CVE-2020-9804

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Catalina 10.15.5. Inserting a USB device that sends invalid messages may cause a kernel panic...

Huawei Data Communication: Integer Overflow Vulnerability in the Linux Kernel (SACK Panic) (huawei-sa-20191204-01-kernel)

Jonathan Looney discovered that the TCPSKBCBskb-tcpgsosegs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments SACKs. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyrigh...

RHEL 7 : kernel (RHSA-2020:2289)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2289 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: double free may be caused by t...

RHEL 7 : kernel (RHSA-2020:2277)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2277 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: double free may be caused by t...

Exploit for Improper Verification of Cryptographic Signature in Golang Package_Ssh

Exploit for CVE-2020-9283 This project is inspired by the o...

In Flight Entertainment System Security

Contrary to alarmist stories in the press, it really isn’t practically possible to hack an airplane from the in-flight entertainment system IFE/IFEC. The ‘C’ adds Connectivity, so internet access Whilst earlier moving map systems did take a feed from the flight management system, particularly so...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support, Red Hat Enterprise Linux 7.3 Telco Extended Update Support, and Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impac...

About the security content of macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra

About the security content of macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra This document describes the security content of macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra. About Apple security updates F...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2020-1592)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP8 : kernel (EulerOS-SA-2020-1592)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the Linux kernel's implementation of GRO. This flaw allows an attacker with local access to crash the system.CVE-2020-10720 ...

thrift: Out-of-bounds read related to TJSONProtocol or TSimpleJSONProtocol

In Apache Thrift 0.9.3 to 0.12.0, a server implemented in Go using TJSONProtocol or TSimpleJSONProtocol may panic when feed with invalid input data...

Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20200512)

Security Fixes : - Kernel: NetLabel: NULL pointer dereference while receiving CIPSO packet with null category may cause kernel panic CVE-2020-10711 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include"compat.inc"; if description scriptid136603; scriptversion"1.4";...

CVE-2019-15880

In FreeBSD 12.1-STABLE before r356911, and 12.1-RELEASE before p5, insufficient checking in the cryptodev module allocated the size of a kernel buffer based on a user-supplied length allowing an unprivileged process to trigger a kernel panic...

CVE-2019-15880

In FreeBSD 12.1-STABLE before r356911, and 12.1-RELEASE before p5, insufficient checking in the cryptodev module allocated the size of a kernel buffer based on a user-supplied length allowing an unprivileged process to trigger a kernel panic...

Buffer overflow

In FreeBSD 12.1-STABLE before r356911, and 12.1-RELEASE before p5, insufficient checking in the cryptodev module allocated the size of a kernel buffer based on a user-supplied length allowing an unprivileged process to trigger a kernel panic...

CVE-2019-15880

In FreeBSD 12.1-STABLE before r356911, and 12.1-RELEASE before p5, insufficient checking in the cryptodev module allocated the size of a kernel buffer based on a user-supplied length allowing an unprivileged process to trigger a kernel panic...

CVE-2019-15880

The CVE-2019-15880 issue affects the FreeBSD cryptodev module in 12.1-STABLE before r356911 and 12.1-RELEASE before p5. The bug arises from insufficient validation of the user-supplied MAC key length, causing the module to allocate a kernel buffer based on that length. This can allow an unprivile...

Denial Of Service (DoS)

kernel is vulnerable to denial of service. A null pointer dereference while receiving CIPSO packet with null category may cause kernel panic...

FreeBSD : FreeBSD -- Insufficient cryptodev MAC key length check (0bfcae0b-947f-11ea-92ab-00163e433440)

Requests to create cryptography sessions using a MAC did not validate the user-supplied MAC key length. The cryptodev module allocates a buffer whose size is this user-suppled length. Impact : An unprivileged process can trigger a kernel panic. C Tenable Network Security, Inc. The descriptive tex...