19 matches found
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003730)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003730 advisory. In arch/x86/lib/insn-eval.c in the Linux kernel before 5.1.9, there is a use-after-free for access to an LDT entry because of a race condition between modifyldt and ...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002253)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002253 advisory. The dodoublefault function in arch/x86/kernel/traps.c in the Linux kernel through 3.17.4 does not properly handle faults associated with the Stack Segment SS segment...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000851)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000851 advisory. The dodoublefault function in arch/x86/kernel/traps.c in the Linux kernel through 3.17.4 does not properly handle faults associated with the Stack Segment SS segment...
EUVD-2014-8916
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2014-9090
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The dodoublefault function in arch/x86/kernel/traps.c in the Linux kernel through 3.17.4 does not properly handle faults associated with the Stack Segment SS...
kernel: use-after-free in arch/x86/lib/insn-eval.c
A vulnerability was found in the arch/x86/lib/insn-eval.c function in the Linux kernel. An attacker could corrupt the memory due to a flaw in use-after-free access to an LDT entry caused by a race condition between modifyldt and a BR exception for an MPX bounds violation...
kernel: use-after-free in arch/x86/lib/insn-eval.c
A vulnerability was found in the arch/x86/lib/insn-eval.c function in the Linux kernel. An attacker could corrupt the memory due to a flaw in use-after-free access to an LDT entry caused by a race condition between modifyldt and a BR exception for an MPX bounds violation...
kernel: use-after-free in arch/x86/lib/insn-eval.c
A vulnerability was found in the arch/x86/lib/insn-eval.c function in the Linux kernel. An attacker could corrupt the memory due to a flaw in use-after-free access to an LDT entry caused by a race condition between modifyldt and a BR exception for an MPX bounds violation...
CVE-2019-13233
In arch/x86/lib/insn-eval.c in the Linux kernel before 5.1.9, there is a use-after-free for access to an LDT entry because of a race condition between modifyldt and a BR exception for an MPX bounds violation...
Linux - Use-After-Free via race Between modify_ldt() and #BR Exception Exploit
/ When a BR exception is raised because of an MPX bounds violation, Linux parses the faulting instruction and computes the linear address of its memory operand. If the userspace instruction is in 32-bit code, this involves looking up the correct segment descriptor and adding the segment offset to...
Linux - Use-After-Free via race Between modify_ldt() and #BR Exception
/ When a BR exception is raised because of an MPX bounds violation, Linux parses the faulting instruction and computes the linear address of its memory operand. If the userspace instruction is in 32-bit code, this involves looking up the correct segment descriptor and adding the segment offset to...
Linux - Use-After-Free via race Between modify_ldt() and #BR Exception
Linux - Use-After-Free via race Between modifyldt and BR Exception / When a BR exception is raised because of an MPX bounds violation, Linux parses the faulting instruction and computes the linear address of its memory operand. If the userspace instruction is in 32-bit code, this involves looking...
Linux Kernel - espfix64 Nested NMIs Interrupting Privilege Escalation
Linux Kernel - espfix64 Nested NMIs Interrupting Privilege Escalation / +++++ CVE-2015-3290 +++++ High impact NMI bug on x8664 systems 3.13 and newer, embargoed. Also fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9b6e6a8334d56354853f9c255d1395c2ba570e0a The...
Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2014-3107)
The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-3107 advisory. - isofs: Fix unbounded recursion when processing relocated directories Jan Kara Orabug: 20224060 CVE-2014-5471 CVE-2014-5472 Tenable has extracted...
Amazon Linux AMI : kernel (ALAS-2014-455)
The sctpprocessparam function in net/sctp/smmakechunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service NULL pointer dereference and system crash via a malformed INIT chunk. CVE-2014-7841 The pivotroot...
DEBIAN-CVE-2014-9090
The dodoublefault function in arch/x86/kernel/traps.c in the Linux kernel through 3.17.4 does not properly handle faults associated with the Stack Segment SS segment register, which allows local users to cause a denial of service panic via a modifyldt system call, as demonstrated by sigreturn32 i...
CVE-2014-9090
The dodoublefault function in arch/x86/kernel/traps.c in the Linux kernel through 3.17.4 does not properly handle faults associated with the Stack Segment SS segment register, which allows local users to cause a denial of service panic via a modifyldt system call, as demonstrated by sigreturn32 i...
CVE-2014-9090
The dodoublefault function in arch/x86/kernel/traps.c in the Linux kernel through 3.17.4 does not properly handle faults associated with the Stack Segment SS segment register, which allows local users to cause a denial of service panic via a modifyldt system call, as demonstrated by sigreturn32 i...
CVE-2014-9090
The dodoublefault function in arch/x86/kernel/traps.c in the Linux kernel through 3.17.4 does not properly handle faults associated with the Stack Segment SS segment register, which allows local users to cause a denial of service panic via a modifyldt system call, as demonstrated by sigreturn32 i...