UVI-2021-1000453 powerpc/64s: Fix pte update for kernel memory on radix

powerpc/64s: Fix pte update for kernel memory on radix This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.191 by commit...

GSD-2021-1000257 powerpc/64s: Fix pte update for kernel memory on radix

powerpc/64s: Fix pte update for kernel memory on radix This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.4 by commit...

UVI-2021-1000425 powerpc/64s: Fix pte update for kernel memory on radix

powerpc/64s: Fix pte update for kernel memory on radix This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.119 by commit...

GSD-2021-1000425 powerpc/64s: Fix pte update for kernel memory on radix

powerpc/64s: Fix pte update for kernel memory on radix This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.119 by commit...

CVE-2021-33200

A flaw was found in kernel/bpf/verifier.c in BPF in the Linux kernel. An incorrect limit is enforced for pointer arithmetic operations which can be abused to perform out-of-bounds reads and writes in kernel memory, leading to local privilege escalation. The highest threat from this vulnerability ...

Linux kernel buffer overflow vulnerability (CNVD-2021-39045)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A buffer error vulnerability exists in Linux Kernel version 5.12.7 and prior versions, which stems from an incorrect restriction enforced on pointer arithmetic operations that...

CVE-2020-10774

A memory disclosure flaw was found in the Linux kernel's versions before 4.18.0-193.el8 in the sysctl subsystem when reading the /proc/sys/kernel/rhfeatures file. This flaw allows a local user to read uninitialized values from the kernel memory. The highest threat from this vulnerability is to...

CVE-2020-10774

A memory disclosure flaw was found in the Linux kernel's versions before 4.18.0-193.el8 in the sysctl subsystem when reading the /proc/sys/kernel/rhfeatures file. This flaw allows a local user to read uninitialized values from the kernel memory. The highest threat from this vulnerability is to...

CVE-2020-13600

Malformed SPI in response for eswifi can corrupt kernel memory. Zephyr versions = 1.14.2, = 2.3.0 contain Heap-based Buffer Overflow CWE-122. For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hx4p-j86p-2mhr...

CVE-2020-13600

Malformed SPI in response for eswifi can corrupt kernel memory. Zephyr versions = 1.14.2, = 2.3.0 contain Heap-based Buffer Overflow CWE-122. For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hx4p-j86p-2mhr...

Apple iPadOS 访问控制错误漏洞

Apple iPadOS is an operating system from Apple Inc. for the iPad tablet computer. Apple iPadOS suffers from an Access Control Error vulnerability that stems from improper access restrictions in the kernel subsystem. A native application can bypass implemented security restrictions and expose...

Apple macOS 权限许可和访问控制问题漏洞

Apple macOS is a proprietary operating system developed by Apple Inc. for Mac computers. macOS is vulnerable to a privilege-granting and access-control issue, which arises from an application that does not properly impose security restrictions within the AMD subsystem. A local user can trigger a...

CVE-2020-13600 Malformed SPI in response for eswifi can corrupt kernel memory

Malformed SPI in response for eswifi can corrupt kernel memory. Zephyr versions = 1.14.2, = 2.3.0 contain Heap-based Buffer Overflow CWE-122. For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hx4p-j86p-2mhr...

Denial Of Service (DoS)

linux-gke-5.3:bionic is vulnerable to denial of service. An issue was discovered in the Linux kernel kernel/bpf/verifier.c has an off-by-one error with a resultant integer underflow affecting out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre...

Apple macOS Big Sur 缓冲区错误漏洞

Apple macOS Big Sur is a mobile application app from Apple USA. macOS Big Sur suffers from a buffer error vulnerability that originates from a local user being able to run a specially designed program to trigger an out-of-bounds read error and read the contents of kernel memory on the system...

Juniper Junos OS DoS (JSA11125)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA11125 advisory. On Juniper Networks Junos OS platforms with link aggregation lag configured, executing any operation that fetches Aggregated Ethernet AE interface statistics, including but...

kernel: memory leak in sof_set_get_large_ctrl_data() function in sound/soc/sof/ipc.c

A flaw was found in the Linux kernel’s sofsetgetlargectrldata function, in the way it handled memory cleanup in a specific error path. A local attacker could use this flaw to crash the system...

kernel: perf_event_parse_addr_filter memory

A memory leak flaw was found in the Linux kernel’s performance monitoring subsystem when using PERFEVENTIOCSETFILTER. This flaw allows a local user to starve the resources, causing a denial of service. The highest threat from this vulnerability is to system availability...

Ubuntu 20.04 LTS : Linux kernel (OEM) vulnerabilities (USN-4948-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4948-1 advisory. Ryota Shiga discovered that the eBPF implementation in the Linux kernel did not properly verify that a BPF program only reserved as much memory for a rin...

kernel: out-of-bounds read in libiscsi module

A flaw was found in the Linux kernel. An out-of-bounds read was discovered in the libiscsi module that could lead to reading kernel memory or a crash. The highest threat from this vulnerability is to data confidentiality as well as system availability...