Ubuntu 16.04 ESM : Linux kernel vulnerabilities (USN-5926-1)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5926-1 advisory. Kirill Tkhai discovered that the XFS file system implementation in the Linux kernel did not calculate size correctly when pre-allocating space in some...

USN-5926-1 linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities

Kirill Tkhai discovered that the XFS file system implementation in the Linux kernel did not calculate size correctly when pre-allocating space in some situations. A local attacker could use this to expose sensitive information. CVE-2021-4155 Lee Jones discovered that a use-after-free vulnerabilit...

USN-5926-1: Linux kernel vulnerabilities

Kirill Tkhai discovered that the XFS file system implementation in the Linux kernel did not calculate size correctly when pre-allocating space in some situations. A local attacker could use this to expose sensitive information. CVE-2021-4155 Lee Jones discovered that a use-after-free vulnerabilit...

Ubuntu: Security Advisory (USN-5915-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-5914-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5914-1 advisory. It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain...

USN-5915-1 linux-oem-6.1 vulnerabilities

It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...

USN-5914-1 linux-oem-6.0 vulnerabilities

It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...

USN-5913-1: Linux kernel (OEM) vulnerabilities

It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...

USN-5913-1 linux-oem-5.14, linux-oem-5.17 vulnerabilities

It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...

USN-5884-1 linux-aws vulnerabilities

Kirill Tkhai discovered that the XFS file system implementation in the Linux kernel did not calculate size correctly when pre-allocating space in some situations. A local attacker could use this to expose sensitive information. CVE-2021-4155 Lee Jones discovered that a use-after-free vulnerabilit...

Ubuntu 16.04 ESM : Linux kernel (AWS) vulnerabilities (USN-5884-1)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5884-1 advisory. Kirill Tkhai discovered that the XFS file system implementation in the Linux kernel did not calculate size correctly when pre-allocating space in some...

SUSE CVE-2006-3626

Race condition in Linux kernel 2.6.17.4 and earlier allows local users to gain root privileges by using prctl with PRSETDUMPABLE in a way that causes /proc/self/environ to become setuid root...

Amazon Linux 2 : kernel, --advisory ALAS2-2023-1932 (ALAS-2023-1932)

The version of kernel installed on the remote host is prior to 4.14.304-226.531. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-1932 advisory. Guests can trigger NIC interface reset/abort/crash via netback It is possible for a guest to trigger a NIC interfa...

Exploit for Externally Controlled Reference to a Resource in Another Sphere in Linux Linux_Kernel

Bypassing Spectre-BTI User Space Mitigations on Linux Th...

Exploit for Externally Controlled Reference to a Resource in Another Sphere in Linux Linux_Kernel

Bypassing Spectre-BTI User Space Mitigations on Linux Th...

UBUNTU-CVE-2023-0045

The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The ibprctlset function updates the Thread Information Flags TIFs for the task and updates the SPECCTRL MSR on the function speculationctrlupdate, but the IBPB is only issued on the next...

CVE-2023-0045

The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The ibprctlset function updates the Thread Information Flags TIFs for the task and updates the SPECCTRL MSR on the function speculationctrlupdate, but the IBPB is only issued on the next...

CVE-2022-31214

A Privilege Context Switching issue was discovered in join.c in Firejail 0.9.68. By crafting a bogus Firejail container that is accepted by the Firejail setuid-root program as a join target, a local attacker can enter an environment in which the Linux user namespace is still the initial user...

Amazon Linux 2 : kernel (ALASKERNEL-5.4-2022-013)

The version of kernel installed on the remote host is prior to 5.4.50-25.83. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2022-013 advisory. A logic bug flaw was found in the Linux kernel's implementation of SSBD. A bug in the logic handling allows a...

Important: kernel

Issue Overview: A logic bug flaw was found in the Linux kernel's implementation of SSBD. A bug in the logic handling allows an attacker with a local account to disable SSBD protection during a context switch when additional speculative execution mitigations are in place. This issue was introduced...