kernel security update

5.14.0-570.41.1.0.16.OL9 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys lis...

Linux Distros Unpatched Vulnerability : CVE-2018-18440

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - DENX U-Boot through 2018.09-rc1 has a locally exploitable buffer overflow via a crafted kernel image because filesystem loading is mishandled. CVE-2018-18440 No...

CVE-2024-21482 Improper Restriction of Operations within the Bounds of a Memory Buffer in Linux Boot Loader

Memory corruption during the secure boot process, when the bootm command is used, it bypasses the authentication of the kernel/rootfs image...

grub2 security update

2.02-156.0.1 - Restore correct SBAT entries - Replaced bugzilla.oracle.com references Orabug: 35475894 - efinet: Close and reopen card on failure Orabug: 35126950 - Fix CVE-2022-3775 Orabug: 34867710 - Bump SBAT metadata for grub to 3 Orabug: 34871758 - Enable signing on aarch64 - Don't try to...

[SECURITY] Fedora 38 Update: rust-linux-loader-0.11.0-1.fc38

A Linux kernel image loading crate...

Fedora: Security Advisory for rust-linux-loader (FEDORA-2024-f2305d485f)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Exploit for Double Free in Linux Linux_Kernel

This is a repository containing a proof-of-concept PoC exploit for a vulnerability in a Linux kernel module. The PoC is for CVE-2021-22600, a vulnerability in the Linux kernel's packet socket implementation that allows an attacker to bypass certain security restrictions. The exploit is implemente...

SUSE CVE-2012-2625

The PyGrub boot loader in Xen unstable before changeset 25589:60f09d1ab1fe, 4.2.x, and 4.1.x allows local para-virtualized guest users to cause a denial of service memory consumption via a large 1 bzip2 or 2 lzma compressed kernel image...

SUSE CVE-2018-18439

DENX U-Boot through 2018.09-rc1 has a remotely exploitable buffer overflow via a malicious TFTP server because TFTP traffic is mishandled. Also, local exploitation can occur via a crafted kernel image...

CVE-2022-23523 rust-vmm linux-loader vulnerable to Out-of-bounds Read

In versions prior to 0.8.1, the linux-loader crate uses the offsets and sizes provided in the ELF headers to determine the offsets to read from. If those offsets point beyond the end of the file this could lead to Virtual Machine Monitors using the linux-loader crate entering an infinite loop if...

[SECURITY] Fedora 37 Update: android-tools-33.0.3p1-1.fc37

The Android Debug Bridge ADB is used to: - keep track of all Android devices and emulators instances connected to or running on a given host developer machine - implement various control commands e.g. "adb shell", "adb pull", etc. for the benefit of clients command-line users, or helper programs...

Security fix for the ALT Linux 10 package kernel-image-std-def version 2:5.10.121-alt1

2:5.10.121-alt1 built June 15, 2022 Vitaly Chikunov in task 301677 --- June 10, 2022 Vitaly Chikunov - v5.10.121 2022-06-09. - altha: Restrict setcap binaries in nosuid mode. - v5.10.120 2022-06-06. Fixes: CVE-2022-1852, CVE-2022-1972, CVE-2022-1966. - kernel.perfeventparanoid=4 by default. -...

SUSE-SU-2022:2073-1 Security update for grub2

This update for grub2 fixes the following issues: Security fixes and hardenings for boothole 3 / boothole 2022 bsc1198581 - CVE-2021-3695: Fixed that a crafted PNG grayscale image could lead to out-of-bounds write in heap bsc1191184 - CVE-2021-3696: Fixed that a crafted PNG image could lead to...

Security fix for the ALT Linux 10 package kernel-image-std-def version 2:5.10.118-alt1

2:5.10.118-alt1 built May 30, 2022 kernelbot in task 300613 --- May 25, 2022 Kernel Bot - v5.10.118 2022-05-25. Fixes: CVE-2022-1729, CVE-2022-0854...

Security fix for the ALT Linux 10 package kernel-image-std-def version 2:5.10.110-alt1

2:5.10.110-alt1 built April 12, 2022 kernelbot in task 298105 --- April 8, 2022 Kernel Bot - v5.10.110 Fixes: CVE-2021-4034...

SysWhispers3 - AV/EDR Evasion Via Direct System Calls

SysWhispers helps with evasion by generating header/ASM files implants can use to make direct system calls. Why on earth didn't I create a PR to SysWhispers2? The reason for SysWhispers3 to be a standalone version are many, but the most important are: SysWhispers3 is the de-facto "fork" used by...

QEMU: loader: OOB access while loading registered ROM may lead to code execution

An out-of-bound write access flaw was found in the way QEMU loads ROM contents at boot time. This flaw occurs in the romcopy routine while loading the contents of a 32-bit -kernel image into memory. Running an untrusted -kernel image may load contents at arbitrary memory locations, potentially...

SysWhispers2 - AV/EDR Evasion Via Direct System Calls

SysWhispers helps with evasion by generating header/ASM files implants can use to make direct system calls. All core syscalls are supported and example generated files available in the example-output/ folder. Difference BetweenSysWhispers 1 and 2 The usage is almost identical to SysWhispers1 but...

Microsoft Windows Kernel Image Elevation of Privilege Vulnerability

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. An elevation of privilege vulnerability exists in the Microsoft Windows kernel image. The...

KB4580346: Windows 10 Version 1607 and Windows Server 2016 October 2020 Security Update

The remote Windows host is missing security update 4580346. It is, therefore, affected by multiple vulnerabilities : - A spoofing vulnerability exists when Windows incorrectly validates file signatures. An attacker who successfully exploited this vulnerability could bypass security features and...