Race condition

A race condition was discovered in the Linux drivers for Nvidia graphics which allowed an attacker to exfiltrate kernel memory to userspace. This issue was fixed in version 295.53...

CVE-2012-0953 Kernel heap contents leak race in ioctl handler

A race condition was discovered in the Linux drivers for Nvidia graphics which allowed an attacker to exfiltrate kernel memory to userspace. This issue was fixed in version 295.53...

CVE-2012-0953

The CVE-2012-0953 entry describes a race condition in the Linux Nvidia graphics driver that could allow an attacker to exfiltrate kernel memory to userspace. Affected component: Nvidia graphics driver for Linux (pre-295.53). Root cause: a race condition in the driver’s ioctl/path to memory, enabl...

CVE-2012-0953

A race condition was discovered in the Linux drivers for Nvidia graphics which allowed an attacker to exfiltrate kernel memory to userspace. This issue was fixed in version 295.53...

NVIDIA Display driver competitive conditions issue vulnerability

NVIDIA graphics driver is a graphics driver from the American company NVIDIA. A competing condition issue vulnerability exists in NVIDIA Display driver Linux versions prior to 295.53. An attacker could exploit this vulnerability to leak kernel memory into user space...

UBUNTU-CVE-2020-12656

gssmechfree in net/sunrpc/authgss/gssmechswitch.c in the rpcsecgsskrb5 implementation in the Linux kernel through 5.6.10 lacks certain domainrelease calls, leading to a memory leak. Note: This was disputed with the assertion that the issue does not grant any access not already available. It is a...

CVE-2020-7453

In FreeBSD 12.1-STABLE before r359021, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before r359020, and 11.3-RELEASE before 11.3-RELEASE-p7, a missing null termination check in the jailset configuration option "osrelease" may return more bytes with a subsequent jailget system call allowing a...

CVE-2020-7453

In FreeBSD 12.1-STABLE before r359021, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before r359020, and 11.3-RELEASE before 11.3-RELEASE-p7, a missing null termination check in the jailset configuration option "osrelease" may return more bytes with a subsequent jailget system call allowing a...

Null pointer dereference

In FreeBSD 12.1-STABLE before r359021, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before r359020, and 11.3-RELEASE before 11.3-RELEASE-p7, a missing null termination check in the jailset configuration option "osrelease" may return more bytes with a subsequent jailget system call allowing a...

Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-4344-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4344-1 advisory. It was discovered that the Intel Wi-Fi driver in the Linux kernel did not properly check for errors in some situations. A local attacker could possibly u...

CVE-2020-7453

CVE-2020-7453 affects FreeBSD 12.1-STABLE before r359021, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before r359020, and 11.3-RELEASE before 11.3-RELEASE-p7. A missing NULL-termination check in the jail_set configuration option "osrelease" may cause jail_get to return more bytes than were s...

CVE-2020-7453

In FreeBSD 12.1-STABLE before r359021, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before r359020, and 11.3-RELEASE before 11.3-RELEASE-p7, a missing null termination check in the jailset configuration option "osrelease" may return more bytes with a subsequent jailget system call allowing a...

CVE-2020-7453

Removed by vendor...

CVE-2020-7451

In FreeBSD 12.1-STABLE before r358739, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before r358740, and 11.3-RELEASE before 11.3-RELEASE-p7, a TCP SYN-ACK or challenge TCP-ACK segment over IPv6 that is transmitted or retransmitted does not properly initialize the Traffic Class field disclosin...

CVE-2020-7451

In FreeBSD 12.1-STABLE before r358739, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before r358740, and 11.3-RELEASE before 11.3-RELEASE-p7, a TCP SYN-ACK or challenge TCP-ACK segment over IPv6 that is transmitted or retransmitted does not properly initialize the Traffic Class field disclosin...

Memory corruption

In FreeBSD 12.1-STABLE before r358739, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before r358740, and 11.3-RELEASE before 11.3-RELEASE-p7, a TCP SYN-ACK or challenge TCP-ACK segment over IPv6 that is transmitted or retransmitted does not properly initialize the Traffic Class field disclosin...

CVE-2020-7451

CVE-2020-7451 affects FreeBSD: TCP servers sending or retransmitting IPv6 SYN-ACK (and challenge ACK) segments may disclose one byte of kernel memory due to Traffic Class not initialized. Affected: FreeBSD 12.1-STABLE before r358739, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before r358740...

kernel: memory leak in the kernel_read_file function in fs/exec.c allows to cause a denial of service

A kernel memory leak was found in the kernelreadfile function in the fs/exec.c file in the Linux kernel. An attacker could use this flaw to cause a memory leak and thus a denial of service DoS...

kernel: memory leak in the kernel_read_file function in fs/exec.c allows to cause a denial of service

A kernel memory leak was found in the kernelreadfile function in the fs/exec.c file in the Linux kernel. An attacker could use this flaw to cause a memory leak and thus a denial of service DoS...

kernel: A memory leak in the sdma_init() function in drivers/infiniband/hw/hfi1/sdma.c allows for a DoS

A flaw was found in the Linux kernel. The Intel OPA Gen1 driver mishandles resource cleanup. An attacker able to induce low memory condition on the system could use this flaw to crash the system. The highest threat from this vulnerability is to system availability...