Lucene search
K

31 matches found

F5 Networks
F5 Networks
added 2023/02/21 6:34 p.m.52 views

K42355373: Linux NFS kernel vulnerablity CVE-2020-25212

Security Advisory Description A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c, aka CID-b4487b935452...

7CVSS6.7AI score0.00275EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/02/09 12:0 a.m.44 views

AlmaLinux 8 : kernel (ALSA-2021:1578)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:1578 advisory. - A memory leak in the sofsetgetlargectrldata function in sound/soc/sof/ipc.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of...

7.8CVSS7AI score0.03292EPSS
Exploits6References27
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.24 views

SUSE: Security Advisory (SUSE-SU-2020:3225-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.2AI score0.01308EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2021/03/17 12:0 a.m.51 views

RHEL 7 : kernel (RHSA-2021:0878)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0878 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: locking issue in...

7.8CVSS6.7AI score0.01129EPSS
Exploits2References10
RedHat Linux
RedHat Linux
added 2021/03/09 9:23 a.m.3 views

kernel: TOCTOU mismatch in the NFS client code

A flaw was found in the NFSv4 implementation where when mounting a remote attacker controlled server it could return specially crafted response allow for local memory corruption and possibly privilege escalation...

7CVSS7.2AI score0.00275EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/03/09 12:0 a.m.53 views

RHEL 7 : kernel (RHSA-2021:0760)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0760 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: umask not applied on filesyste...

7.1CVSS6.8AI score0.00361EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2021/02/16 8:47 a.m.3 views

kernel: TOCTOU mismatch in the NFS client code

A flaw was found in the NFSv4 implementation where when mounting a remote attacker controlled server it could return specially crafted response allow for local memory corruption and possibly privilege escalation...

7CVSS7.2AI score0.00275EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2020/12/22 12:0 a.m.323 views

CentOS 7 : kernel (RHSA-2020:5437)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:5437 advisory. - The flowdissector feature in the Linux kernel 4.3 through 5.x before 5.3.10 has a device tracking vulnerability, aka CID-55667441c84f. This occurs...

7.5CVSS6.9AI score0.03292EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2020/12/18 12:0 a.m.36 views

RHEL 7 : kernel-rt (RHSA-2020:5441)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:5441 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

7.5CVSS7.1AI score0.03292EPSS
Exploits1References17
Tenable Nessus
Tenable Nessus
added 2020/12/16 12:0 a.m.62 views

Oracle Linux 7 : kernel (ELSA-2020-5437)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5437 advisory. - netdrv hdlcppp: add range checks in pppcpparsecr Guillaume Nault 1882078 CVE-2020-25643 - fs ext4: fix potential negative array index in dosplit Pave...

7.5CVSS6.7AI score0.03292EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2020/12/15 3:6 p.m.9 views

kernel: TOCTOU mismatch in the NFS client code

A flaw was found in the NFSv4 implementation where when mounting a remote attacker controlled server it could return specially crafted response allow for local memory corruption and possibly privilege escalation...

7CVSS7.2AI score0.00275EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/12/15 2:59 p.m.82 views

Important: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.5CVSS6.8AI score0.03292EPSS
Exploits1References9
Tenable Nessus
Tenable Nessus
added 2020/12/15 12:0 a.m.59 views

Scientific Linux Security Update : kernel on SL7.x x86_64 (2020:5437)

The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2020:5437-1 advisory. - kernel: metadata validator in XFS may cause an inode with a valid, user-creatable extended attribute to be flagged as corrupt CVE-2020-14385 -...

7.5CVSS6.9AI score0.03292EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2020/12/09 12:0 a.m.108 views

SUSE SLES12 Security Update : kernel (SUSE-SU-2020:2981-1)

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2020-12351: Fixed a type confusion while processing AMP packets aka 'BleedingTooth' aka 'BadKarma' bsc1177724. CVE-2020-12352: Fixed an information leak when...

8.8CVSS7AI score0.07693EPSS
Exploits7References28
OPENSUSE Linux
OPENSUSE Linux
added 2020/11/29 12:0 a.m.84 views

Security update for the Linux Kernel (important)

openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2020:2112-1 Rating: important References: 1055014 1055186 1061843 1065600 1065729 1066382 1077428 1129923 1134760 1149032 1152489 1155798 1163592 1164648 1165692 1166146 1166166 1167030 1168468 1170415...

8.8CVSS7AI score0.07693EPSS
Exploits10References117
OSV
OSV
added 2020/11/05 1:51 p.m.7 views

SUSE-SU-2020:3188-1 Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP1)

This update for the Linux Kernel 4.12.14-19756 fixes several issues. The following security issues were fixed: - CVE-2020-14381: Fixed a use-after-free in the fast user mutex futex wait operation, which could have lead to memory corruption and possibly privilege escalation bsc1176011. -...

7.8CVSS8.3AI score0.0083EPSS
Exploits0References5
OSV
OSV
added 2020/11/05 1:50 p.m.10 views

SUSE-SU-2020:3186-1 Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-249 fixes several issues. The following security issues were fixed: - CVE-2020-25212: A TOCTOU mismatch in the NFS client code could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in...

7.8CVSS8.1AI score0.01308EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2020/10/30 12:0 a.m.35 views

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2020-2303)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.2CVSS7.4AI score0.00566EPSS
Exploits2References2
Amazon
Amazon
added 2020/10/28 12:0 a.m.69 views

Important: kernel

Issue Overview: An issue in the HID driver in the Linux kernel may lead to invalid memory access. CVE-2022-20565 In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in...

7.8CVSS7.4AI score0.03292EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2020/10/20 12:0 a.m.74 views

RHEL 7 : kernel-alt (RHSA-2020:4279)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4279 advisory. The kernel-alt packages provide the Linux kernel version 4.x. Security Fixes: kernel: net: bluetooth: type confusion while processing AMP...

8.8CVSS7.4AI score0.07693EPSS
Exploits6References11
Rows per page
Query Builder