80 matches found
grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled
A flaw was found in GRUB 2, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table SSDT containing code to overwrite the Linux kernel lockdown variable content direct...
grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled
A flaw was found in GRUB 2, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table SSDT containing code to overwrite the Linux kernel lockdown variable content direct...
grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled
A flaw was found in GRUB 2, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table SSDT containing code to overwrite the Linux kernel lockdown variable content direct...
CVE-2020-14372
A flaw was found in GRUB 2, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table SSDT containing code to overwrite the Linux kernel lockdown variable content direct...
CVE-2020-14372
A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table SSDT containing code to overwrite the Linux kernel lockdow...
UBUNTU-CVE-2020-14372
A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table SSDT containing code to overwrite the Linux kernel lockdow...
USN-4680-1: Linux kernel vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Description It was discovered that debugfs in the Linux kernel as used by blktrace contained a use-after-free in some situations. A privileged local attacker could possibly use this to cause a denial of service syste...
Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-4680-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4680-1 advisory. It was discovered that debugfs in the Linux kernel as used by blktrace contained a use-after-free in some situations. A privileged local...
PT-2020-6588 · Grub2 +10 · Grub2 +10
Name of the Vulnerable Software and Affected Versions: grub2 versions prior to 2.06 Description: A flaw was found in grub2 where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System...
kernel: lockdown: bypass through ACPI write via efivar_ssdt
A flaw was found in how the ACPI table loading through the EFI variable and the related efivarssdt boot option was handled when the Linux kernel was locked down. This flaw allows a root privileged local user to circumvent the kernel lockdown restrictions. The highest threat from this vulnerabilit...
kernel: lockdown: bypass through ACPI write via acpi_configfs
A flaw was found in how the ACPI table loading through acpiconfigfs was handled when the kernel was locked down. This flaw allows a root privileged local user to circumvent the kernel lockdown restrictions. The highest threat from this vulnerability is to data confidentiality and integrity as wel...
kernel: lockdown: bypass through ACPI write via efivar_ssdt
A flaw was found in how the ACPI table loading through the EFI variable and the related efivarssdt boot option was handled when the Linux kernel was locked down. This flaw allows a root privileged local user to circumvent the kernel lockdown restrictions. The highest threat from this vulnerabilit...
kernel: lockdown: bypass through ACPI write via acpi_configfs
A flaw was found in how the ACPI table loading through acpiconfigfs was handled when the kernel was locked down. This flaw allows a root privileged local user to circumvent the kernel lockdown restrictions. The highest threat from this vulnerability is to data confidentiality and integrity as wel...
kernel: lockdown: bypass through ACPI write via efivar_ssdt
A flaw was found in how the ACPI table loading through the EFI variable and the related efivarssdt boot option was handled when the Linux kernel was locked down. This flaw allows a root privileged local user to circumvent the kernel lockdown restrictions. The highest threat from this vulnerabilit...
kernel: lockdown: bypass through ACPI write via acpi_configfs
A flaw was found in how the ACPI table loading through acpiconfigfs was handled when the kernel was locked down. This flaw allows a root privileged local user to circumvent the kernel lockdown restrictions. The highest threat from this vulnerability is to data confidentiality and integrity as wel...
kernel: lockdown: bypass through ACPI write via acpi_configfs
A flaw was found in how the ACPI table loading through acpiconfigfs was handled when the kernel was locked down. This flaw allows a root privileged local user to circumvent the kernel lockdown restrictions. The highest threat from this vulnerability is to data confidentiality and integrity as wel...
kernel: lockdown: bypass through ACPI write via efivar_ssdt
A flaw was found in how the ACPI table loading through the EFI variable and the related efivarssdt boot option was handled when the Linux kernel was locked down. This flaw allows a root privileged local user to circumvent the kernel lockdown restrictions. The highest threat from this vulnerabilit...
CVE-2020-15780
A flaw was found in how the ACPI table loading through acpiconfigfs was handled when the kernel was locked down. This flaw allows a root privileged local user to circumvent the kernel lockdown restrictions. The highest threat from this vulnerability is to data confidentiality and integrity as wel...
CVE-2019-20908
A flaw was found in how the ACPI table loading through the EFI variable and the related efivarssdt boot option was handled when the Linux kernel was locked down. This flaw allows a root privileged local user to circumvent the kernel lockdown restrictions. The highest threat from this vulnerabilit...
CVE-2019-7308
kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs undesirable out-of-bounds speculation on pointer arithmetic in various cases, including cases of different branches with different state or limits to sanitize, leading to side-channel attacks...