Code injection

An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 software. Kernel stack addresses are leaked to userspace. The Samsung ID is SVE-2019-16161 January 2020...

CVE-2020-10854

CVE-2020-10854 concerns information disclosure on Samsung mobile devices running O(8.x), P(9.0), or Q(10.0) software, where kernel stack addresses are leaked to userspace. The issue affects the kernel exposure path and is classified with a high impact in CVSS 3.1 (base score 7.5) and medium in CV...

CVE-2020-10854

An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 software. Kernel stack addresses are leaked to userspace. The Samsung ID is SVE-2019-16161 January 2020...

AgentSmith-HIDS - Open Source Host-based Intrusion Detection System (HIDS)

Technically, AgentSmith-HIDS is not a Host-based Intrusion Detection System HIDS due to lack of rule engine and detection function. However, it can be used as a high performance 'Host Information Collect Agent' as part of your own HIDS solution. The comprehensiveness of information which can be...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2017-1245)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-20172

Kernel/VM/MemoryManager.cpp in SerenityOS before 2019-12-30 does not reject syscalls with pointers into the kernel-only virtual address space, which allows local users to gain privileges by overwriting a return address that was found on the kernel stack...

Code injection

Kernel/VM/MemoryManager.cpp in SerenityOS before 2019-12-30 does not reject syscalls with pointers into the kernel-only virtual address space, which allows local users to gain privileges by overwriting a return address that was found on the kernel stack...

CVE-2019-20172

Kernel/VM/MemoryManager.cpp in SerenityOS before 2019-12-30 does not reject syscalls with pointers into the kernel-only virtual address space, which allows local users to gain privileges by overwriting a return address that was found on the kernel stack...

PT-2019-16118 · Serenityos · Serenityos

Name of the Vulnerable Software and Affected Versions: SerenityOS versions prior to 2019-12-30 Description: The issue allows local users to gain privileges by overwriting a return address found on the kernel stack, due to the failure of Kernel/VM/MemoryManager.cpp to reject syscalls with pointers...

USN-4211-1 linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities

Zhipeng Xie discovered that an infinite loop could be triggered in the CFS Linux kernel process scheduler. A local attacker could possibly use this to cause a denial of service. CVE-2018-20784 Nicolas Waisman discovered that the WiFi driver stack in the Linux kernel did not properly validate SSID...

USN-4210-1 linux, linux-aws, linux-aws-hwe, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities

It was discovered that a buffer overflow existed in the 802.11 Wi-Fi configuration interface for the Linux kernel when handling beacon settings. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2019-16746 Nicolas Waisman discovered...

kernel: sensitive information disclosure from kernel stack memory via HIDPCONNADD command

A flaw was found in the Linux kernel's implementation of the Bluetooth Human Interface Device Protocol HIDP. A local attacker with access permissions to the Bluetooth device can issue an IOCTL which will trigger the dohidpsockioctl function in net/bluetooth/hidp/sock.c.c. This function can leak...

kernel: Heap address information leak while using L2CAP_GET_CONF_OPT

A flaw was found in the Linux kernel's implementation of Logical Link Control and Adaptation Protocol L2CAP, part of the Bluetooth stack. An attacker, within the range of standard Bluetooth transmissions, can create and send a specially crafted packet. The response to this specially crafted packe...

Linux kernel information disclosure vulnerability (CNVD-2019-38260)

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. An information disclosure vulnerability exists in Linux kernel versions prior to 4.17. An attacker can exploit this...

CVE-2019-16921

In the Linux kernel before 4.17, hnsroceallocucontext in drivers/infiniband/hw/hns/hnsrocemain.c does not initialize the resp data structure, which might allow attackers to obtain sensitive information from kernel stack memory, aka CID-df7e40425813...

CVE-2019-16921

In the Linux kernel before 4.17, hnsroceallocucontext in drivers/infiniband/hw/hns/hnsrocemain.c does not initialize the resp data structure, which might allow attackers to obtain sensitive information from kernel stack memory, aka CID-df7e40425813...

Information disclosure

In the Linux kernel before 5.2.14, rds6incinfocopy in net/rds/recv.c allows attackers to obtain sensitive information from kernel stack memory because tos and flags fields are not initialized...

CVE-2019-16714

In the Linux kernel before 5.2.14, rds6incinfocopy in net/rds/recv.c allows attackers to obtain sensitive information from kernel stack memory because tos and flags fields are not initialized...

Unspecified vulnerability in Linux kernel (CNVD-2019-38268)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A security vulnerability exists in the drivers/scsi/aacraid/commctrl.c file in versions of the Linux kernel prior to 4.13, which stems from the structure of...

Oracle Linux 6 : kernel (ELSA-2019-2473)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-2473 advisory. - x86 x86/speculation: Enable Spectre v1 swapgs mitigations Waiman Long 1724512 CVE-2019-1125 - x86 x86/speculation: Prepare entry code for Spectre v1...