29 matches found
Astra Linux - уязвимость в linux
A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through version 5.9.13. Files drivers/tty/ttyio.c and drivers/tty/ttyjobctrl.c may allow a read-after-free attack on TIOCGSID, also known as CID-c8bcd9c5be24...
EUVD-2020-22018
Malware in sbrugna...
RHEL 8 : kernel-rt (RHSA-2021:4140)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4140 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...
kernel: locking inconsistency in drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c can lead to a read-after-free
A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel. A local user could use this flaw to read numerical value from memory after free...
kernel: locking inconsistency in drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c can lead to a read-after-free
A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel. A local user could use this flaw to read numerical value from memory after free...
SUSE: Security Advisory (SUSE-SU-2021:0097-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2021-9038)
The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9038 advisory. - netfilter: add and use nfhookslowlist Florian Westphal Orabug: 32372530 CVE-2021-20177 - target: fix XCOPY NAA identifier lookup David Disseldorp...
EulerOS 2.0 SP5 : kernel (EulerOS-SA-2021-1684)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - mwifiexcmd80211adhocstart in drivers/net/wireless/marvell/mwifiex/join.c in the Linux kernel through 5.10.4 might allow remote attackers to...
EulerOS Virtualization 2.9.1 : kernel (EulerOS-SA-2021-1604)
According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In doepollctl and eploopcheckproc of eventpoll.c, there is a possible use after free due to a logic error. This could lead to loc...
SUSE SLES12 Security Update : kernel (SUSE-SU-2021:0452-1)
The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2021-3347: A use-after-free was discovered in the PI futexes during fault handling, allowing local users to execute code in the kernel bnc1181349...
SUSE SLES15 Security Update : kernel (SUSE-SU-2021:0438-1)
The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2021-3348: Fixed a use-after-free in nbdaddsocket that could be triggered by local attackers with access to the nbd device via an I/O request at a certain point...
SUSE-SU-2021:0437-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-3347: A use-after-free was discovered in the PI futexes during fault handling, allowing local users to execute code in the kernel bnc1181349. -...
SUSE SLES12 Security Update : kernel (SUSE-SU-2021:0408-1)
This update for the Linux Kernel 4.4.180-94121 fixes several issues. The following security issues were fixed : CVE-2020-36158: Fixed a potential remote code execution in the Marvell mwifiex driver bsc1180562. CVE-2020-0465: Fixed multiple missing bounds checks in hid-multitouch.c that could have...
SUSE-SU-2021:0377-1 Security update for the Linux Kernel (Live Patch 9 for SLE 15 SP1)
This update for the Linux Kernel 4.12.14-19734 fixes several issues. The following security issues were fixed: - CVE-2020-36158: Fixed a potential remote code execution in the Marvell mwifiex driver bsc1180562. - CVE-2020-0465: Fixed multiple missing bounds checks in hid-multitouch.c that could...
SUSE-SU-2021:0367-1 Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP2)
This update for the Linux Kernel 5.3.18-22 fixes several issues. The following security issues were fixed: - CVE-2020-29373: Fixed an issue where kernel unsafely handles the root directory during path lookups, and thus a process inside a mount namespace can escape to unintended filesystem locatio...
SUSE-SU-2021:0362-1 Security update for the Linux Kernel (Live Patch 4 for SLE 15 SP2)
This update for the Linux Kernel 5.3.18-2424 fixes several issues. The following security issues were fixed: - CVE-2020-29373: Fixed an issue where kernel unsafely handles the root directory during path lookups, and thus a process inside a mount namespace can escape to unintended filesystem...
Oracle Linux 7 : Unbreakable Enterprise kernel-container (ELSA-2021-9039)
The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2021-9039 advisory. - target: fix XCOPY NAA identifier lookup David Disseldorp Orabug: 32248040 CVE-2020-28374 - tty: Fix -session locking Jann Horn Orabug: 32266681...
Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2021-9035)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9035 advisory. - target: fix XCOPY NAA identifier lookup David Disseldorp Orabug: 32248040 CVE-2020-28374 - tty: Fix -session locking Jann Horn Orabug: 32266681...
OracleVM 3.4 : kernel-uek (OVMSA-2021-0005)
The remote OracleVM system is missing necessary patches to address security updates: - An issue was found in Linux kernel before 5.5.4. The mwifiexcmdappendvsietlv function in drivers/net/wireless/marvell/mwifiex/scan.c allows local users to gain privileges or cause a denial of service because of...
Amazon Linux AMI : kernel (ALAS-2021-1477)
The version of kernel installed on the remote host is prior to 4.14.214-118.339. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2021-1477 advisory. In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and then making ...