Lucene search
K

30 matches found

CVE
CVE
added 2020/05/09 8:16 p.m.563 views

CVE-2020-12770

CVE-2020-12770 arises from the Linux kernel sg_write path in the SCSI generic (sg) driver not releasing internal resources in a specific error path because sg_remove_request is not called. This root cause is cited in multiple sources (e.g., ALAS2KERNEL-5.4-2022-012) and is described as a local-ac...

6.7CVSS6.7AI score0.00586EPSS
Exploits0References16Affected Software1
Debian CVE
Debian CVE
added 2020/05/09 8:16 p.m.49 views

CVE-2020-12770

An issue was discovered in the Linux kernel through 5.6.11. sgwrite lacks an sgremoverequest call in a certain failure case, aka CID-83c6f2390040...

6.7CVSS6.6AI score0.00586EPSS
Exploits0
Veracode
Veracode
added 2019/05/02 6:36 a.m.24 views

Stack-based Buffer Overflow

Linux kernel is vulnerable to stack-based buffer overflow vulnerability. The vulnerability exists in the sgioctl function in drivers/scsi/sg.c in the Linux kernel. A local user could cause a a denial of service condition or possibly have unspecified other impacts via a large command size in an...

7.8CVSS7.9AI score0.00421EPSS
Exploits0References45Affected Software2
RedHat Linux
RedHat Linux
added 2017/08/01 2:22 p.m.14 views

kernel: scsi: Stack-based buffer overflow in sg_ioctl function

The sgioctl function in drivers/scsi/sg.c in the Linux kernel allows local users to cause a denial of service stack-based buffer overflow or possibly have unspecified other impacts via a large command size in an SGNEXTCMDLEN ioctl call, leading to out-of-bounds write access in the sgwrite functio...

7.8CVSS7.4AI score0.00414EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2017/05/17 12:0 a.m.69 views

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2017-3567)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3567 advisory. - nfsd: stricter decoding of write-like NFSv2/v3 ops J. Bruce Fields Orabug: 25986995 CVE-2017-7895 - KVM: x86: fix emulation of 'MOV SS, null...

10CVSS7.5AI score0.12791EPSS
Exploits40References13
Tenable Nessus
Tenable Nessus
added 2017/05/17 12:0 a.m.98 views

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3566)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3566 advisory. - nfsd: stricter decoding of write-like NFSv2/v3 ops J. Bruce Fields Orabug: 25986990 CVE-2017-7895 - KVM: x86: fix emulation of 'MOV SS, null...

10CVSS6.7AI score0.12791EPSS
Exploits12References13
Tenable Nessus
Tenable Nessus
added 2017/05/17 12:0 a.m.79 views

OracleVM 3.3 : Unbreakable / etc (OVMSA-2017-0105)

The remote OracleVM system is missing necessary patches to address critical security updates : - nfsd: stricter decoding of write-like NFSv2/v3 ops J. Bruce Fields Orabug: 25986990 CVE-2017-7895 - fnic: Update fnic driver version to 1.6.0.24 John Sobecki Orabug: 24448585 - xen-netfront: Rework th...

10CVSS6.5AI score0.12791EPSS
Exploits12References20
Oracle linux
Oracle linux
added 2017/05/16 12:0 a.m.87 views

Unbreakable Enterprise kernel security update

2.6.39-400.295.2 - nfsd: stricter decoding of write-like NFSv2/v3 ops J. Bruce Fields Orabug: 25986995 CVE-2017-7895 2.6.39-400.295.1 - ocfs2/o2net: o2netlistendataready should do nothing if socket state is not TCPLISTEN Tariq Saeed Orabug: 25510857 - IB/CORE: sync the resouce access in fmrpool...

10CVSS8.4AI score0.12791EPSS
Exploits41
Tenable Nessus
Tenable Nessus
added 2017/04/03 12:0 a.m.110 views

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2017-3535)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3535 advisory. - RHEL: complement upstream workaround for CVE-2016-10142. Quentin Casasnovas Orabug: 25765786 CVE-2016-10142 CVE-2016-10142 - net: ping: check...

8.6CVSS7.2AI score0.04178EPSS
Exploits16References15
Oracle linux
Oracle linux
added 2017/03/31 12:0 a.m.118 views

Unbreakable Enterprise kernel security update

kernel-uek 4.1.12-61.1.33 - Revert 'x86/mm: Expand the exception table logic to allow new handling options' Brian Maly Orabug: 25790387 CVE-2016-9644 - Revert 'fix minor infoleak in getuserex' Brian Maly Orabug: 25790387 CVE-2016-9644 4.1.12-61.1.32 - x86/mm: Expand the exception table logic to...

9.8CVSS7.5AI score0.04953EPSS
Exploits16
Rows per page
Query Builder