PT-2022-33960 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.142 Description: A data-race issue exists at module auto-loading in the ALSA seq component. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions...

GSD-2022-1005387 ALSA: seq: oss: Fix data-race for max_midi_devs access

ALSA: seq: oss: Fix data-race for maxmididevs access This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.66 by commit...

GSD-2022-1005386 ALSA: seq: Fix data-race at module auto-loading

ALSA: seq: Fix data-race at module auto-loading This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.66 by commit...

GSD-2022-1004955 ALSA: seq: oss: Fix data-race for max_midi_devs access

ALSA: seq: oss: Fix data-race for maxmididevs access This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.8 by commit...

GSD-2022-1004954 ALSA: seq: Fix data-race at module auto-loading

ALSA: seq: Fix data-race at module auto-loading This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.8 by commit...

PT-2022-33645 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.66 Description: The issue is related to a data-race condition for max midi devs access in the ALSA seq: oss component. The actual impact and attack plausibility have not yet been proven. Recommendations: F...

PT-2022-33644 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.66 Description: A data-race issue exists at module auto-loading in the ALSA seq component. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions pri...

NewStart CGSL CORE 5.05 / MAIN 5.05 : kernel Multiple Vulnerabilities (NS-SA-2022-0040)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has kernel packages installed that are affected by multiple vulnerabilities: - An issue was discovered in the Linux kernel before 4.14.11. A double free may be caused by the function allocatetracebuffer in the file...

Important: kernel

Issue Overview: An out-of-bounds write flaw was found in the Linux kernel's seqfile in the Filesystem layer. This flaw allows a local attacker with a user privilege to gain access to out-of-bound memory, leading to a system crash or a leak of internal kernel information. The issue results from no...

Code injection

Datalust Seq.App.EmailPlus aka seq-app-htmlemail 3.1.0-dev-00148, 3.1.0-dev-00170, and 3.1.0-dev-00176 can use cleartext SMTP on port 25 in some cases where encryption on port 465 was intended...

CVE-2021-43270

CVE-2021-43270 affects Datalust Seq.App.EmailPlus (seq-app-htmlemail) versions 3.1.0-dev-00148, 00170, 00176. The issue is use of cleartext SMTP on port 25 in scenarios where encryption on port 465 was intended, enabling potential information disclosure. Root cause: misconfiguration/implementatio...

Datalust Seq 安全漏洞

Datalust Seq is a logging server from Datalust Australia. It is used to speed up diagnostics in complex, asynchronous and distributed applications. A security vulnerability exists in Datalust Seq.App.HtmlEmail, which stems from the fact that in some cases the program uses plaintext on port 25 and...

EulerOS 2.0 SP9 : kernel (EulerOS-SA-2021-2569)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54. The latest version 5.11-rc4...

CVE-2021-41329

Datalust Seq before 2021.2.6259 allows users with view filters applied to their accounts to see query results not constrained by their view filter. This information exposure, caused by an internal cache key collision, occurs when the user's view filter includes an array or IN clause, and when...

CVE-2021-41329

Datalust Seq before 2021.2.6259 allows users with view filters applied to their accounts to see query results not constrained by their view filter. This information exposure, caused by an internal cache key collision, occurs when the user's view filter includes an array or IN clause, and when...

Code injection

Datalust Seq before 2021.2.6259 allows users with view filters applied to their accounts to see query results not constrained by their view filter. This information exposure, caused by an internal cache key collision, occurs when the user's view filter includes an array or IN clause, and when...

CVE-2021-41329

Datalust Seq before 2021.2.6259 allows users with view filters applied to their accounts to see query results not constrained by their view filter. This information exposure, caused by an internal cache key collision, occurs when the user's view filter includes an array or IN clause, and when...

CVE-2021-41329

CVE-2021-41329 affects Datalust Seq prior to 2021.2.6259. The issue is an information exposure caused by an internal cache key collision: when a user has a view filter with an array/IN clause and another user runs an identical query with different array elements, the results may be visible to the...

Datalust Seq 安全漏洞

Datalust Seq is a logging server from Datalust Australia. It is used to speed up diagnostics in complex, asynchronous and distributed applications. A security vulnerability exists in Datalust Seq versions prior to 2021.2.6259, which stems from software that allows a user who applies a view filter...

Fix of CVE: CVE-2021-33909

ELS-130: netfilter: xtables: add missing tables zeroing - CLKRN-800: CVE-2021-33909: seqfile: disallow extremely large seq buffer allocation...