12 matches found
PT-2024-11813 · Linux +4 · Linux Kernel +4
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability has been resolved in the Linux kernel, specifically in the net/mlx5e module, related to IPoIB and Block PKEY interfaces with less rx queues than the parent. The issue...
NewStart CGSL MAIN 6.02 : kernel Multiple Vulnerabilities (NS-SA-2022-0089)
The remote NewStart CGSL host, running version MAIN 6.02, has kernel packages installed that are affected by multiple vulnerabilities: - In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4putsuper in...
NewStart CGSL CORE 5.05 / MAIN 5.05 : kernel Multiple Vulnerabilities (NS-SA-2022-0026)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has kernel packages installed that are affected by multiple vulnerabilities: - In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device with ze...
NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2021-0104)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel packages installed that are affected by multiple vulnerabilities: - In the Linux kernel before 5.3.9, there are multiple out-of-bounds write bugs that can be caused by a malicious USB device in the Linux kernel HID...
SUSE: Security Advisory (SUSE-SU-2021:0354-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
kernel: Local buffer overflow in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c
A flaw was found in the Linux kernel. A local attacker, able to inject conntrack netlink configuration, could overflow a local buffer causing crashes or triggering the use of incorrect protocol numbers in ctnetlinkparsetuplefilter in net/netfilter/nfconntracknetlink.c. The highest threat from thi...
Oracle Linux 8 : kernel (ELSA-2021-0003)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-0003 advisory. - net netfilter: ctnetlink: add a range check for l3/l4 protonum Florian Westphal 1892665 1892666 CVE-2020-25211 Tenable has extracted the preceding description...
Denial Of Service (DoS)
Linux kernel is vulnerable to denial of service. Local attackers are able to inject conntrack netlink configuration to overflow a local buffer and cause a crash in ctnetlinkparsetuplefilter in net/netfilter/nfconntracknetlink.c...
Amazon Linux AMI : kernel (ALAS-2020-1446)
The version of kernel installed on the remote host is prior to 4.14.203-116.332. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1446 advisory. In binderreleasework of binder.c, there is a possible use-after-free due to improper locking. This could lead to...
Design/Logic Flaw
In the Linux kernel through 5.8.7, local attackers able to inject conntrack netlink configuration could overflow a local buffer, causing crashes or triggering use of incorrect protocol numbers in ctnetlinkparsetuplefilter in net/netfilter/nfconntracknetlink.c, aka CID-1cc5ef91d2ff...
CVE-2020-25211
In the Linux kernel through 5.8.7, local attackers able to inject conntrack netlink configuration could overflow a local buffer, causing crashes or triggering use of incorrect protocol numbers in ctnetlinkparsetuplefilter in net/netfilter/nfconntracknetlink.c, aka CID-1cc5ef91d2ff...
CVE-2020-25211
CVE-2020-25211 describes a local vulnerability in the Linux kernel’s netfilter conntrack netlink path. A bounds check is missing in ctnetlink_parse_tuple_filter (net/netfilter/nf_conntrack_netlink.c), permitting a local attacker injecting conntrack netlink configuration to overflow a local buffer...