7 matches found
SUSE CVE-2020-26560
Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, reflecting the authentication evidence from a Provisioner, to complete authentication without possessing the AuthValue, and potentially acquire a NetKey and AppKey...
Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2022-26385)
The remote Oracle Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-26385 advisory. - A vulnerability was found in the pfkeyregister function in net/key/afkey.c in the Linux kernel. This flaw allows a local, unprivileged user to gain acces...
Ubuntu 16.04 ESM / 18.04 LTS : Linux kernel vulnerabilities (USN-5515-1)
The remote Ubuntu 16.04 ESM / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5515-1 advisory. Eric Biederman discovered that the cgroup process migration implementation in the Linux kernel did not perform permission checks correctly in...
The vulnerability of the pfkey_register function in the Linux operating system’s kernel allows a perpetrator to gain unauthorized access to protected information or cause service failures.
The vulnerability of the pfkeyregister function in the Linux kernel’s net/key/afkey.c file is related to the exposure of sensitive information. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information or cause service failures...
AZL-9646 CVE-2022-1353 affecting package kernel for versions less than 5.15.37.1-2
A vulnerability was found in the pfkeyregister function in net/key/afkey.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information...
CVE-2013-2237
CVE-2013-2237 affects the Linux kernel prior to 3.9. The vulnerability arises because key_notify_policy_flush in net/key/af_key.c does not initialize a certain structure member, enabling local attackers to read kernel heap memory via a broadcast message on the IPSec key_socket notify_policy inter...
CVE-2013-2234
CVE-2013-2234: In the Linux kernel (net/key/af_key.c), the functions key_notify_sa_flush and key_notify_policy_flush do not initialize certain structure members in versions before 3.10, allowing local users to read sensitive information from kernel heap memory via a broadcast message on the IPSec...