75 matches found
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel. The vulnerability originates from the fact that when the "kernel IBT no ENDBR" self-test is triggered in the x86/fred modul...
CLSA-2024-1733483766 Fix of 9 CVEs
CVE-url: https://ubuntu.com/security/CVE-2024-49992 - drm: remove all control node code - drm: add managed resources tied to drmdevice - drm: Set finalkfree in drmdevalloc - drm/plane: add drmmuniversalplanealloc - drm: Handle dev-unique with drmm - drm: Use drmm for drmdevinit cleanup - drm:...
kprobes/x86: Use copy_from_kernel_nofault() to read from unsafe address
...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a fixed MTRRs existence checking vulnerability in the x86/mtrr component...
DEBIAN-CVE-2022-48845
In the Linux kernel, the following vulnerability has been resolved: MIPS: smp: fill in sibling and core maps earlier After enabling CONFIGSCHEDCORE landed during 5.14 cycle, 2-core 2-thread-per-core interAptiv CPS-driven started emitting the following: 0.025698 CPU1 revision is: 0001a120 MIPS...
CVE-2023-50434
CVE-2023-50434 affects emdns: emdns_resolve_raw in emdns.c may call strlen on non-terminated input, causing a stack-based buffer over-read. Exploitation is possible over the network via DNS requests to the emdns server; impact varies by libraries, compiler, and architecture. Code before be565c3 i...
CVE-2023-50434
emdnsresolveraw in emdns.c in emdns through fbd1eef calls strlen with an input that may not be '\0' terminated, leading to a stack-based buffer over-read. This can be triggered by a remote adversary that can send DNS requests to the emdns server. The impact could vary depending on the system...
CVE-2023-50434
emdnsresolveraw in emdns.c in emdns through fbd1eef calls strlen with an input that may not be '\0' terminated, leading to a stack-based buffer over-read. This can be triggered by a remote adversary that can send DNS requests to the emdns server. The impact could vary depending on the system...
CVE-2024-26841
In the Linux kernel, the following vulnerability has been resolved: LoongArch: Update cpusiblingmap when disabling nonboot CPUs Update cpusiblingmap when disabling nonboot CPUs by defining & calling clearcpusiblingmap, otherwise we get such errors on SMT systems: jump label: negative count!...
CLSA-2023-1693333574 Fix of 12 CVEs
CVE-url: https://ubuntu.com/security/CVE-2023-4128 - net/sched: clsu32: No longer copy tcfresult on update to avoid use-after- free - net/sched: clsfw: No longer copy tcfresult on update to avoid use-after- free - net/sched: clsroute: No longer copy tcfresult on update to avoid use- after-free...
sudo -- Potential out-of-bounds write for small passwords
CVE.org reports: Sudo 1.8.0 through 1.9.12, with the crypt password backend, contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that can result in a heap-based buffer over-read. This can be triggered by arbitrary local users with access to sudo by entering a password of seven...
CVE-2022-43995
Sudo 1.8.0 through 1.9.12, with the crypt password backend, contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that can result in a heap-based buffer over-read. This can be triggered by arbitrary local users with access to Sudo by entering a password of seven characters or fewer...
Heap overflow
Sudo 1.8.0 through 1.9.12, with the crypt password backend, contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that can result in a heap-based buffer over-read. This can be triggered by arbitrary local users with access to Sudo by entering a password of seven characters or fewer...
CVE-2022-43995
Sudo 1.8.0 through 1.9.12, with the crypt password backend, contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that can result in a heap-based buffer over-read. This can be triggered by arbitrary local users with access to Sudo by entering a password of seven characters or fewer...
CVE-2022-43995
Sudo 1.8.0 through 1.9.12, with the crypt password backend, contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that can result in a heap-based buffer over-read. This can be triggered by arbitrary local users with access to Sudo by entering a password of seven characters or fewer...
openssl: AES OCB fails to encrypt some bytes
AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimized implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption...
ALPINE-CVE-2021-28709
issues with partially successful P2M updates on x86 This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. x86 HVM and PVH guests may be started in populate-on-demand PoD mode, to provide a way for them to later easily have...
CVE-2020-26970
When reading SMTP server status codes, Thunderbird writes an integer value to a position on the stack that is intended to contain just one byte. Depending on processor architecture and stack layout, this leads to stack corruption that may be exploitable. This vulnerability affects Thunderbird...
hw: Fast forward store predictor
A flaw was found in the CPU microarchitecture where a local attacker is able to abuse a timing issue which may allow them to infer internal architectural state from previous executions on the CPU...
Sodin ransomware exploits Windows vulnerability and processor architecture
When Sodin also known as Sodinokibi and REvil appeared in the first half of 2019, it immediately caught our attention for distributing itself through an Oracle Weblogic vulnerability and carrying out attacks on MSP providers. In a detailed analysis, we discovered that it also exploits the...