kernel: out-of-bounds read in libiscsi module

A flaw was found in the Linux kernel. An out-of-bounds read was discovered in the libiscsi module that could lead to reading kernel memory or a crash. The highest threat from this vulnerability is to data confidentiality as well as system availability...

Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on upstream 5.10.33 and fixes at least the following security issues: A race condition in Linux kernel SCTP sockets net/sctp/socket.c before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If...

PT-2021-7660 · Dell · Dbutil 2 3.Sys

Name of the Vulnerable Software and Affected Versions: Dell dbutil 2 3.sys driver affected versions not specified Description: The Dell dbutil 2 3.sys driver contains an insufficient access control vulnerability, which may lead to escalation of privileges, denial of service, or information...

ASB-A-174588870

In kbasememflagschange of malikbasememlinux.c, there is a possible overlapping kernel memory regions due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

macOS 10.14.x < 10.14.6 Security Update 2021-003 Mojave (HT212327)

The remote host is running a version of macOS / Mac OS X that is 10.14.x prior to 10.14.6 Security Update 2021-003 Mojave It is, therefore, affected by multiple vulnerabilities, including the following: - An application may be able to execute arbitrary code with system privileges due to...

kernel: out-of-bounds read in libiscsi module

A flaw was found in the Linux kernel. An out-of-bounds read was discovered in the libiscsi module that could lead to reading kernel memory or a crash. The highest threat from this vulnerability is to data confidentiality as well as system availability...

kernel: out-of-bounds read in libiscsi module

A flaw was found in the Linux kernel. An out-of-bounds read was discovered in the libiscsi module that could lead to reading kernel memory or a crash. The highest threat from this vulnerability is to data confidentiality as well as system availability...

Apple Kernel 缓冲区错误漏洞

The Apple Kernel is the kernel for Apple devices from Apple Inc. in the United States. A security vulnerability exists in the Apple Kernel, which can be exploited by a local user to read kernel memory. The following products and versions are affected: iPhone 6s and later, iPad Pro all models, iPa...

Apple iOS 安全漏洞

Apple iOS is an operating system developed by Apple Inc. for mobile devices. A security vulnerability exists in Apple iOS, where a malicious application may be able to determine the kernel memory layout. The following products and versions are affected: iPhone 6s and later, iPad Pro all models,...

About the security content of iCloud for Windows 12.3

About the security content of iCloud for Windows 12.3 This document describes the security content of iCloud for Windows 12.3. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...

An issue was discovered in the Linux kernel through 5.11.x. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory. Specifically for sequences of pointer arithmetic operations the pointer modification performed by the first operation is not correctly accounted for when restricting subsequent operations.

...

CVE-2021-0272

A kernel memory leak in QFX10002-32Q, QFX10002-60C, QFX10002-72Q, QFX10008, QFX10016 devices Flexible PIC Concentrators FPCs on Juniper Networks Junos OS allows an attacker to send genuine packets destined to the device to cause a Denial of Service DoS to the device. On QFX10002-32Q, QFX10002-60C...

CVE-2021-0272

A kernel memory leak in QFX10002-32Q, QFX10002-60C, QFX10002-72Q, QFX10008, QFX10016 devices Flexible PIC Concentrators FPCs on Juniper Networks Junos OS allows an attacker to send genuine packets destined to the device to cause a Denial of Service DoS to the device. On QFX10002-32Q, QFX10002-60C...

CVE-2021-0230

On Juniper Networks SRX Series devices with link aggregation lag configured, executing any operation that fetches Aggregated Ethernet AE interface statistics, including but not limited to SNMP GET requests, causes a slow kernel memory leak. If all the available memory is consumed, the traffic wil...

Design/Logic Flaw

A kernel memory leak in QFX10002-32Q, QFX10002-60C, QFX10002-72Q, QFX10008, QFX10016 devices Flexible PIC Concentrators FPCs on Juniper Networks Junos OS allows an attacker to send genuine packets destined to the device to cause a Denial of Service DoS to the device. On QFX10002-32Q, QFX10002-60C...

CVE-2021-0230

CVE-2021-0230 affects Juniper Networks Junos OS on SRX Series devices with link aggregation (lag). When performing operations that fetch AE interface statistics (e.g., SNMP GET), a slow kernel memory leak can consume memory, potentially impacting traffic and requiring a reboot. Affected versions ...

CVE-2021-0230 Junos OS: SRX Series: Memory leak when querying Aggregated Ethernet (AE) interface statistics

On Juniper Networks SRX Series devices with link aggregation lag configured, executing any operation that fetches Aggregated Ethernet AE interface statistics, including but not limited to SNMP GET requests, causes a slow kernel memory leak. If all the available memory is consumed, the traffic wil...

PT-2021-12943 · Juniper Networks · Junos

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS on SRX Series versions 17.1R3 through 17.3R3-S10 Juniper Networks Junos OS on SRX Series versions 17.4 through 17.4R3-S4 Juniper Networks Junos OS on SRX Series versions 18.2 through 18.2R3-S6 Juniper Networks Junos ...

CVE-2021-1075

NVIDIA Windows GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel mode layer nvlddmkm.sys handler for DxgkDdiEscape where the program dereferences a pointer that contains a location for memory that is no longer valid, which may lead to code execution, denial of...

DEBIAN-CVE-2021-29155

An issue was discovered in the Linux kernel through 5.11.x. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory. Specifically, for sequences ...