Lucene search
K

6 matches found

OSV
OSV
added 2024/12/24 7:15 p.m.1 views

DEBIAN-CVE-2022-21505

In the linux kernel, if IMA appraisal is used with the "imaappraise=log" boot param, lockdown can be defeated with kexec on any machine when Secure Boot is disabled or unavailable. IMA prevents setting "imaappraise=log" from the boot param when Secure Boot is enabled, but this does not cover case...

6.7CVSS6.2AI score0.002EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 3:29 a.m.7 views

SUSE CVE-2022-21505

In the linux kernel, if IMA appraisal is used with the "imaappraise=log" boot param, lockdown can be defeated with kexec on any machine when Secure Boot is disabled or unavailable. IMA prevents setting "imaappraise=log" from the boot param when Secure Boot is enabled, but this does not cover case...

6.7CVSS6.9AI score0.002EPSS
Exploits0References17
OSV
OSV
added 2022/07/31 1:45 p.m.7 views

GSD-2022-1004145 lockdown: Fix kexec lockdown bypass with ima policy

lockdown: Fix kexec lockdown bypass with ima policy This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.15 by commit...

7.2AI score
Exploits0
Oracle linux
Oracle linux
added 2022/07/19 12:0 a.m.53 views

Unbreakable Enterprise kernel-container security update

5.15.0-0.30.20.1 - lockdown: Fix kexec lockdown bypass with ima policy Eric Snowberg Orabug: 34386636 CVE-2022-21505...

2.8AI score0.002EPSS
Exploits0
Oracle linux
Oracle linux
added 2022/07/19 12:0 a.m.104 views

Unbreakable Enterprise kernel-container security update

5.4.17-2136.309.5 - lockdown: Fix kexec lockdown bypass with ima policy Eric Snowberg Orabug: 34386637 CVE-2022-21505...

2.8AI score0.002EPSS
Exploits0
OSV
OSV
added 2017/08/28 8:37 p.m.5 views

USN-3405-1 linux, linux-aws, linux-gke, linux-raspi2, linux-snapdragon vulnerabilities

It was discovered that a use-after-free vulnerability existed in the POSIX message queue implementation in the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-11176 Huang Weller discovered that the ext4 filesyste...

7.8CVSS7.2AI score0.03631EPSS
Exploits8References5
Rows per page
Query Builder