SUSE-SU-2021:4119-1 Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues: - CVE-2021-4009: The handler for the CreatePointerBarrier request of the XFixes extension does not properly validate the request length leading to out of bounds memory write. bsc1190487 - CVE-2021-4011: The handlers for the...

VulnCheck KEV: CVE-2017-15303

In CPUID CPU-Z before 1.43, there is an arbitrary memory write that results directly in elevation of privileges, because any program running on the local machine while CPU-Z is running can issue an ioctl 0x9C402430 call to the kernel-mode driver e.g., cpuz141x64.sys for version 1.41...

CVE-2021-4090

An out-of-bounds OOB memory write flaw was found in the NFSD in the Linux kernel. Missing sanity may lead to a write beyond bmvalbmlen-1 in nfsd4decodebitmap4 in fs/nfsd/nfs4xdr.c. In this flaw, a local attacker with user privilege may gain access to out-of-bounds memory, leading to a system...

PT-2021-8069 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to an out-of-bounds memory write flaw in the NFSD of the Linux kernel, specifically in the nfsd4 decode bitmap4 function. This flaw may allow a local attacker with...

SUSE SLES12 Security Update : the Linux RT Kernel (SUSE-SU-2021:3992-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3992-1 advisory. - In bpfskbchangehead of filter.c, there is a possible out of bounds read due to a use after free. This could lead to local escalation of...

CVE-2021-38917

IBM PowerVM Hypervisor FW860, FW940, and FW950 could allow an attacker that gains service access to the FSP can read and write arbitrary host system memory through a series of carefully crafted service procedures. IBM X-Force ID: 210018...

CVE-2021-4090

An out-of-bounds OOB memory write flaw was found in the NFSD in the Linux kernel. Missing sanity may lead to a write beyond bmvalbmlen-1 in nfsd4decodebitmap4 in fs/nfsd/nfs4xdr.c. In this flaw, a local attacker with user privilege may gain access to out-of-bounds memory, leading to a system...

SUSE SLES15 Security Update : the Linux RT Kernel (SUSE-SU-2021:3979-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3979-1 advisory. - In bpfskbchangehead of filter.c, there is a possible out of bounds read due to a use after free. This could lead to local escalation of...

SUSE-SU-2021:3978-1 Security update for the Linux RT Kernel

The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - Unprivileged BPF has been disabled by default to reduce attack surface as too many security issues have happened in the past jscSLE-22573 You can reenable via...

CVE-2021-25518

An improper boundary check in securelog of LDFW and BL31 prior to SMR Dec-2021 Release 1 allows arbitrary memory write and code execution...

CVE-2021-25518

An improper boundary check in securelog of LDFW and BL31 prior to SMR Dec-2021 Release 1 allows arbitrary memory write and code execution...

Design/Logic Flaw

An improper boundary check in securelog of LDFW and BL31 prior to SMR Dec-2021 Release 1 allows arbitrary memory write and code execution...

CVE-2021-25518

CVE-2021-25518 affects Samsung LDFW and BL31. The issue is an improper boundary check in the secure_log before SMR Dec-2021 Release 1, enabling arbitrary memory write and code execution. Reported impact includes local access with partial confidentiality/integrity/availability implications as per ...

CVE-2021-25518

An improper boundary check in securelog of LDFW and BL31 prior to SMR Dec-2021 Release 1 allows arbitrary memory write and code execution...

PT-2021-16708 · Bl31 +1 · Bl31 +1

Name of the Vulnerable Software and Affected Versions: LDFW and BL31 versions prior to SMR Dec-2021 Release 1 Description: The issue is related to an improper boundary check in the secure log of LDFW and BL31, which allows for arbitrary memory write and code execution. Recommendations: For versio...

Samsung Ldfw 缓冲区错误漏洞

Samsung Ldfw is a loadable firmware from Samsung South Korea. A security vulnerability exists in Samsung LDFW and BL31 that stems from incorrect boundary checking of the LDFW and BL31 security logs, allowing an attacker to arbitrarily write to memory and execute code...

SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2021:3933-1)

The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3933-1 advisory. - In bpfskbchangehead of filter.c, there is a possible out of bounds read due to a use after free. This could lead to local escalation...

SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2021:3941-1)

The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3941-1 advisory. - In bpfskbchangehead of filter.c, there is a possible out of bounds read due to a use after free. This could lead to local escalation...

SUSE: Security Advisory (SUSE-SU-2021:3941-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OPENSUSE-SU-2021:3941-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - Unprivileged BPF has been disabled by default to reduce attack surface as too many security issues have happened in the past jscSLE-22573 You can reenable via...