2302 matches found
CVE-2021-4090
An out-of-bounds OOB memory write flaw was found in the NFSD in the Linux kernel. Missing sanity may lead to a write beyond bmvalbmlen-1 in nfsd4decodebitmap4 in fs/nfsd/nfs4xdr.c. In this flaw, a local attacker with user privilege may gain access to out-of-bounds memory, leading to a system...
SUSE SLES15 Security Update : the Linux RT Kernel (SUSE-SU-2021:3979-1)
The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3979-1 advisory. - In bpfskbchangehead of filter.c, there is a possible out of bounds read due to a use after free. This could lead to local escalation of...
SUSE-SU-2021:3978-1 Security update for the Linux RT Kernel
The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - Unprivileged BPF has been disabled by default to reduce attack surface as too many security issues have happened in the past jscSLE-22573 You can reenable via...
CVE-2021-25518
An improper boundary check in securelog of LDFW and BL31 prior to SMR Dec-2021 Release 1 allows arbitrary memory write and code execution...
CVE-2021-25518
An improper boundary check in securelog of LDFW and BL31 prior to SMR Dec-2021 Release 1 allows arbitrary memory write and code execution...
Design/Logic Flaw
An improper boundary check in securelog of LDFW and BL31 prior to SMR Dec-2021 Release 1 allows arbitrary memory write and code execution...
CVE-2021-25518
CVE-2021-25518 affects Samsung LDFW and BL31. The issue is an improper boundary check in the secure_log before SMR Dec-2021 Release 1, enabling arbitrary memory write and code execution. Reported impact includes local access with partial confidentiality/integrity/availability implications as per ...
CVE-2021-25518
An improper boundary check in securelog of LDFW and BL31 prior to SMR Dec-2021 Release 1 allows arbitrary memory write and code execution...
PT-2021-16708 · Bl31 +1 · Bl31 +1
Name of the Vulnerable Software and Affected Versions: LDFW and BL31 versions prior to SMR Dec-2021 Release 1 Description: The issue is related to an improper boundary check in the secure log of LDFW and BL31, which allows for arbitrary memory write and code execution. Recommendations: For versio...
Samsung Ldfw 缓冲区错误漏洞
Samsung Ldfw is a loadable firmware from Samsung South Korea. A security vulnerability exists in Samsung LDFW and BL31 that stems from incorrect boundary checking of the LDFW and BL31 security logs, allowing an attacker to arbitrarily write to memory and execute code...
SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2021:3941-1)
The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3941-1 advisory. - In bpfskbchangehead of filter.c, there is a possible out of bounds read due to a use after free. This could lead to local escalation...
SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2021:3933-1)
The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3933-1 advisory. - In bpfskbchangehead of filter.c, there is a possible out of bounds read due to a use after free. This could lead to local escalation...
SUSE: Security Advisory (SUSE-SU-2021:3941-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OPENSUSE-SU-2021:3941-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - Unprivileged BPF has been disabled by default to reduce attack surface as too many security issues have happened in the past jscSLE-22573 You can reenable via...
SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2021:3877-1)
The remote SUSE Linux SLED12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3877-1 advisory. - In bpfskbchangehead of filter.c, there is a possible out of bounds read due to a use after free. This could lead to loca...
SUSE SLES12 Security Update : kernel (SUSE-SU-2021:3848-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3848-1 advisory. - In bpfskbchangehead of filter.c, there is a possible out of bounds read due to a use after free. This could lead to local...
Security update for the Linux Kernel (important)
openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2021:3876-1 Rating: important References: 1100416 1108488 1129735 1129898 1133374 1136513 1171420 1176724 1177666 1181158 1184673 1184804 1185377 1185726 1185758 1185973 1186078 1186109 1186390 1186482...
SUSE-SU-2021:3848-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - Unprivileged BPF has been disabled by default to reduce attack surface as too many security issues have happened in the past jscSLE-22573 You can reenable...
OPENSUSE-SU-2021:3806-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 kernel for Azure was updated to receive various security and bugfixes. The following security bugs were fixed: - Unprivileged BPF has been disabled by default to reduce attack surface as too many security issues have happened in the past jscSLE-22573 You can...
MGASA-2021-0522 Updated freerdp packages fix security vulnerability
All FreeRDP clients prior to version 2.4.1 using gateway connections '/gt:rpc' fail to validate input data. A malicious gateway might allow client memory to be written out of bounds. This issue has been resolved in version 2.4.1. If you are unable to update then use /gt:http rather than /gt:rdp...