Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2022-9927)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9927 advisory. - afkey: Do not call xfrmprobealgs in parallel Herbert Xu Orabug: 34566752 CVE-2022-3028 Tenable has extracted the preceding description block...

USN-5684-1 linux-azure vulnerabilities

It was discovered that the SUNRPC RDMA protocol implementation in the Linux kernel did not properly calculate the header size of a RPC message payload. A local attacker could use this to expose sensitive information kernel memory. CVE-2022-0812 Moshe Kol, Amit Klein and Yossi Gilad discovered tha...

CVE-2022-3533

A vulnerability was found in Linux Kernel. It has been rated as problematic. This issue affects the function parseusdtarg of the file tools/lib/bpf/usdt.c of the component BPF. The manipulation of the argument regname leads to memory leak. It is recommended to apply a patch to fix this issue. The...

CVE-2022-42464

OpenHarmony-v3.1.2 and prior versions, 3.0.6 and prior versions have a Kernel memory pool override vulnerability in /dev/mmzuserdev device driver. The impact depends on the privileges of the attacker. The unprivileged process run on the device could disclose sensitive information including kernel...

CVE-2022-42464

OpenHarmony-v3.1.2 and prior versions, 3.0.6 and prior versions have a Kernel memory pool override vulnerability in /dev/mmzuserdev device driver. The impact depends on the privileges of the attacker. The unprivileged process run on the device could disclose sensitive information including kernel...

Design/Logic Flaw

OpenHarmony-v3.1.2 and prior versions, 3.0.6 and prior versions have a Kernel memory pool override vulnerability in /dev/mmzuserdev device driver. The impact depends on the privileges of the attacker. The unprivileged process run on the device could disclose sensitive information including kernel...

CVE-2022-42464

CVE-2022-42464 affects OpenHarmony v3.1.2 and earlier (including 3.0.6 and prior) with a Kernel memory pool override in the /dev/mmz_userdev device driver. The vulnerability allows an unprivileged process to mmap kernel memory pools and override them, potentially exposing kernel pointers and enab...

CVE-2022-42464 Kernel memory pool override in /dev/mmz_userdev device driver. The impact depends on the privileges of the attacker. The unprivileged process run on the device could disclose sensitive information including kernel pointer, which could be used in furth ...

OpenHarmony-v3.1.2 and prior versions, 3.0.6 and prior versions have a Kernel memory pool override vulnerability in /dev/mmzuserdev device driver. The impact depends on the privileges of the attacker. The unprivileged process run on the device could disclose sensitive information including kernel...

CVE-2022-42464 Kernel memory pool override in /dev/mmz_userdev device driver. The impact depends on the privileges of the attacker. The unprivileged process run on the device could disclose sensitive information including kernel pointer, which could be used in furth ...

OpenHarmony-v3.1.2 and prior versions, 3.0.6 and prior versions have a Kernel memory pool override vulnerability in /dev/mmzuserdev device driver. The impact depends on the privileges of the attacker. The unprivileged process run on the device could disclose sensitive information including kernel...

PT-2022-26447 · Unknown · Openharmony

Name of the Vulnerable Software and Affected Versions: OpenHarmony versions 3.1.2 and prior OpenHarmony versions 3.0.6 and prior Description: The issue is related to a Kernel memory pool override vulnerability in the /dev/mmz userdev device driver. The impact depends on the privileges of the...

USN-5677-1 linux-gcp, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerabilities

It was discovered that the BPF verifier in the Linux kernel did not properly handle internal data structures. A local attacker could use this to expose sensitive information kernel memory. CVE-2021-4159 It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2...

Microsoft Kernel Memory Information Disclosure Vulnerability

Microsoft Windows is a set of operating systems for personal devices from the U.S. Microsoft Kernel Memory has an information disclosure vulnerability that stems from inadequate protection of sensitive information on network systems or products, which can be exploited by attackers to obtain...

CVE-2022-20421

In binderincreffornode of binder.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid I...

Information disclosure

Windows Kernel Memory Information Disclosure Vulnerability...

USN-5669-1 linux, linux-dell300x, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities

It was discovered that the SUNRPC RDMA protocol implementation in the Linux kernel did not properly calculate the header size of a RPC message payload. A local attacker could use this to expose sensitive information kernel memory. CVE-2022-0812 Moshe Kol, Amit Klein and Yossi Gilad discovered tha...

Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2022-9870)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9870 advisory. - afkey: Do not call xfrmprobealgs in parallel Herbert Xu Orabug: 34566753 CVE-2022-3028 - lockdown: also lock down previous kgdb use Daniel Thompson...

Ubuntu: Security Advisory (USN-5655-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-5644-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-32828

The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6, tvOS 15.6, macOS Monterey 12.5. An app may be able to disclose kernel memory...

CVE-2022-32825

The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5. An app may be able to disclose kernel memory...