UVI-2021-1000362 powerpc/64s: Fix pte update for kernel memory on radix

powerpc/64s: Fix pte update for kernel memory on radix This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.37 by commit...

UVI-2021-1000425 powerpc/64s: Fix pte update for kernel memory on radix

powerpc/64s: Fix pte update for kernel memory on radix This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.119 by commit...

CVE-2021-33200

A flaw was found in kernel/bpf/verifier.c in BPF in the Linux kernel. An incorrect limit is enforced for pointer arithmetic operations which can be abused to perform out-of-bounds reads and writes in kernel memory, leading to local privilege escalation. The highest threat from this vulnerability ...

Linux kernel buffer overflow vulnerability (CNVD-2021-39045)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A buffer error vulnerability exists in Linux Kernel version 5.12.7 and prior versions, which stems from an incorrect restriction enforced on pointer arithmetic operations that...

CVE-2020-10774

A memory disclosure flaw was found in the Linux kernel's versions before 4.18.0-193.el8 in the sysctl subsystem when reading the /proc/sys/kernel/rhfeatures file. This flaw allows a local user to read uninitialized values from the kernel memory. The highest threat from this vulnerability is to...

CVE-2020-10774

A memory disclosure flaw was found in the Linux kernel's versions before 4.18.0-193.el8 in the sysctl subsystem when reading the /proc/sys/kernel/rhfeatures file. This flaw allows a local user to read uninitialized values from the kernel memory. The highest threat from this vulnerability is to...

CVE-2020-13600

Malformed SPI in response for eswifi can corrupt kernel memory. Zephyr versions = 1.14.2, = 2.3.0 contain Heap-based Buffer Overflow CWE-122. For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hx4p-j86p-2mhr...

Apple macOS 权限许可和访问控制问题漏洞

Apple macOS is a proprietary operating system developed by Apple Inc. for Mac computers. macOS is vulnerable to a privilege-granting and access-control issue, which arises from an application that does not properly impose security restrictions within the AMD subsystem. A local user can trigger a...

CVE-2020-13600 Malformed SPI in response for eswifi can corrupt kernel memory

Malformed SPI in response for eswifi can corrupt kernel memory. Zephyr versions = 1.14.2, = 2.3.0 contain Heap-based Buffer Overflow CWE-122. For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hx4p-j86p-2mhr...

Denial Of Service (DoS)

linux-gke-5.3:bionic is vulnerable to denial of service. An issue was discovered in the Linux kernel kernel/bpf/verifier.c has an off-by-one error with a resultant integer underflow affecting out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre...

Apple macOS Big Sur 缓冲区错误漏洞

Apple macOS Big Sur is a mobile application app from Apple USA. macOS Big Sur suffers from a buffer error vulnerability that originates from a local user being able to run a specially designed program to trigger an out-of-bounds read error and read the contents of kernel memory on the system...

Ubuntu 20.04 LTS : Linux kernel (OEM) vulnerabilities (USN-4948-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4948-1 advisory. Ryota Shiga discovered that the eBPF implementation in the Linux kernel did not properly verify that a BPF program only reserved as much memory for a rin...

kernel: out-of-bounds read in libiscsi module

A flaw was found in the Linux kernel. An out-of-bounds read was discovered in the libiscsi module that could lead to reading kernel memory or a crash. The highest threat from this vulnerability is to data confidentiality as well as system availability...

Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on upstream 5.10.33 and fixes at least the following security issues: A race condition in Linux kernel SCTP sockets net/sctp/socket.c before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If...

kernel: out-of-bounds read in libiscsi module

A flaw was found in the Linux kernel. An out-of-bounds read was discovered in the libiscsi module that could lead to reading kernel memory or a crash. The highest threat from this vulnerability is to data confidentiality as well as system availability...

kernel: out-of-bounds read in libiscsi module

A flaw was found in the Linux kernel. An out-of-bounds read was discovered in the libiscsi module that could lead to reading kernel memory or a crash. The highest threat from this vulnerability is to data confidentiality as well as system availability...

About the security content of iCloud for Windows 12.3

About the security content of iCloud for Windows 12.3 This document describes the security content of iCloud for Windows 12.3. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...

CVE-2021-0230 Junos OS: SRX Series: Memory leak when querying Aggregated Ethernet (AE) interface statistics

On Juniper Networks SRX Series devices with link aggregation lag configured, executing any operation that fetches Aggregated Ethernet AE interface statistics, including but not limited to SNMP GET requests, causes a slow kernel memory leak. If all the available memory is consumed, the traffic wil...

Design/Logic Flaw

An issue was discovered in the Linux kernel through 5.11.x. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory. Specifically, for sequences ...

kernel: out-of-bounds read in libiscsi module

A flaw was found in the Linux kernel. An out-of-bounds read was discovered in the libiscsi module that could lead to reading kernel memory or a crash. The highest threat from this vulnerability is to data confidentiality as well as system availability...