EUVD-2021-18704

Malware in sbrugna...

EUVD-2018-8736

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2021-31829

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - kernel/bpf/verifier.c in the Linux kernel through 5.12.1 performs undesirable speculative loads, leading to disclosure of stack content via side-channel attacks...

Information Disclosure

kernel is vulnerable to information disclosure. The vulnerability exists due to undesirable speculative loads, leading to disclosure of stack content via side-channel attacks...

Ubuntu 20.04 LTS : Linux kernel (OEM) vulnerabilities (USN-4983-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4983-1 advisory. Piotr Krysiuk discovered that the eBPF implementation in the Linux kernel did not properly enforce limits for pointer operations. A local attacker could...

Information disclosure

kernel/bpf/verifier.c in the Linux kernel through 5.12.1 performs undesirable speculative loads, leading to disclosure of stack content via side-channel attacks, aka CID-801c6058d14a. The specific concern is not protecting the BPF stack area against speculative loads. Also, the BPF stack can...

CVE-2021-31829

CVE-2021-31829 affects the Linux kernel’s eBPF verifier (kernel/bpf/verifier.c) and describes speculative-load handling that could leak kernel memory via side-channels. The Initial document notes the flaw up to kernel 5.12.1 and references remediation through patched kernels; Connected documents ...

CVE-2021-31829

kernel/bpf/verifier.c in the Linux kernel through 5.12.1 performs undesirable speculative loads, leading to disclosure of stack content via side-channel attacks, aka CID-801c6058d14a. The specific concern is not protecting the BPF stack area against speculative loads. Also, the BPF stack can...

MGASA-2020-0134 Updated libgd packages fix security vulnerability

The updated packages fix a security vulnerability: When using the gdImageCreateFromXbm function in the GD Graphics Library aka LibGD 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause t...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1303)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2019-4541)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4541 advisory. - proc: restrict kernel stack dumps to root Jann Horn Orabug: 29114876 CVE-2018-17972 - alarmtimer: Prevent overflow for relative nanosleep Thomas...

CVE-2013-4368

CVE-2013-4368 affects Xen hypervisor outs instruction emulation (Xen 3.1.x, 4.2.x, 4.3.x and earlier) where FS: or GS: segment override uses an uninitialized segment base. This allows local 64-bit PV guests to read sensitive information (hypervisor stack content) via vectors related to stale data...

MS Windows Color Management Module Overflow Exploit (MS05-036)

No description provided by source. / Author: snooq http://www.redpuffer.net/snooq/web/ Date: 21 July 2005 When I looked at the PoC posted on bugtraq.... I was basically quite disappointed. The 'PoC' fixed 'tag count' to a large number.. but this code path does not seem to be exploitable...