USN-8188-1 linux-hwe-5.15 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Cryptographic API; - Drivers core; - Bluetooth drivers; - DMA engine...

USN-7887-1: Linux kernel (Raspberry Pi Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Ublk userspace block driver; -...

USN-7819-2 linux-azure-fips vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - Device tree and open firmware driver; - SCSI subsystem; - TTY drivers; - Ext4 file system; -...

EUVD-2006-1863

Malware in sbrugna...

Ubuntu Pro 24.04 LTS Realtime Kernel : Linux kernel (Real-time) vulnerabilities (USN-7767-1)

"The remote Ubuntu Pro 24.04 LTS Realtime Kernel host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7767-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...

fs/smb: Fix inconsistent refcnt update

...

USN-7510-6 linux-aws-fips vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Network block device...

USN-7295-1 linux-xilinx-zynqmp vulnerabilities

Ye Zhang and Nicolas Wu discovered that the iouring subsystem in the Linux kernel did not properly handle locking for rings with IOPOLL, leading to a double-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

Debian: Security Advisory (DSA-1069-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Linux Kernel SMB Filesystem smb_receive Transaction2 - Ver2 (CVE-2004-0949)

Multiple vulnerabilities have been reported in the smbrecvtrans2 function call in the samba filesystem smbfs in Linux kernel 2.4 and 2.6. Successful exploitation of this vulnerability could allow a remote attacker to read arbitrary kernel information or raise a counter value to an arbitrary numbe...

CVE-2014-2388

The Storage and Access service in BlackBerry OS 10.x before 10.2.1.1925 on Q5, Q10, Z10, and Z30 devices does not enforce the password requirement for SMB filesystem access, which allows context-dependent attackers to read arbitrary files via 1 a session over a Wi-Fi network or 2 a session over a...

CVE-2014-2388

CVE-2014-2388 is an authentication-by-pass vulnerability in BlackBerry OS 10.x prior to 10.2.1.1925 affecting the Storage and Access service (Samba-based file sharing) on Q5, Q10, Z10, and Z30. The root cause, as described in vendor advisories, is that the file-service does not enforce a password...

Debian: Security Advisory (DSA-1070-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-1070-1 : kernel-source-2.4.19 - several vulnerabilities

Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2004-0427 A local denial of service vulnerability i...

Debian DSA-1082-1 : kernel-source-2.4.17 - several vulnerabilities

Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2004-0427 A local denial of service vulnerability i...

DSA-1069-1 kernel-source-2.4.18 - several

Bulletin has no description...

Directory traversal

Directory traversal vulnerability in CIFS in Linux 2.6.16 and earlier allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\" sequences, a similar vulnerability to CVE-2006-1864...

CVE-2006-1863

CVE-2006-1863 is a directory traversal vulnerability in CIFS on Linux 2.6.16 and earlier that allows a local user to escape chroot restrictions for an SMB-mounted filesystem via "..\" sequences. The issue is mitigated by applying a kernel update (e.g., as per ChangeLog-2.6.16.11). Mode: C (detail...

SMB filesystem read system call vulnerable to buffer overflow

Overview The SMB filesystem read system call contains buffer overflow vulnerability that may allow an attacker to cause a denial-of-service condition. Description "Server Message Block SMB is an application-level protocol that supports file, printer, and other resource sharing. The SMB filesystem...