Lucene search
K

12 matches found

Positive Technologies
Positive Technologies
added 2023/01/09 12:0 a.m.15 views

PT-2024-11813 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability has been resolved in the Linux kernel, specifically in the net/mlx5e module, related to IPoIB and Block PKEY interfaces with less rx queues than the parent. The issue...

8.8CVSS6.8AI score0.03763EPSS
Exploits31References1967
Tenable Nessus
Tenable Nessus
added 2022/11/15 12:0 a.m.36 views

NewStart CGSL MAIN 6.02 : kernel Multiple Vulnerabilities (NS-SA-2022-0089)

The remote NewStart CGSL host, running version MAIN 6.02, has kernel packages installed that are affected by multiple vulnerabilities: - In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4putsuper in...

8.7CVSS7.4AI score0.89063EPSS
Exploits146References43
Tenable Nessus
Tenable Nessus
added 2022/05/09 12:0 a.m.34 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : kernel Multiple Vulnerabilities (NS-SA-2022-0026)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has kernel packages installed that are affected by multiple vulnerabilities: - In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device with ze...

7.8CVSS7.5AI score0.10114EPSS
Exploits11References35
Tenable Nessus
Tenable Nessus
added 2021/10/27 12:0 a.m.47 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2021-0104)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel packages installed that are affected by multiple vulnerabilities: - In the Linux kernel before 5.3.9, there are multiple out-of-bounds write bugs that can be caused by a malicious USB device in the Linux kernel HID...

7.8CVSS7.2AI score0.06692EPSS
Exploits5References17
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.32 views

SUSE: Security Advisory (SUSE-SU-2021:0354-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7AI score0.01377EPSS
Exploits3References2
RedHat Linux
RedHat Linux
added 2021/03/09 9:38 a.m.8 views

kernel: Local buffer overflow in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c

A flaw was found in the Linux kernel. A local attacker, able to inject conntrack netlink configuration, could overflow a local buffer causing crashes or triggering the use of incorrect protocol numbers in ctnetlinkparsetuplefilter in net/netfilter/nfconntracknetlink.c. The highest threat from thi...

6CVSS6.9AI score0.00566EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2021/01/04 12:0 a.m.51 views

Oracle Linux 8 : kernel (ELSA-2021-0003)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-0003 advisory. - net netfilter: ctnetlink: add a range check for l3/l4 protonum Florian Westphal 1892665 1892666 CVE-2020-25211 Tenable has extracted the preceding description...

6CVSS6.7AI score0.00566EPSS
Exploits1References2
Veracode
Veracode
added 2020/12/06 2:23 a.m.39 views

Denial Of Service (DoS)

Linux kernel is vulnerable to denial of service. Local attackers are able to inject conntrack netlink configuration to overflow a local buffer and cause a crash in ctnetlinkparsetuplefilter in net/netfilter/nfconntracknetlink.c...

6CVSS4.7AI score0.00566EPSS
Exploits1References12Affected Software5
Tenable Nessus
Tenable Nessus
added 2020/11/18 12:0 a.m.144 views

Amazon Linux AMI : kernel (ALAS-2020-1446)

The version of kernel installed on the remote host is prior to 4.14.203-116.332. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1446 advisory. In binderreleasework of binder.c, there is a possible use-after-free due to improper locking. This could lead to...

8.8CVSS7.6AI score0.07693EPSS
Exploits10References13
Prion
Prion
added 2020/09/09 4:15 p.m.39 views

Design/Logic Flaw

In the Linux kernel through 5.8.7, local attackers able to inject conntrack netlink configuration could overflow a local buffer, causing crashes or triggering use of incorrect protocol numbers in ctnetlinkparsetuplefilter in net/netfilter/nfconntracknetlink.c, aka CID-1cc5ef91d2ff...

3.6CVSS5.8AI score0.00566EPSS
Exploits1References9Affected Software3
Cvelist
Cvelist
added 2020/09/09 3:51 p.m.34 views

CVE-2020-25211

In the Linux kernel through 5.8.7, local attackers able to inject conntrack netlink configuration could overflow a local buffer, causing crashes or triggering use of incorrect protocol numbers in ctnetlinkparsetuplefilter in net/netfilter/nfconntracknetlink.c, aka CID-1cc5ef91d2ff...

6.8AI score0.00566EPSS
Exploits1References9
CVE
CVE
added 2020/09/09 3:51 p.m.373 views

CVE-2020-25211

CVE-2020-25211 describes a local vulnerability in the Linux kernel’s netfilter conntrack netlink path. A bounds check is missing in ctnetlink_parse_tuple_filter (net/netfilter/nf_conntrack_netlink.c), permitting a local attacker injecting conntrack netlink configuration to overflow a local buffer...

6CVSS6.5AI score0.00566EPSS
Exploits1References9Affected Software1
Rows per page
Query Builder