Linux kernel array index out-of-bounds vulnerability

Linux kernel is a computer operating system kernel written in C and assembly language, POSIX-compliant, and distributed under the GNU General Public License. detachcapictr function in drivers/isdn/capi/kcapi.c in versions of Linux kernel prior to 5.14.15 is vulnerable to array index out-of-bounds...

Vulnerability fixed in Juniper Junos OS

Juniper has fixed a vulnerability in Junos OS on the QFX5000 Series. The vulnerability results in potentially sensitive system information, including kernel versions, being leaked in communication between the routing engine and the packet forwarding engine. A malicious person with access to the...

CVE-2021-3653

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided by the L1 guest to spawn/handle a nested guest L2. Due to improper validation of the "intctl" field, this issue could allow a malicious ...

Network Time Protocol (NTP) Mode 6 Query Response Check (UDP)

Services which are supporting the Network Time Protocol NTP and respond to Mode 6 queries are prone to an information disclosure and might be misused for Distributed Denial of Service DDoS attacks. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenc...

DEBIAN-CVE-2021-21781

An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54. The latest version 5.11-rc4 seems to still be vulnerable. A userland application can read the contents of the sigpage, which can leak kernel memory contents. An attacker can read a...

UBUNTU-CVE-2021-21781

An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54. The latest version 5.11-rc4 seems to still be vulnerable. A userland application can read the contents of the sigpage, which can leak kernel memory contents. An attacker can read a...

Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2021-9419)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9419 advisory. - KVM: nSVM: always intercept VMLOAD/VMSAVE when nested Maxim Levitsky Orabug: 33205367 CVE-2021-3656 CVE-2021-3656 Tenable has extracted the preceding...

AZL-6591 CVE-2021-38207 affecting package kernel for versions less than 5.10.78.1-1

drivers/net/ethernet/xilinx/lltemacmain.c in the Linux kernel before 5.12.13 allows remote attackers to cause a denial of service buffer overflow and lockup by sending heavy network traffic for about ten minutes...

OESA-2021-1293 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: fs/seqfile.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka...

AZL-6578 CVE-2021-37159 affecting package kernel for versions less than 5.15.2.1-1

hsofreenetdevice in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregisternetdev without checking for the NETREGREGISTERED state, leading to a use-after-free and a double free...

SAP NetWeaver AS ABAP 缓冲区错误漏洞

SAP NetWeaver AS is a SAP network application server from SAP. It not only provides web services, but is also the basic platform for SAP software. A security vulnerability exists in SAP NetWeaver AS ABAP and ABAP Platform, which stems from a memory corruption vulnerability in the product. KRNL64N...

AZL-6570 CVE-2021-35039 affecting package kernel for versions less than 5.10.78.1-1

kernel/module.c in the Linux kernel before 5.12.14 mishandles Signature Verification, aka CID-0c18f29aae7c. Without CONFIGMODULESIG, verification that a kernel module is signed, for loading via initmodule, does not occur for a module.sigenforce=1 command-line argument...

CVE-2021-3564

A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system. This flaw affects all the Linux kernel versions starting from 3.13...

UBUNTU-CVE-2021-3564

A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system. This flaw affects all the Linux kernel versions starting from 3.13...

CVE-2021-3573

A use-after-free in function hcisockboundioctl of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hciunregisterdev together with one of the calls hcisockblacklistadd, hcisockblacklistdel, hcigetconninfo,...

AZL-31148 CVE-2020-27815 affecting package kernel for versions less than 5.15.135.1-2

A flaw was found in the JFS filesystem code in the Linux Kernel which allows a local attacker with the ability to set extended attributes to panic the system, causing memory corruption or escalating privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well a...

AZL-6531 CVE-2021-23134 affecting package kernel for versions less than 5.10.78.1-1

Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges. In typical configurations, the issue can only be triggered by a privileged local user with the CAPNETRAW capability...

AZL-6560 CVE-2021-32399 affecting package kernel for versions less than 5.10.78.1-1

net/bluetooth/hcirequest.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller...

AZL-6534 CVE-2021-27365 affecting package kernel for versions less than 5.10.78.1-1

An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or checks, and can exceed the PAGESIZE value. An unprivileged user can send a Netlink message that is associated with iSCSI, and has a length up to the maximum leng...

UBUNTU-CVE-2021-26934

An issue was discovered in the Linux kernel 4.18 through 5.10.16, as used by Xen. The backend allocation aka be-alloc mode of the drmxenfront drivers was not meant to be a supported configuration, but this wasn't stated accordingly in its support status entry...