GSD-2021-1001237 KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow

KVM: PPC: Book3S: Fix HRTAS rets buffer overflow This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.54 by commit...

UVI-2021-1001199 iommu/arm-smmu: Fix arm_smmu_device refcount leak when arm_smmu_rpm_get fails

iommu/arm-smmu: Fix armsmmudevice refcount leak when armsmmurpmget fails This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.13.4 by commit...

GSD-2021-1001104 cfg80211: call cfg80211_leave_ocb when switching away from OCB

cfg80211: call cfg80211leaveocb when switching away from OCB This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.238 by commit...

UVI-2021-1001055 net: ipv4: fix memory leak in netlbl_cipsov4_add_std

net: ipv4: fix memory leak in netlblcipsov4addstd This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.13 by commit...

GSD-2021-1001034 usb: typec: tcpm: cancel vdm and state machine hrtimer when unregister tcpm port

usb: typec: tcpm: cancel vdm and state machine hrtimer when unregister tcpm port This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.11 by...

UVI-2021-1000818 mm, hugetlb: fix simple resv_huge_pages underflow on UFFDIO_COPY

mm, hugetlb: fix simple resvhugepages underflow on UFFDIOCOPY This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.10 by commit...

GSD-2021-1000608 iio: adc: ad7124: Fix potential overflow due to non sequential channel numbers

iio: adc: ad7124: Fix potential overflow due to non sequential channel numbers This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.42 by commi...

GSD-2021-1000334 dmaengine: idxd: Fix potential null dereference on pointer status

dmaengine: idxd: Fix potential null dereference on pointer status This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.38 by commit...

GSD-2021-1000203 hfsplus: prevent corruption in shrinking truncate

hfsplus: prevent corruption in shrinking truncate This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.5 by commit...

SUSE: Security Advisory (SUSE-SU-2019:2829-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 7 : kernel (RHSA-2020:2664)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:2664 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: Kernel: vfio: access to disabled MMIO space of...

CVE-2018-11995

In all android releasesAndroid for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, a partition name-check variable is not reset for every iteration which may cause improper termination in the META image...

Heap overflow

In all android releasesAndroid for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, existing checks in place on partition size are incomplete and can lead to heap overwrite vulnerabilities while loading a secure application from the boot loader...

CVE-2018-5823

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, improper buffer length validation in extscan hotlist event can lead to potential buffer overflow...

Design/Logic Flaw

sound/core/seqdevice.c in the Linux kernel before 4.13.4 allows local users to cause a denial of service sndrawmididevseqfree use-after-free and system crash or possibly have unspecified other impact via a crafted USB device...

[SECURITY] Fedora 22 Update: strongswan-5.3.2-1.fc22

The strongSwan IPsec implementation supports both the IKEv1 and IKEv2 key exchange protocols in conjunction with the native NETKEY IPsec stack of the Linux kernel...

RedHat Security Advisory RHSA-2009:1522

The remote host is missing updates announced in advisory RHSA-2009:1522. The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: multiple, missing initialization flaws were found in the Linux kernel. Padding data in...

USN-793-1: Linux kernel vulnerabilities

Igor Zhbanov discovered that NFS clients were able to create device nodes even when rootsquash was enabled. An authenticated remote attacker could create device nodes with open permissions, leading to a loss of privacy or escalation of privileges. Only Ubuntu 8.10 and 9.04 were affected...

RedHat Security Advisory RHSA-2009:0373

The remote host is missing updates announced in advisory RHSA-2009:0373. SystemTap is an instrumentation infrastructure for systems running version 2.6 of the Linux kernel. SystemTap scripts can collect system operations data, greatly simplifying information gathering. Collected data can then...

CVE-2007-1496

nfnetlinklog in netfilter in the Linux kernel before 2.6.20.3 allows attackers to cause a denial of service crash via unspecified vectors involving the 1 nfulnlrecvconfig function, 2 using "multiple packets per netlink message", and 3 bridged packets, which trigger a NULL pointer dereference...