Linux kernel 信息泄露漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from an information disclosure vulnerability that originates in the Linux kernel's TIPC protocol subsystem due to uninitialized memory that sends TIPC...

USN-5276-1 nvidia-graphics-drivers-450-server, nvidia-graphics-drivers-470, nvidia-graphics-drivers-470-server, nvidia-graphics-drivers-510 vulnerabilities

It was discovered that the NVIDIA graphics drivers incorrectly handled permissions in the kernel mode layer. A local attacker could use this issue to write to protected memory and cause a denial of service...

PT-2022-7613 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to the fix commit Description: The issue is related to a NULL pointer dereference in the zynq qspi exec mem op function. This occurs because kzalloc is directly used in memset, which could lead to a NULL pointer...

The vulnerability of the kernel of Juniper Networks Junos OS routers vMX and MX150 allows a hacker to cause a service failure.

The vulnerability of Juniper Networks Junos OS routers vMX and MX150 lies in memory release errors. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

Linux kernel 信息泄露漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from an information disclosure vulnerability that stems from a vulnerability found in the Linux kernel's eBPF validation program when dealing with...

CVE-2021-33625

An issue was discovered in Kernel 5.x in Insyde InsydeH2O, affecting HddPassword. Software SMI services that use the Communicate function of the EFISMMCOMMUNICATIONPROTOCOL do not check whether the address of the buffer is valid, which allows use of SMRAM, MMIO, or OS kernel addresses...

Linux kernel 安全漏洞

Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. Linux kernel has a security vulnerability that can be exploited by attackers to obtain internal kernel memory information...

Important: kernel

Issue Overview: A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system. CVE-2021-20321 This vulnerability allows local attackers to escalate privileges...

Important: kernel

Issue Overview: A flaw was found in the Linux kernel, where a BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack. This issue occurs when the protection mechanism neglects the possibility of uninitialized memory locations on the BPF...

UBUNTU-CVE-2022-0264

A vulnerability was found in the Linux kernel's eBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A local attacker with the permissions to insert eBPF code to the kernel can use this to leak internal kernel memory details defeating som...

USN-5163-1: Linux kernel vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description Ilja Van Sprundel discovered that the SCTP implementation in the Linux kernel did not properly perform size validations on incoming packets in some situations. An attacker could possibly use this to expos...

CVE-2021-29632

In FreeBSD 13.0-STABLE before n247428-9352de39c3dc, 12.2-STABLE before r370674, 13.0-RELEASE before p6, and 12.2-RELEASE before p12, certain conditions involving use of the highlight buffer while text is scrolling on the console, console data may overwrite data structures associated with the syst...

CVE-2021-29632

Removed by vendor...

SUSE SLED12: cluster-md-kmp-default / dlm-kmp-default / gfs2-kmp-default / etc (SUSE-SU-2022:0068-1)

The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0068-1 advisory. The SUSE Linux Enterprise 12 SP5 kernel was updated. The following security bugs were fixed: - CVE-2019-15126:...

FreeBSD Buffer Overflow Vulnerability (CNVD-2022-08173)

FreeBSD is a set of Unix-like operating systems from the Freebsd Foundation. FreeBSD vt console is vulnerable to a buffer overflow vulnerability, which stems from a boundary error. An attacker could exploit this vulnerability to trigger a buffer overflow and overwrite data structures associated...

SUSE SLES15: kernel-azure / kernel-azure-devel / kernel-devel-azure / etc (SUSE-SU-2022:0056-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0056-1 advisory. The SUSE Linux Enterprise 15 SP3 kernel was updated. The following security bugs were fixed: - CVE-2021-45485: Fixed an information...

FreeBSD 缓冲区错误漏洞

FreeBSD is a set of Unix-like operating systems from the Freebsd Foundation. FreeBSD vt console is vulnerable to a buffer overflow vulnerability, which stems from a boundary error. An attacker could exploit this vulnerability to trigger a buffer overflow and overwrite data structures associated...

DEBIAN-CVE-2021-28714

Guest can force Linux netback driver to hog large amounts of kernel memory This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Incoming data packets for a guest in the Linux kernel's netback driver are buffered until the...

CVE-2021-28714

Guest can force Linux netback driver to hog large amounts of kernel memory This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Incoming data packets for a guest in the Linux kernel's netback driver are buffered until the...

CVE-2021-28715

Guest can force Linux netback driver to hog large amounts of kernel memory This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Incoming data packets for a guest in the Linux kernel's netback driver are buffered until the...