11 matches found
Bosch Infotainment ECU 安全漏洞
The Bosch Infotainment ECU is an in-car entertainment system developed by the German company Bosch. The Bosch Infotainment ECU has a security vulnerability, which stems from the lack of kernel module signature verification. This vulnerability could allow attackers to load custom kernel modules an...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002801)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002801 advisory. It was discovered in the Linux kernel before 4.11-rc8 that root can gain direct access to an internal keyring, such as '.dnsresolver' in RHEL-7 or...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003088)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003088 advisory. It was discovered in the Linux kernel before 4.11-rc8 that root can gain direct access to an internal keyring, such as '.dnsresolver' in RHEL-7 or...
SUSE-SU-2021:2599-2 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP2 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-22555: Fixed an heap out-of-bounds write in net/netfilter/xtables.c that could allow local provilege escalation. bsc1188116 - CVE-2021-3609: Fixed a...
SUSE SLES15: kernel-azure / kernel-azure-devel / kernel-devel-azure / etc (SUSE-SU-2021:2408-1)
The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2408-1 advisory. The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: -...
SUSE: Security Advisory (SUSE-SU-2021:2408-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2016-9604
It was discovered in the Linux kernel before 4.11-rc8 that root can gain direct access to an internal keyring, such as '.dnsresolver' in RHEL-7 or '.builtintrustedkeys' upstream, by joining it as its session keyring. This allows root to bypass module signature verification by adding a new public...
CVE-2016-9604
CVE-2016-9604 affects the Linux kernel prior to 4.11-rc8. A local attacker who can join the kernel session keyring can access internal keyrings (e.g., .dns_resolver, .builtin_trusted_keys) and bypass module signature verification by adding a self-generated public key to the keyring, enabling loca...
EulerOS 2.0 SP1 : kernel (EulerOS-SA-2017-1159)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The mqnotify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a...
CVE-2016-9604
It was discovered in the Linux kernel before 4.11-rc8 that root can gain direct access to an internal keyring, such as '.dnsresolver' in RHEL-7 or '.builtintrustedkeys' upstream, by joining it as its session keyring. This allows root to bypass module signature verification by adding a new public...
Design/Logic Flaw
Module::Signature before 0.74 allows remote attackers to bypass signature verification for files via a signature file that does not list the files...