EUVD-2023-59129

Malicious code in bioql PyPI...

Siemens SIMATIC and SCALANCE Devices Out-of-bounds Write (CVE-2023-5717)

A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events perf component can be exploited to achieve local privilege escalation. If perfreadgroup is called while an event's siblinglist is smaller than its child's siblinglist, it can increment or write to memor...

EulerOS Virtualization 2.10.0 : kernel (EulerOS-SA-2024-1381)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Improper access control in the IntelR Ethernet Controller RDMA driver for linux before version 1.9.30 may allow an unauthenticate...

kernel: Out of boundary write in perf_read_group() as result of overflow a perf_event's read_size

A flaw was found in the Linux kernel's Performance Events system component. A condition can be triggered that allows data to be written past the end or before the beginning of the intended memory buffer. This may lead to a system crash, code execution, or local privilege escalation...

EulerOS 2.0 SP10 : kernel (EulerOS-SA-2024-1086)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Improper access control in the IntelR Ethernet Controller RDMA driver for linux before version 1.9.30 may allow an unauthenticated user to...

Ubuntu 20.04 LTS : Linux kernel (GKE) vulnerabilities (USN-6548-4)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6548-4 advisory. It was discovered that Spectre-BHB mitigations were missing for Ampere processors. A local attacker could potentially use this to expose sensitive...

Important: kernel-livepatch-6.1.52-71.125

Issue Overview: An integer overflow in kmallocreserve in the Linux kernel may allow a local user to crash the system, or in some cases obtain code execution in kernel space. CVE-2023-42752 An issue was discovered in drivers/net/ethernet/intel/igb/igbmain.c in the IGB driver in the Linux kernel...

Ubuntu 20.04 LTS : Linux kernel (Oracle) vulnerabilities (USN-6548-3)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6548-3 advisory. It was discovered that Spectre-BHB mitigations were missing for Ampere processors. A local attacker could potentially use this to expose sensitive...

SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2023:4734-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4734-1 advisory. - A race condition was found in the Linux kernel's RxRPC network protocol, within the processing of RxRPC bundles. Th...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-3336)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-5717

A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events perf component can be exploited to achieve local privilege escalation. If perfreadgroup is called while an event's siblinglist is smaller than its child's siblinglist, it can increment or write to memor...

kernel: use-after-free vulnerability in the perf_group_detach function of the Linux Kernel Performance Events

The Linux kernel's Performance Events subsystem has a use-after-free flaw that occurs when a user triggers the perfgroupdetach and removeonexec functions simultaneously. This flaw allows a local user to crash or potentially escalate their privileges on the system...