4287 matches found
RHEL 8 : mariadb:10.3 (RHSA-2020:5663)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:5663 advisory. MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded ...
mysql: Server: Locking unspecified vulnerability (CPU Oct 2020)
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Locking. Supported versions that are affected are 5.6.49 and prior, 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...
DEBIAN-CVE-2020-27066
In xfrm6tunnelfreespi of net/ipv6/xfrm6tunnel.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID...
CVE-2020-27066
In xfrm6tunnelfreespi of net/ipv6/xfrm6tunnel.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID...
CVE-2020-27066
In xfrm6tunnelfreespi of net/ipv6/xfrm6tunnel.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID...
CVE-2020-27066
In xfrm6tunnelfreespi of net/ipv6/xfrm6tunnel.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID...
Design/Logic Flaw
In xfrm6tunnelfreespi of net/ipv6/xfrm6tunnel.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID...
CVE-2020-27066
In xfrm6tunnelfreespi of net/ipv6/xfrm6tunnel.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID...
CVE-2020-27066
In xfrm6tunnelfreespi of net/ipv6/xfrm6tunnel.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID...
CVE-2020-27035
In priorLinearAllocation of C2AllocatorIon.cpp, there is a possible use-after-free due to improper locking. This could lead to local information disclosure in the media codec with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
Design/Logic Flaw
In priorLinearAllocation of C2AllocatorIon.cpp, there is a possible use-after-free due to improper locking. This could lead to local information disclosure in the media codec with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
ALSA-2020:5500 Important: mariadb:10.3 security, bug fix, and enhancement update
MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: mariadb 10.3.27, galera 25.3.31. BZ1899082, BZ1899086 Security Fixes: mariadb: Insufficient SST method name check leading to cod...
CVE-2020-27035
CVE-2020-27035 : In Android’s media stack, specifically in priorLinearAllocation() of C2AllocatorIon.cpp, there is a possible use-after-free caused by improper locking. This can lead to local information disclosure in the media codec without additional execution privileges. Affected: Android-11. ...
CVE-2020-27035
In priorLinearAllocation of C2AllocatorIon.cpp, there is a possible use-after-free due to improper locking. This could lead to local information disclosure in the media codec with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID aka CID-c8bcd9c5be24.
...
CVE-2020-29660
A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel. A local user could use this flaw to read numerical value from memory after free. Mitigation Mitigation for this issue is either not available or the currently available options dont meet the Red Hat Product...
CVE-2020-29661
A locking vulnerability was found in the tty subsystem of the Linux kernel in drivers/tty/ttyjobctrl.c. This flaw allows a local attacker to possibly corrupt memory or escalate privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...
CVE-2020-29660
A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/ttyio.c and drivers/tty/ttyjobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24...
CVE-2020-29660
A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/ttyio.c and drivers/tty/ttyjobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24...
UBUNTU-CVE-2020-29660
A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/ttyio.c and drivers/tty/ttyjobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24...