30 matches found
CVE-2020-12770
CVE-2020-12770 arises from the Linux kernel sg_write path in the SCSI generic (sg) driver not releasing internal resources in a specific error path because sg_remove_request is not called. This root cause is cited in multiple sources (e.g., ALAS2KERNEL-5.4-2022-012) and is described as a local-ac...
CVE-2020-12770
An issue was discovered in the Linux kernel through 5.6.11. sgwrite lacks an sgremoverequest call in a certain failure case, aka CID-83c6f2390040...
Stack-based Buffer Overflow
Linux kernel is vulnerable to stack-based buffer overflow vulnerability. The vulnerability exists in the sgioctl function in drivers/scsi/sg.c in the Linux kernel. A local user could cause a a denial of service condition or possibly have unspecified other impacts via a large command size in an...
kernel: scsi: Stack-based buffer overflow in sg_ioctl function
The sgioctl function in drivers/scsi/sg.c in the Linux kernel allows local users to cause a denial of service stack-based buffer overflow or possibly have unspecified other impacts via a large command size in an SGNEXTCMDLEN ioctl call, leading to out-of-bounds write access in the sgwrite functio...
Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2017-3567)
The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3567 advisory. - nfsd: stricter decoding of write-like NFSv2/v3 ops J. Bruce Fields Orabug: 25986995 CVE-2017-7895 - KVM: x86: fix emulation of 'MOV SS, null...
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3566)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3566 advisory. - nfsd: stricter decoding of write-like NFSv2/v3 ops J. Bruce Fields Orabug: 25986990 CVE-2017-7895 - KVM: x86: fix emulation of 'MOV SS, null...
OracleVM 3.3 : Unbreakable / etc (OVMSA-2017-0105)
The remote OracleVM system is missing necessary patches to address critical security updates : - nfsd: stricter decoding of write-like NFSv2/v3 ops J. Bruce Fields Orabug: 25986990 CVE-2017-7895 - fnic: Update fnic driver version to 1.6.0.24 John Sobecki Orabug: 24448585 - xen-netfront: Rework th...
Unbreakable Enterprise kernel security update
2.6.39-400.295.2 - nfsd: stricter decoding of write-like NFSv2/v3 ops J. Bruce Fields Orabug: 25986995 CVE-2017-7895 2.6.39-400.295.1 - ocfs2/o2net: o2netlistendataready should do nothing if socket state is not TCPLISTEN Tariq Saeed Orabug: 25510857 - IB/CORE: sync the resouce access in fmrpool...
Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2017-3535)
The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3535 advisory. - RHEL: complement upstream workaround for CVE-2016-10142. Quentin Casasnovas Orabug: 25765786 CVE-2016-10142 CVE-2016-10142 - net: ping: check...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-61.1.33 - Revert 'x86/mm: Expand the exception table logic to allow new handling options' Brian Maly Orabug: 25790387 CVE-2016-9644 - Revert 'fix minor infoleak in getuserex' Brian Maly Orabug: 25790387 CVE-2016-9644 4.1.12-61.1.32 - x86/mm: Expand the exception table logic to...