21127: Fixed a stale MMIO data transient which can be exploited to speculatively/transiently disclose information via spectre like attacks. bsc1199650 - CVE-2022-21123: Fixed a stale MMIO data...

7.8CVSS8.1AI score0.06451EPSS
Exploits8References61
OSV
OSV
added 2022/06/14 7:7 p.m.7 views

SUSE-SU-2022:2082-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP3 kernel was updated to 3.12.31 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-21127: Fixed a stale MMIO data transient which can be exploited to speculatively/transiently disclose information via spectre like attacks...

9.8CVSS7.3AI score0.06451EPSS
Exploits6References67
OSV
OSV
added 2022/06/09 9:15 p.m.3 views

DEBIAN-CVE-2022-21499

KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is triggered. CVSS 3.1 Base Score 6.7...

6.7CVSS6.3AI score0.00612EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2021/09/28 2:40 p.m.6 views

grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled

A flaw was found in GRUB 2, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table SSDT containing code to overwrite the Linux kernel lockdown variable content direct...

7.5CVSS5.8AI score0.01738EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/07/20 10:22 p.m.6 views

grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled

A flaw was found in GRUB 2, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table SSDT containing code to overwrite the Linux kernel lockdown variable content direct...

7.5CVSS5.8AI score0.01738EPSS
Exploits0References5
Rows per page
Query Builder