Linux Distros Unpatched Vulnerability : CVE-2020-15393

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel 4.4 through 5.7.6, usbtestdisconnect in drivers/usb/misc/usbtest.c has a memory leak, aka CID-28ebeb8db770. CVE-2020-15393 Note that Nessus...

UBUNTU-CVE-2019-18680

An issue was discovered in the Linux kernel 4.4.x before 4.4.195. There is a NULL pointer dereference in rdstcpkillsock in net/rds/tcp.c that will cause denial of service, aka CID-91573ae4aed0...

PT-2017-4328 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions 4.4.0-96.119 and later Description: A flaw in the Linux kernel's memory deduplication mechanism, specifically in the Kernel Samepage Merging KSM component, can create a side channel. This allows an attacker to potentiall...

Linux 内核通过 BPF 系统调用提权漏洞

漏洞概要 4 月 27 日有安全研究人员在 bugs.chromium.org 站点提交了本地提权高 危漏洞。 Linux 内核版本大于等于 4.4 时,当内核编译了 CONFIGBPFSYSCALL 并 且 sysctl 中的 kernel.unprivilegedbpfdisabled 没有明确设置为 1 时,无特 权的代码可以使用 bpf 系统调用加载 eBPF socket 过滤程序,从而达到系统提 权的⺫的,而前面的两个条件在最新的 Linux 发行版 Ubuntu 16.04 桌面版和 服务器版本均满足,经过测试 Kali Rolling 发行版 内核 4.4.0...