EUVD-2025-60984

Due to insufficient validation of connection property values, the SAP HANA JDBC Client allows a high-privilege locally authenticated user to supply crafted parameters that lead to unauthorized code loading, resulting in low impact on confidentiality and integrity and high impact on availability o...

kernel: Information disclosure in vhost/vhost.c:vhost_new_msg()

A vulnerability was found in vhostnewmsg in drivers/vhost/vhost.c in the Linux kernel, which does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhostnewmsg function. This issue can allow local privileged users to read...

SUSE CVE-2021-3679

A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users with CAPSYSADMIN capability could use this flaw to starve the resources causing denial of service...

CVE-2021-33069

Improper resource shutdown or release in firmware for some IntelR SSD, IntelR SSD DC, IntelR OptaneTM SSD and IntelR OptaneTM SSD DC may allow a privileged user to potentially enable denial of service via local access...

Debian DLA-2843-1 : linux - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2843 advisory. - Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached dccpshctxccid object as a listene...

kernel: DoS in rb_per_cpu_empty()

A lack of CPU resources in the Linux kernel tracing module functionality was found in the way users use the trace ring buffer in specific way. Only privileged local users with CAPSYSADMIN capability could use this flaw to starve the resources causing denial of service...

Security update for the Linux Kernel (important)

openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2021:3205-1 Rating: important References: 1040364 1127650 1135481 1152489 1160010 1168202 1171420 1174969 1175052 1175543 1177399 1180100 1180141 1180347 1181006 1181148 1181972 1184180 1185902 1186264...

A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.

...

AZL-6577 CVE-2021-3679 affecting package kernel for versions less than 5.10.78.1-1

A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users with CAPSYSADMIN capability could use this flaw to starve the resources causing denial of service...

CVE-2020-12372

Unchecked return value in some IntelR Graphics Drivers before version 26.20.100.8141 may allow a privileged user to potentially enable a denial of service via local access...

CVE-2018-18653

The Linux kernel, as used in Ubuntu 18.10 and when booted with UEFI Secure Boot enabled, allows privileged local users to bypass intended Secure Boot restrictions and execute untrusted code by loading arbitrary kernel modules. This occurs because a modified kernel/module.c, in conjunction with...

CVE-2018-18653

The Linux kernel, as used in Ubuntu 18.10 and when booted with UEFI Secure Boot enabled, allows privileged local users to bypass intended Secure Boot restrictions and execute untrusted code by loading arbitrary kernel modules. This occurs because a modified kernel/module.c, in conjunction with...

QEMU: cirrus: OOB access when updating VGA display

Quick Emulator aka QEMU, when built with the Cirrus CLGD 54xx VGA Emulator support, allows local guest OS privileged users to cause a denial of service out-of-bounds access and QEMU process crash by leveraging incorrect region calculation when updating VGA display...

Race condition

Absolute Computrace Agent, as distributed on certain Dell Inspiron systems through 2009, has a race condition with the Dell Client Configuration Utility DCCU, which allows privileged local users to change Computrace Agent's activation/deactivation status to the factory default via a crafted...

CVE-2009-5152

Absolute Computrace Agent, as distributed on certain Dell Inspiron systems through 2009, has a race condition with the Dell Client Configuration Utility DCCU, which allows privileged local users to change Computrace Agent's activation/deactivation status to the factory default via a crafted...

CVE-2017-5669

The doshmat function in ipc/shm.c in the Linux kernel, through 4.9.12, does not restrict the address calculated by a certain rounding operation. This allows privileged local users to map page zero and, consequently, bypass a protection mechanism that exists for the mmap system call. This is...

UBUNTU-CVE-2015-7549

The MSI-X MMIO support in hw/pci/msix.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service NULL pointer dereference and QEMU process crash by leveraging failure to define the .write method...