769 matches found
USN-5092-3 linux-azure, linux-azure-5.11 regression
USN-5092-2 fixed vulnerabilities in Linux 5.11-based kernels. Unfortunately, for Linux kernels intended for use within Microsoft Azure environments, that update introduced a regression that could cause the kernel to fail to boot in large Azure instance types. This update fixes the problem. We...
Netfilter x_tables Heap OOB Write Privilege Escalation
A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/xtables.c. This allows an attacker to gain privileges or cause a DoS via heap memory corruption through user name space. Kernels up to 5.11 including are vulnerable. More information about vulnerable...
GHSA-V82P-HV3V-P6QP Incomplete validation in MKL requantization
Impact Due to incomplete validation in MKL implementation of requantization, an attacker can trigger undefined behavior via binding a reference to a null pointer or can access data outside the bounds of heap allocated arrays: python import tensorflow as tf tf.rawops.RequantizationRangePerChannel...
microcode_ctl security, bug fix and enhancement update
4:20210216-1.20210608.0.1 - add support for UEK6 kernels - enable early update for 06-4f-01 - remove no longer appropriate caveats for 06-2d-07 and 06-55-04 - enable early and late load on RHCK 4:20210216-1.20210608.1 - Update Intel CPU microcode to microcode-20210608 release: - Fixes in...
AZL-6566 CVE-2021-34556 affecting package kernel for versions less than 5.10.78.1-1
In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects the possibility of uninitialized memory locations on the BPF stack...
Advisory ROSA-SA-2021-1859
Software: kernel 3.10.0 OS: Cobalt 7.9 CVE-ID: CVE-2020-10751 CVE-Crit: MEDIUM CVE-DESC: A bug was discovered in the implementation of the SELinux LSM trap in Linux kernels prior to version 5.7, where it was incorrectly assumed that skb would only contain a single netlink message. The trap...
Design/Logic Flaw
x86: Speculative vulnerabilities with bare non-shim 32-bit PV guests 32-bit x86 PV guest kernels run in ring 1. At the time when Xen was developed, this area of the i386 architecture was rarely used, which is why Xen was able to use it to implement paravirtualisation, Xen's novel approach to...
CVE-2021-3491
The iouring subsystem in the Linux kernel allowed the MAXRWCOUNT limit to be bypassed in the PROVIDEBUFFERS operation, which led to negative values being usedin memrw when reading /proc//mem. This could be used to create a heap overflow leading to arbitrary code execution in the kernel. It was...
Out-of-bounds
The eBPF ALU32 bounds tracking for bitwise ops AND, OR and XOR in the Linux kernel did not properly update 32-bit bounds, which could be turned into out of bounds reads and writes in the Linux kernel and therefore, arbitrary code execution. This issue was fixed via commit 049c4e13714e "bpf: Fix...
CVE-2021-3491 Linux kernel io_uring PROVIDE_BUFFERS MAX_RW_COUNT bypass
The iouring subsystem in the Linux kernel allowed the MAXRWCOUNT limit to be bypassed in the PROVIDEBUFFERS operation, which led to negative values being usedin memrw when reading /proc//mem. This could be used to create a heap overflow leading to arbitrary code execution in the kernel. It was...
CVE-2021-3490 Linux kernel eBPF bitwise ops ALU32 bounds tracking
The eBPF ALU32 bounds tracking for bitwise ops AND, OR and XOR in the Linux kernel did not properly update 32-bit bounds, which could be turned into out of bounds reads and writes in the Linux kernel and therefore, arbitrary code execution. This issue was fixed via commit 049c4e13714e "bpf: Fix...
CVE-2020-10774
A memory disclosure flaw was found in the Linux kernel's versions before 4.18.0-193.el8 in the sysctl subsystem when reading the /proc/sys/kernel/rhfeatures file. This flaw allows a local user to read uninitialized values from the kernel memory. The highest threat from this vulnerability is to...
glibc security, bug fix, and enhancement update
2.28-151.0.1.el84 - merge RH patches for ol8-u4 release Review-exception: Patch merge - Provide glibc.pthread.mutexspincount tunable for pthread adaptive - spin mutex Orabug: 27982358. Reviewed-by: Qing Zhao - add Ampere emag to tunable cpu list Patrick McGehearty - add optimized memset for emag ...
CVE-2020-24588
A flaw was found in the Linux kernels wifi implementation. An attacker within wireless broadcast range can inject custom data into the wireless communication circumventing checks on the data. This can cause the frame to pass checks and be considered a valid frame of a different type. Mitigation...
UBUNTU-CVE-2021-3490
The eBPF ALU32 bounds tracking for bitwise ops AND, OR and XOR in the Linux kernel did not properly update 32-bit bounds, which could be turned into out of bounds reads and writes in the Linux kernel and therefore, arbitrary code execution. This issue was fixed via commit 049c4e13714e "bpf: Fix...
UBUNTU-CVE-2021-3489
The eBPF RINGBUF bpfringbufreserve function in the Linux kernel did not check that the allocated size was smaller than the ringbuf size, allowing an attacker to perform out-of-bounds writes within the kernel and therefore, arbitrary code execution. This issue was fixed via commit 4b81ccebaeee "bp...
Updated nvidia-current packages fix security vulnerabilities
Updated nvidia-current packages fix security vulnerabilities: NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer nvidia.ko where improper access control may lead to denial of service, information disclosure, or data corruption CVE-2021-1076. NVIDIA GPU Display...
Updated nvidia390 packages fix security vulnerabilities
Updated nvidia390 packages fix security vulnerabilities: NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer nvidia.ko where improper access control may lead to denial of service, information disclosure, or data corruption CVE-2021-1076. It also fixes a bug where...
MGASA-2021-0202 Updated nvidia390 packages fix security vulnerabilities
Updated nvidia390 packages fix security vulnerabilities: NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer nvidia.ko where improper access control may lead to denial of service, information disclosure, or data corruption CVE-2021-1076. It also fixes a bug where...
MGASA-2021-0203 Updated nvidia-current packages fix security vulnerabilities
Updated nvidia-current packages fix security vulnerabilities: NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer nvidia.ko where improper access control may lead to denial of service, information disclosure, or data corruption CVE-2021-1076. NVIDIA GPU Display...