Ubuntu 20.04 LTS : Linux kernel (Azure) vulnerabilities (USN-5120-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5120-1 advisory. It was discovered that the f2fs file system in the Linux kernel did not properly validate metadata in some situations. An attacker could use this to...

DEBIAN-CVE-2021-41160

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. In affected versions a malicious server might trigger out of bound writes in a connected client. Connections using GDI or SurfaceCommands to send graphics updates to the client might send 0...

CVE-2021-41159

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. All FreeRDP clients prior to version 2.4.1 using gateway connections /gt:rpc fail to validate input data. A malicious gateway might allow client memory to be written out of bounds. This issue h...

CVE-2021-41159

A flaw was found in the FreeRDP client when it fails to validate input data when using gateway connections. This flaw could allow a malicious gateway to send a specially crafted input to a client leading to an out of bounds write in client memory. The highest threat from this flaw is that it coul...

Ubuntu 20.04 LTS : Linux kernel (OEM) vulnerabilities (USN-5106-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5106-1 advisory. Valentina Palmiotti discovered that the iouring subsystem in the Linux kernel could be coerced to free adjacent memory. A local attacker could use this t...

CVE-2021-25479

A possible heap-based buffer overflow vulnerability in Exynos CP Chipset prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution...

CVE-2021-25478

A possible stack-based buffer overflow vulnerability in Exynos CP Chipset prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution...

CVE-2021-25478

A possible stack-based buffer overflow vulnerability in Exynos CP Chipset prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution...

CVE-2021-25475

A possible heap-based buffer overflow vulnerability in DSP kernel driver prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution...

Heap overflow

A possible heap-based buffer overflow vulnerability in DSP kernel driver prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution...

Stack overflow

A possible stack-based buffer overflow vulnerability in Exynos CP Chipset prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution...

CVE-2021-25479

CVE-2021-25479 affects the Exynos CP Chipset. The issue is a heap-based buffer overflow in the chipset before SMR Oct-2021 Release 1, leading to arbitrary memory writes and potential code execution. The primary documented impact is memory corruption with potential device compromise; exploitation ...

CVE-2021-25478

A possible stack-based buffer overflow vulnerability in Exynos CP Chipset prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution...

CVE-2021-25475

Summary of CVE-2021-25475 : The issue is a heap-based buffer overflow in the DSP kernel driver, before Samsung SMR Oct-2021 Release 1. This flaw can lead to arbitrary memory writes and code execution within the kernel context on affected Samsung devices. Affected component: DSP kernel driver. Roo...

Samsung SMR 缓冲区错误漏洞

Samsung LTE RRC is a protocol in Samsung mobile devices.The RRC word layer has a number of functions including broadcasting of Non-Access Layer NAS-related system information, broadcasting of Access Layer AS-related system information, paging, and establishing, maintaining, and releasing the RRC...

Samsung SMR 缓冲区错误漏洞

Samsung SMR is a system patch package from Samsung South Korea. It provides patches for Samsung mobile applications. A security vulnerability exists in versions prior to Samsung SMR Oct-2021 Release 1, which stems from a possible stack-based buffer overflow in the Exynos CP Chipset that allows...

CVE-2021-41864

An out-of-bounds OOB memory write flaw was found in preallocelemsandfreelist in kernel/bpf/stackmap.c in the bpf in the Linux kernel. In this flaw, the multiplication to calculate the size could lead to an integer overflow which could allow a local attacker, with a special user privilege, to gain...

Netop Vision 缓冲区错误漏洞

Netop Vision is an application from the Danish company Netop. It provides a classroom management software. A security vulnerability in the JPEG parsing code of Netop Vision Pro 9.7.2 and prior versions can be exploited by an attacker to write to arbitrary memory, which could result in a denial of...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel (Raspberry Pi) vulnerabilities (USN-5071-3)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5071-3 advisory. It was discovered that the KVM hypervisor implementation in the Linux kernel did not properly perform reference counting in some situations,...

Ubuntu 18.04 LTS : Linux kernel (Raspberry Pi) vulnerabilities (USN-5073-3)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5073-3 advisory. Norbert Slusarek discovered that the CAN broadcast manger bcm protocol implementation in the Linux kernel did not properly initialize memory in some...