17 matches found
EUVD-2015-8044
Malware in sbrugna...
SUSE SLES15 Security Update : kernel (Live Patch 47 for SLE 15 SP2) (SUSE-SU-2024:4263-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:4263-1 advisory. This update for the Linux Kernel 5.3.18-15020024188 fixes several issues. The following security issues were fixed: - CVE-2024-36904: tcp: Use...
SUSE-SU-2024:4250-1 Security update for the Linux Kernel (Live Patch 48 for SLE 15 SP2)
This update for the Linux Kernel 5.3.18-15020024191 fixes several issues. The following security issues were fixed: - CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. - CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. - CVE-2021-47600: dm btree remove: fix us...
SUSE-SU-2024:4235-1 Security update for the Linux Kernel (Live Patch 25 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024116 fixes several issues. The following security issues were fixed: - CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. - CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. - CVE-2024-35905: Fixed int overflow for...
SUSE-SU-2024:3706-1 Security update for the Linux Kernel (Live Patch 7 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005536 fixes several issues. The following security issues were fixed: - CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. - CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfochangednotify bsc1225739. -...
SUSE-SU-2024:3695-1 Security update for the Linux Kernel (Live Patch 24 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024111 fixes several issues. The following security issues were fixed: - CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. - CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfochangednotify bsc1225739. -...
SUSE-SU-2024:3690-1 Security update for the Linux Kernel (Live Patch 36 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059133 fixes several issues. The following security issues were fixed: - CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. - CVE-2021-47291: ipv6: fix another slab-out-of-bounds in fib6nhflushexceptions bsc1227651. -...
SUSE-SU-2024:3687-1 Security update for the Linux Kernel (Live Patch 48 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122176 fixes several issues. The following security issues were fixed: - CVE-2024-41059: hfsplus: fix uninit-value in copyname bsc1228573. - CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 bsc1226325...
SUSE-SU-2024:3652-1 Security update for the Linux Kernel (Live Patch 43 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059158 fixes several issues. The following security issues were fixed: - CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. - CVE-2021-47291: ipv6: fix another slab-out-of-bounds in fib6nhflushexceptions bsc1227651. -...
SUSE-SU-2024:3643-1 Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-1504002492 fixes several issues. The following security issues were fixed: - CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. - CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfochangednotify bsc1225739. -...
SUSE CVE-2024-36964
In the Linux kernel, the following vulnerability has been resolved: fs/9p: only translate RWX permissions for plain 9P2000 Garbage in plain 9P2000's perm bits is allowed through, which causes it to be able to set among others the suid bit. This was presumably not the intent since the unix extende...
New Mockingjay Process Injection Technique Could Let Malware Evade Detection
A new process injection technique dubbed Mockingjay could be exploited by threat actors to bypass security solutions to execute malicious code on compromised systems. "The injection is executed without space allocation, setting permissions or even starting a thread," Security Joes researchers...
Hardcoded credentials
The SysPlant.sys driver in the Application and Device Control ADC component in the client in Symantec Endpoint Protection SEP 12.1 before RU6-MP4 allows remote attackers to execute arbitrary code via a crafted HTML document, related to "RWX Permissions."...
CVE-2015-8154
Symantec Endpoint Protection Client
CVE-2015-8579
Kaspersky Total Security 2015 15.0.2.361 allocates memory with Read, Write, Execute RWX permissions at predictable addresses when protecting user-mode processes, which allows attackers to bypass the DEP and ASLR protection mechanisms via unspecified vectors...
CVE-2015-8578
AVG Internet Security 2015 allocates memory with Read, Write, Execute RWX permissions at predictable addresses when protecting user-mode processes, which allows attackers to bypass the DEP and ASLR protection mechanisms via unspecified vectors...
CVE-2015-8578
AVG Internet Security 2015 allocates memory with Read, Write, Execute RWX permissions at predictable addresses when protecting user-mode processes, which allows attackers to bypass the DEP and ASLR protection mechanisms via unspecified vectors...