Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2021-9305)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9305 advisory. - dm ioctl: fix out of bounds array access when no devices Mikulas Patocka Orabug: 32860493 CVE-2021-31916 - powerpc/64s: flush L1D after user accesses...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2021-9306)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9306 advisory. - sctp: delay autoasconf init until binding the first addr Xin Long Orabug: 32907967 CVE-2021-23133 CVE-2021-23133 - dm ioctl: fix out of bounds...

Oracle Linux 7 : Unbreakable Enterprise kernel-container (ELSA-2021-9308)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2021-9308 advisory. - dm ioctl: fix out of bounds array access when no devices Mikulas Patocka Orabug: 32860493 CVE-2021-31916 - powerpc/64s: flush L1D after user accesses...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2021-9307)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9307 advisory. - sctp: delay autoasconf init until binding the first addr Xin Long Orabug: 32907967 CVE-2021-23133 - dm ioctl: fix out of bounds array access when...

postgresql: Buffer overrun from integer overflow in array subscripting calculations

A flaw was found in postgresql. While modifying certain SQL array values, missing bounds checks let authenticated database users write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availabilit...

postgresql: Buffer overrun from integer overflow in array subscripting calculations

A flaw was found in postgresql. While modifying certain SQL array values, missing bounds checks let authenticated database users write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availabilit...

CVE-2021-25411

Improper address validation vulnerability in RKP api prior to SMR JUN-2021 Release 1 allows root privileged local attackers to write read-only kernel memory...

CVE-2021-25396

An improper input validation vulnerability in NPU firmware prior to SMR MAY-2021 Release 1 allows arbitrary memory write and code execution...

CVE-2021-25408

A possible buffer overflow vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write and code execution...

CVE-2021-25407

A possible out of bounds write vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write...

CVE-2021-25408

A possible buffer overflow vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write and code execution...

CVE-2021-25396

An improper input validation vulnerability in NPU firmware prior to SMR MAY-2021 Release 1 allows arbitrary memory write and code execution...

CVE-2021-25407

A possible out of bounds write vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write...

Input validation

An improper input validation vulnerability in NPU firmware prior to SMR MAY-2021 Release 1 allows arbitrary memory write and code execution...

Out-of-bounds

A possible out of bounds write vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write...

Buffer overflow

A possible buffer overflow vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write and code execution...

CVE-2021-25396

CVE-2021-25396 affects Samsung devices with NPU firmware prior to SMR MAY-2021 Release 1, where improper input validation enables arbitrary memory writes and code execution. Root cause is input validation weakness in the NPU firmware. Impact per CVSS indicates local access, high confidentiality/i...

CVE-2021-25396

An improper input validation vulnerability in NPU firmware prior to SMR MAY-2021 Release 1 allows arbitrary memory write and code execution...

CVE-2021-25407

A possible out of bounds write vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write...

CVE-2021-25408

A possible buffer overflow vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write and code execution...