31 matches found
K42355373: Linux NFS kernel vulnerablity CVE-2020-25212
Security Advisory Description A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c, aka CID-b4487b935452...
AlmaLinux 8 : kernel (ALSA-2021:1578)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:1578 advisory. - A memory leak in the sofsetgetlargectrldata function in sound/soc/sof/ipc.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of...
SUSE: Security Advisory (SUSE-SU-2020:3225-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 7 : kernel (RHSA-2021:0878)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0878 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: locking issue in...
kernel: TOCTOU mismatch in the NFS client code
A flaw was found in the NFSv4 implementation where when mounting a remote attacker controlled server it could return specially crafted response allow for local memory corruption and possibly privilege escalation...
RHEL 7 : kernel (RHSA-2021:0760)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0760 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: umask not applied on filesyste...
kernel: TOCTOU mismatch in the NFS client code
A flaw was found in the NFSv4 implementation where when mounting a remote attacker controlled server it could return specially crafted response allow for local memory corruption and possibly privilege escalation...
CentOS 7 : kernel (RHSA-2020:5437)
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:5437 advisory. - The flowdissector feature in the Linux kernel 4.3 through 5.x before 5.3.10 has a device tracking vulnerability, aka CID-55667441c84f. This occurs...
RHEL 7 : kernel-rt (RHSA-2020:5441)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:5441 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...
Oracle Linux 7 : kernel (ELSA-2020-5437)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5437 advisory. - netdrv hdlcppp: add range checks in pppcpparsecr Guillaume Nault 1882078 CVE-2020-25643 - fs ext4: fix potential negative array index in dosplit Pave...
kernel: TOCTOU mismatch in the NFS client code
A flaw was found in the NFSv4 implementation where when mounting a remote attacker controlled server it could return specially crafted response allow for local memory corruption and possibly privilege escalation...
Important: Red Hat Security Advisory: kernel-rt security and bug fix update
An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
Scientific Linux Security Update : kernel on SL7.x x86_64 (2020:5437)
The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2020:5437-1 advisory. - kernel: metadata validator in XFS may cause an inode with a valid, user-creatable extended attribute to be flagged as corrupt CVE-2020-14385 -...
SUSE SLES12 Security Update : kernel (SUSE-SU-2020:2981-1)
The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2020-12351: Fixed a type confusion while processing AMP packets aka 'BleedingTooth' aka 'BadKarma' bsc1177724. CVE-2020-12352: Fixed an information leak when...
Security update for the Linux Kernel (important)
openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2020:2112-1 Rating: important References: 1055014 1055186 1061843 1065600 1065729 1066382 1077428 1129923 1134760 1149032 1152489 1155798 1163592 1164648 1165692 1166146 1166166 1167030 1168468 1170415...
SUSE-SU-2020:3188-1 Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP1)
This update for the Linux Kernel 4.12.14-19756 fixes several issues. The following security issues were fixed: - CVE-2020-14381: Fixed a use-after-free in the fast user mutex futex wait operation, which could have lead to memory corruption and possibly privilege escalation bsc1176011. -...
SUSE-SU-2020:3186-1 Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP2)
This update for the Linux Kernel 5.3.18-249 fixes several issues. The following security issues were fixed: - CVE-2020-25212: A TOCTOU mismatch in the NFS client code could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in...
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2020-2303)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Important: kernel
Issue Overview: An issue in the HID driver in the Linux kernel may lead to invalid memory access. CVE-2022-20565 In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in...
RHEL 7 : kernel-alt (RHSA-2020:4279)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4279 advisory. The kernel-alt packages provide the Linux kernel version 4.x. Security Fixes: kernel: net: bluetooth: type confusion while processing AMP...