1574 matches found
GSD-2022-1005666 arm64: Do not forget syscall when starting a new thread.
arm64: Do not forget syscall when starting a new thread. This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.61 by commit...
PT-2022-34162 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to 5.10.137 Description: The issue concerns a potential security vulnerability in the Linux Kernel related to starting a new thread on arm64 architecture, where a syscall is not properly handled. The actual impact...
PT-2022-34428 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.19.256 Description: The issue is related to the arm64 architecture in the Linux Kernel, where a syscall is not properly handled when starting a new thread. The actual impact and attack plausibility of this...
GSD-2022-1005338 arm64: Do not forget syscall when starting a new thread.
arm64: Do not forget syscall when starting a new thread. This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.2 by commit...
RHEL 7 / 8 : OpenShift Container Platform 4.10.25 (RHSA-2022:5729)
The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5729 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...
golang: syscall: faccessat checks wrong group
A flaw was found in the syscall.Faccessat function when calling a process by checking the group. This flaw allows an attacker to check the process group permissions rather than a member of the file's group, affecting system availability...
RHEL 9 : go-toolset and golang (RHSA-2022:5799)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5799 advisory. Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. The golang packages provide the Go...
GSD-2022-1004738 powerpc: Enable execve syscall exit tracepoint
powerpc: Enable execve syscall exit tracepoint This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.202 by commit...
GSD-2022-1004621 powerpc: Enable execve syscall exit tracepoint
powerpc: Enable execve syscall exit tracepoint This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.127 by commit...
GSD-2022-1004454 powerpc: Enable execve syscall exit tracepoint
powerpc: Enable execve syscall exit tracepoint This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.51 by commit...
Moderate: Red Hat Security Advisory: Secondary Scheduler Operator for Red Hat OpenShift 1.0.1 security update
Secondary Scheduler Operator for Red Hat OpenShift 1.0.1 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in...
GO-2022-0493 Incorrect privilege reporting in syscall and golang.org/x/sys/unix
When called with a non-zero flags parameter, the Faccessat function can incorrectly report that a file is accessible...
CentOS 8 : go-toolset:rhel8 (CESA-2022:5337)
The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2022:5337 advisory. - golang: encoding/pem: fix stack overflow in Decode CVE-2022-24675 - golang: regexp: stack exhaustion via a deeply nested expression CVE-2022-24921 -...
SUSE-SU-2022:2341-1 Security update for containerd, docker and runc
This update for containerd, docker and runc fixes the following issues: containerd: - CVE-2022-31030: Fixed denial of service via invocation of the ExecSync API bsc1200145 docker: - Update to Docker 20.10.17-ce. See upstream changelog online at https://docs.docker.com/engine/release-notes/201017...
F5 Networks BIG-IP : Linux kernel vulnerability (K36462841)
The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.1.4.6 / 14.1.5 / 15.1.5.1 / 15.1.6 / 16.1.2.2 / 16.1.3 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K36462841 advisory. - Since Linux kernel version 3.2, the mremap syscall...
Dlinject - Inject A Shared Library (I.E. Arbitrary Code) Into A Live Linux Process, Without Ptrace
Inject a shared library i.e. arbitrary code into a live linux process, without ptrace. Inspired by Cexigua and linux-inject, among other things. Usage .. . | /| | || || / | .. / | | | | |/ \ | |/ / \ \ \ | \ | |/|| /| |\ \ | /| // | / /| / / /|| / source:...
RHEL 8 : go-toolset:rhel8 (RHSA-2022:5337)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5337 advisory. Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: golang:...
Moderate: Red Hat Security Advisory: go-toolset:rhel8 security and bug fix update
An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
GSD-2022-1003773 arm64: compat: Do not treat syscall number as ESR_ELx for a bad syscall
arm64: compat: Do not treat syscall number as ESRELx for a bad syscall This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.198 by commit...
GSD-2022-1003613 arm64: compat: Do not treat syscall number as ESR_ELx for a bad syscall
arm64: compat: Do not treat syscall number as ESRELx for a bad syscall This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.121 by commit...