The vulnerability of the relay_open function in the kernel/relay.c file of the Linux operating system, related to pointer arithmetic errors, allows attackers to cause a service failure.

The vulnerability of the relayopen function in the kernel/relay.c file of the Linux operating system is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

SUSE-SU-2021:2208-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP2 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-33200: Enforcing incorrect limits for pointer arithmetic operations by the BPF verifier could be abused to perform out-of-bounds reads and writes in...

openSUSE 15 Security Update : kernel (openSUSE-SU-2021:0873-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:0873-1 advisory. - An issue was discovered in the Linux kernel through 5.11.x. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on point...

The vulnerability of the PHP SOAP extension allows a attacker to trigger an emergency shutdown of the application.

The vulnerability of the PHP SOAP extension interpreter is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker, operating remotely, to cause the application to terminate abnormally...

The vulnerability of Xen hypervisors, related to pointer swapping errors, allows a perpetrator to cause a service failure.

The vulnerability of Xen hypervisors is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

SUSE-SU-2021:2027-1 Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-2464 fixes several issues. The following issues were fixed: - CVE-2021-33200: Enforcing incorrect limits for pointer arithmetic operations by the BPF verifier could be abused to perform out-of-bounds reads and writes in kernel memory bsc1186484. -...

SUSE-SU-2021:1975-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-33200: Enforcing incorrect limits for pointer arithmetic operations by the BPF verifier could be abused to perform out-of-bounds reads and writes ...

Scientific Linux Security Update : kernel on SL7.x x86_64 (2021:2314)

The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2021:2314-1 advisory. - kernel: Integer overflow in IntelR Graphics Drivers CVE-2020-12362 - kernel: Use after free via PI futex state CVE-2021-3347 - kernel:...

bpftool, kernel, perf, python security update

CentOS Errata and Security Advisory CESA-2021:2314 An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

SUSE SLES12 Security Update : kernel (SUSE-SU-2021:1899-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:1899-1 advisory. - The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP doesn't require that received...

SUSE: Security Advisory (SUSE-SU-2017:1389-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 7 : kernel-rt (RHSA-2021:2316)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2316 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

RHEL 7 : kernel (RHSA-2021:2314)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2314 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Integer overflow in IntelR...

SUSE SLES12 Security Update : kernel (SUSE-SU-2021:1891-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:1891-1 advisory. - The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP doesn't require th...

SUSE: Security Advisory (SUSE-SU-2021:1574-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

kernel: Speculation on pointer arithmetic against bpf_context pointer

A flaw was found in the Linux kernels eBPF verification code. By default accessing the eBPF verifier is only accessible to privileged users with CAPSYSADMIN. A local user with the ability to insert eBPF instructions can use the eBPF verifier to abuse a spectre like flaw where they can infer all...

kernel/bpf/verifier.c in the Linux kernel through 5.12.7 enforces incorrect limits for pointer arithmetic operations aka CID-bb01a1bba579. This can be abused to perform out-of-bounds reads and writes in kernel memory leading to local privilege escalation to root. In particular there is a corner case where the off reg causes a masking direction change which then results in an incorrect final aux->alu_limit.

...

Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.10.41 and fixes at least the following security issues: A double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash...

Updated kernel-linus packages fix security vulnerability

This kernel-linus update is based on upstream 5.10.41 and fixes at least the following security issue: kernel/bpf/verifier.c in the Linux kernel through 5.12.7 enforces incorrect limits for pointer arithmetic operations. This can be abused to perform out-of-bounds reads and writes in kernel memor...

MGASA-2021-0225 Updated kernel-linus packages fix security vulnerability

This kernel-linus update is based on upstream 5.10.41 and fixes at least the following security issue: kernel/bpf/verifier.c in the Linux kernel through 5.12.7 enforces incorrect limits for pointer arithmetic operations. This can be abused to perform out-of-bounds reads and writes in kernel memor...