VulnCheck KEV: CVE-2021-25370

Samsung mobile devices using Mali GPU contain an incorrect implementation handling file descriptor in dpu driver. This incorrect implementation results in memory corruption, leading to kernel panic. This vulnerability was chained with CVE-2021-25337 and CVE-2021-25369...

SUSE SLES12 Security Update : kernel (SUSE-SU-2020:2904-1)

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2020-26088: Fixed an improper CAPNETRAW check in NFC socket creation could have been used by local attackers to create raw sockets, bypassing security...

SUSE SLES15 Security Update : kernel (SUSE-SU-2020:3532-1)

The SUSE Linux Enterprise 15 LTSS kernel was updated to receive various security and bug fixes. The following security bugs were fixed : CVE-2020-25705: A flaw in the way reply ICMP packets are limited in was found that allowed to quickly scan open UDP ports. This flaw allowed an off-path remote...

SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2020:2905-1)

The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2020-26088: Fixed an improper CAPNETRAW check in NFC socket creation could have been used by local attackers to create raw sockets, bypassing security...

SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2020:2879-1)

The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2020-26088: Fixed an improper CAPNETRAW check in NFC socket creation could have been used by local attackers to create raw sockets, bypassing security...

SUSE SLES15 Security Update : kernel (SUSE-SU-2020:3230-1)

The SUSE Linux Enterprise 15 SP2 kernel RT was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2020-25212: Fixed getxattr kernel panic and memory overflow bsc1176381. CVE-2020-25643: Added range checks in pppcpparsecr bsc1177206. CVE-2020-25641:...

FreeBSD : FreeBSD -- ICMPv6 use-after-free in error message handling (8eed0c5c-3482-11eb-b87a-901b0ef719ab)

When an ICMPv6 error message is received, the FreeBSD ICMPv6 stack may extract information from the message to hand to upper-layer protocols. As a part of this operation, it may parse IPv6 header options from a packet embedded in the ICMPv6 message. The handler for a routing option caches a point...

FreeBSD-SA-20:31.icmp6

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-20:31.icmp6 Security Advisory The FreeBSD Project Topic: ICMPv6 use-after-free in error message handling Category: core Module: icmp6 Announced: 2020-12-01...

FreeBSD -- ICMPv6 use-after-free in error message handling

Problem Description: When an ICMPv6 error message is received, the FreeBSD ICMPv6 stack may extract information from the message to hand to upper-layer protocols. As a part of this operation, it may parse IPv6 header options from a packet embedded in the ICMPv6 message. The handler for a routing...

Moderate: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

CVE-2020-27014

Trend Micro Antivirus for Mac 2020 Consumer contains a race condition vulnerability in the Web Threat Protection Blocklist component, that if exploited, could allow an attacker to case a kernel panic or crash.\n\n\r\nAn attacker must first obtain the ability to execute high-privileged code on the...

CVE-2020-27014

Trend Micro Antivirus for Mac 2020 Consumer contains a race condition vulnerability in the Web Threat Protection Blocklist component, that if exploited, could allow an attacker to case a kernel panic or crash.\n\n\r\nAn attacker must first obtain the ability to execute high-privileged code on the...

Race condition

Trend Micro Antivirus for Mac 2020 Consumer contains a race condition vulnerability in the Web Threat Protection Blocklist component, that if exploited, could allow an attacker to case a kernel panic or crash.\n\n\r\nAn attacker must first obtain the ability to execute high-privileged code on the...

CVE-2020-27014

Trend Micro Antivirus for Mac 2020 Consumer contains a race condition vulnerability in the Web Threat Protection Blocklist component, that if exploited, could allow an attacker to case a kernel panic or crash.\n\n\r\nAn attacker must first obtain the ability to execute high-privileged code on the...

kernel: NFS client crash due to index buffer overflow during Direct IO write causing kernel panic

A flaw was found in the Linux kernel. An index buffer overflow during Direct IO write leading to the NFS client to crash. In some cases, a reach out of the index after one memory allocation by kmalloc will cause a kernel panic. The highest threat from this vulnerability is to data confidentiality...

kernel: NFS client crash due to index buffer overflow during Direct IO write causing kernel panic

A flaw was found in the Linux kernel. An index buffer overflow during Direct IO write leading to the NFS client to crash. In some cases, a reach out of the index after one memory allocation by kmalloc will cause a kernel panic. The highest threat from this vulnerability is to data confidentiality...

PT-2021-12654 · Freebsd +1 · Freebsd +2

Name of the Vulnerable Software and Affected Versions: FreeBSD versions 11.3-RELEASE through 11.3-RELEASE before p13 FreeBSD versions 11.4-RELEASE through 11.4-RELEASE before p3 FreeBSD versions 12.1-RELEASE through 12.1-RELEASE before p9 FreeBSD versions 11.4-STABLE through 11.4-STABLE before...

FreeBSD -- SCTP socket use-after-free bug

Problem Description: Due to improper handling in the kernel, a use-after-free bug can be triggered by sending large user messages from multiple threads on the same socket. Impact: Triggering the use-after-free situation may result in unintended kernel behaviour including a kernel panic...

FreeBSD -- IPv6 Hop-by-Hop options use-after-free bug

Problem Description: Due to improper mbuf handling in the kernel, a use-after-free bug might be triggered by sending IPv6 Hop-by-Hop options over the loopback interface. Impact: Triggering the use-after-free situation may result in unintended kernel behaviour including a kernel panic...

CVE-2018-1985

IBM Trusteer Rapport/Apex 3.6.1908.22 contains an unused legacy driver which could allow a user with administrator privileges to cause a buffer overflow that would result in a kernel panic. IBM X-Force ID: 154207...