Lucene search
K

80 matches found

RedHat Linux
RedHat Linux
added 2021/03/02 7:28 p.m.3 views

grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled

A flaw was found in GRUB 2, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table SSDT containing code to overwrite the Linux kernel lockdown variable content direct...

7.5CVSS5.8AI score0.01738EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/03/02 7:23 p.m.5 views

grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled

A flaw was found in GRUB 2, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table SSDT containing code to overwrite the Linux kernel lockdown variable content direct...

7.5CVSS5.8AI score0.01738EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/03/02 7:19 p.m.4 views

grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled

A flaw was found in GRUB 2, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table SSDT containing code to overwrite the Linux kernel lockdown variable content direct...

7.5CVSS5.8AI score0.01738EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2021/03/02 6:3 p.m.50 views

CVE-2020-14372

A flaw was found in GRUB 2, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table SSDT containing code to overwrite the Linux kernel lockdown variable content direct...

7.5CVSS7.2AI score0.01738EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2021/03/02 6:0 p.m.38 views

CVE-2020-14372

A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table SSDT containing code to overwrite the Linux kernel lockdow...

7.5CVSS6.8AI score0.01738EPSS
Exploits0References2
OSV
OSV
added 2021/03/02 6:0 p.m.1 views

UBUNTU-CVE-2020-14372

A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table SSDT containing code to overwrite the Linux kernel lockdow...

7.5CVSS6.8AI score0.01738EPSS
Exploits0References3
Cloud Foundry
Cloud Foundry
added 2021/02/10 12:0 a.m.51 views

USN-4680-1: Linux kernel vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Description It was discovered that debugfs in the Linux kernel as used by blktrace contained a use-after-free in some situations. A privileged local attacker could possibly use this to cause a denial of service syste...

8.2CVSS7.9AI score0.06692EPSS
Exploits10Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/01/06 12:0 a.m.56 views

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-4680-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4680-1 advisory. It was discovered that debugfs in the Linux kernel as used by blktrace contained a use-after-free in some situations. A privileged local...

8.2CVSS7.2AI score0.06692EPSS
Exploits10References10
Positive Technologies
Positive Technologies
added 2020/08/27 12:0 a.m.12 views

PT-2020-6588 · Grub2 +10 · Grub2 +10

Name of the Vulnerable Software and Affected Versions: grub2 versions prior to 2.06 Description: A flaw was found in grub2 where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System...

8.2CVSS6.9AI score0.04153EPSS
Exploits2References172
RedHat Linux
RedHat Linux
added 2020/07/29 8:19 p.m.8 views

kernel: lockdown: bypass through ACPI write via efivar_ssdt

A flaw was found in how the ACPI table loading through the EFI variable and the related efivarssdt boot option was handled when the Linux kernel was locked down. This flaw allows a root privileged local user to circumvent the kernel lockdown restrictions. The highest threat from this vulnerabilit...

6.9CVSS7.1AI score0.00514EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2020/07/29 8:19 p.m.5 views

kernel: lockdown: bypass through ACPI write via acpi_configfs

A flaw was found in how the ACPI table loading through acpiconfigfs was handled when the kernel was locked down. This flaw allows a root privileged local user to circumvent the kernel lockdown restrictions. The highest threat from this vulnerability is to data confidentiality and integrity as wel...

7.2CVSS7.1AI score0.01314EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2020/07/29 7:40 p.m.4 views

kernel: lockdown: bypass through ACPI write via efivar_ssdt

A flaw was found in how the ACPI table loading through the EFI variable and the related efivarssdt boot option was handled when the Linux kernel was locked down. This flaw allows a root privileged local user to circumvent the kernel lockdown restrictions. The highest threat from this vulnerabilit...

6.9CVSS7.1AI score0.00514EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2020/07/29 7:40 p.m.2 views

kernel: lockdown: bypass through ACPI write via acpi_configfs

A flaw was found in how the ACPI table loading through acpiconfigfs was handled when the kernel was locked down. This flaw allows a root privileged local user to circumvent the kernel lockdown restrictions. The highest threat from this vulnerability is to data confidentiality and integrity as wel...

7.2CVSS7.1AI score0.01314EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2020/07/29 6:34 p.m.2 views

kernel: lockdown: bypass through ACPI write via efivar_ssdt

A flaw was found in how the ACPI table loading through the EFI variable and the related efivarssdt boot option was handled when the Linux kernel was locked down. This flaw allows a root privileged local user to circumvent the kernel lockdown restrictions. The highest threat from this vulnerabilit...

6.9CVSS7.1AI score0.00514EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2020/07/29 6:34 p.m.3 views

kernel: lockdown: bypass through ACPI write via acpi_configfs

A flaw was found in how the ACPI table loading through acpiconfigfs was handled when the kernel was locked down. This flaw allows a root privileged local user to circumvent the kernel lockdown restrictions. The highest threat from this vulnerability is to data confidentiality and integrity as wel...

7.2CVSS7.1AI score0.01314EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2020/07/29 6:31 p.m.4 views

kernel: lockdown: bypass through ACPI write via acpi_configfs

A flaw was found in how the ACPI table loading through acpiconfigfs was handled when the kernel was locked down. This flaw allows a root privileged local user to circumvent the kernel lockdown restrictions. The highest threat from this vulnerability is to data confidentiality and integrity as wel...

7.2CVSS7.1AI score0.01314EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2020/07/29 6:31 p.m.5 views

kernel: lockdown: bypass through ACPI write via efivar_ssdt

A flaw was found in how the ACPI table loading through the EFI variable and the related efivarssdt boot option was handled when the Linux kernel was locked down. This flaw allows a root privileged local user to circumvent the kernel lockdown restrictions. The highest threat from this vulnerabilit...

6.9CVSS7.1AI score0.00514EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2020/07/16 6:9 p.m.43 views

CVE-2020-15780

A flaw was found in how the ACPI table loading through acpiconfigfs was handled when the kernel was locked down. This flaw allows a root privileged local user to circumvent the kernel lockdown restrictions. The highest threat from this vulnerability is to data confidentiality and integrity as wel...

7.2CVSS2.3AI score0.01314EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2020/07/16 5:7 p.m.46 views

CVE-2019-20908

A flaw was found in how the ACPI table loading through the EFI variable and the related efivarssdt boot option was handled when the Linux kernel was locked down. This flaw allows a root privileged local user to circumvent the kernel lockdown restrictions. The highest threat from this vulnerabilit...

6.9CVSS2.4AI score0.00514EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2019/02/01 12:0 a.m.50 views

CVE-2019-7308

kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs undesirable out-of-bounds speculation on pointer arithmetic in various cases, including cases of different branches with different state or limits to sanitize, leading to side-channel attacks...

5.6CVSS6.8AI score0.00543EPSS
Exploits0References7
Rows per page
Query Builder