CVE-2012-0953

The CVE-2012-0953 entry describes a race condition in the Linux Nvidia graphics driver that could allow an attacker to exfiltrate kernel memory to userspace. Affected component: Nvidia graphics driver for Linux (pre-295.53). Root cause: a race condition in the driver’s ioctl/path to memory, enabl...

CVE-2012-0953 Kernel heap contents leak race in ioctl handler

A race condition was discovered in the Linux drivers for Nvidia graphics which allowed an attacker to exfiltrate kernel memory to userspace. This issue was fixed in version 295.53...

NVIDIA Display driver competitive conditions issue vulnerability

NVIDIA graphics driver is a graphics driver from the American company NVIDIA. A competing condition issue vulnerability exists in NVIDIA Display driver Linux versions prior to 295.53. An attacker could exploit this vulnerability to leak kernel memory into user space...

CVE-2020-7453

In FreeBSD 12.1-STABLE before r359021, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before r359020, and 11.3-RELEASE before 11.3-RELEASE-p7, a missing null termination check in the jailset configuration option "osrelease" may return more bytes with a subsequent jailget system call allowing a...

CVE-2020-7453

CVE-2020-7453 affects FreeBSD 12.1-STABLE before r359021, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before r359020, and 11.3-RELEASE before 11.3-RELEASE-p7. A missing NULL-termination check in the jail_set configuration option "osrelease" may cause jail_get to return more bytes than were s...

CVE-2020-7453

In FreeBSD 12.1-STABLE before r359021, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before r359020, and 11.3-RELEASE before 11.3-RELEASE-p7, a missing null termination check in the jailset configuration option "osrelease" may return more bytes with a subsequent jailget system call allowing a...

CVE-2020-7453

Removed by vendor...

CVE-2020-7451

In FreeBSD 12.1-STABLE before r358739, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before r358740, and 11.3-RELEASE before 11.3-RELEASE-p7, a TCP SYN-ACK or challenge TCP-ACK segment over IPv6 that is transmitted or retransmitted does not properly initialize the Traffic Class field disclosin...

USN-4319-1: Linux kernel vulnerabilities

It was discovered that the IPMI message handler implementation in the Linux kernel did not properly deallocate memory in certain situations. A local attacker could use this to cause a denial of service kernel memory exhaustion. CVE-2019-19046 Al Viro discovered that the vfs layer in the Linux...

Denial Of Service (DoS)

systemtap is vulnerable to denial of service. An invalid pointer read flaw was found in the way SystemTap handled malformed debugging information in DWARF format. When SystemTap unprivileged mode was enabled, an unprivileged user in the stapusr group could use this flaw to crash the system or,...

Information Disclosure

kvm is vulnerable to information disclosure. The vulnerability exists as it was found that some structure padding and reserved fields in certain data structures in QEMU-KVM were not initialized properly before being copied to user-space. A privileged host user with access to "/dev/kvm" could use...

Arbitrary Memory Read

The Linux kernel is vulnerable to arbitrary memory read. A flaw in the IPv6 socket option handling allows a local user to read arbitrary kernel memory...

LSN-0065-1: Kernel Live Patch Security Notice

Andrew Honig reported a flaw in the way KVM Kernel-based Virtual Machine emulated the IOAPIC. A privileged guest user could exploit this flaw to read host memory or cause a denial of service crash the host. CVE-2013-1798 It was discovered that the KVM implementation in the Linux kernel, when...

CVE-2020-1625

The kernel memory usage represented as "temp" via 'show system virtual-memory' may constantly increase when Integrated Routing and Bridging IRB is configured with multiple underlay physical interfaces, and one interface flaps. This memory leak can affect running daemons processes, leading to an...

CVE-2019-3892

A race condition was found between mmgetnotzero/gettaskmm when core dumping tasks. A local attacker is able to exploit race condition where locking of semaphore would allow an attacker to leak kernel memory to userspace...

Ubuntu: Security Advisory (USN-4318-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-4320-1: Linux kernel vulnerability

Al Viro discovered that the vfs layer in the Linux kernel contained a use- after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly expose sensitive information kernel memory...

Exploit for Use of Uninitialized Resource in Microsoft

CVE-2020-1206 Uninitialized Kernel Memory Read POC c 2020 Z...

UBUNTU-CVE-2020-11494

An issue was discovered in slcbump in drivers/net/can/slcan.c in the Linux kernel 3.16 through 5.6.2. It allows attackers to read uninitialized canframe data, potentially containing sensitive information from kernel stack memory, if the configuration lacks CONFIGINITSTACKALL, aka CID-b9258a2cece4...

CVE-2020-8835

In the Linux kernel 5.5.0 and newer, the bpf verifier kernel/bpf/verifier.c did not properly restrict the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel memory. The vulnerability also affects the Linux 5.4 stable series, starting with v5.4.7, as the...