RHEL 5 : kernel (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - kernel: netfilter: use-after-free in tcpmssmanglepacket function in net/netfilter/xtTCPMSS.c CVE-2017-180...

SUSE CVE-2021-47383

In the Linux kernel, the following vulnerability has been resolved: tty: Fix out-of-bound vmalloc access in imageblit This issue happens when a userspace program does an ioctl FBIOPUTVSCREENINFO passing the fbvarscreeninfo struct containing only the fields xres, yres, and bitsperpixel with values...

kernel: ACPI: APEI: Fix integer overflow in ghes_estatus_pool_init()

In the Linux kernel, the following vulnerability has been resolved: ACPI: APEI: Fix integer overflow in ghesestatuspoolinit Change numghes from int to unsigned int, preventing an overflow and causing subsequent vmalloc to fail. The overflow happens in ghesestatuspoolinit when calculating len duri...

CVE-2021-47383

In the Linux kernel, the following vulnerability has been resolved: tty: Fix out-of-bound vmalloc access in imageblit This issue happens when a userspace program does an ioctl FBIOPUTVSCREENINFO passing the fbvarscreeninfo struct containing only the fields xres, yres, and bitsperpixel with values...

DEBIAN-CVE-2021-47383

In the Linux kernel, the following vulnerability has been resolved: tty: Fix out-of-bound vmalloc access in imageblit This issue happens when a userspace program does an ioctl FBIOPUTVSCREENINFO passing the fbvarscreeninfo struct containing only the fields xres, yres, and bitsperpixel with values...

CVE-2021-47383

CVE-2021-47383 : In the Linux kernel, the tty imageblit out-of-bounds access is caused when an ioctl FBIOPUT_VSCREENINFO with only xres, yres, and bits_per_pixel is sent and the struct matches the previous ioctl. This leaves fb_var_screeninfo incomplete, causing updatescrollmode() to compute a wr...

CVE-2021-47383

In the Linux kernel, the following vulnerability has been resolved: tty: Fix out-of-bound vmalloc access in imageblit This issue happens when a userspace program does an ioctl FBIOPUTVSCREENINFO passing the fbvarscreeninfo struct containing only the fields xres, yres, and bitsperpixel with values...

SUSE CVE-2023-52677

In the Linux kernel, the following vulnerability has been resolved: riscv: Check if the code to patch lies in the exit section Otherwise we fall through to vmalloctopage which panics since the address does not lie in the vmalloc region...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which stems from an out-of-bounds vmalloc access in imageblit...

DEBIAN-CVE-2023-52677

In the Linux kernel, the following vulnerability has been resolved: riscv: Check if the code to patch lies in the exit section Otherwise we fall through to vmalloctopage which panics since the address does not lie in the vmalloc region...

CVE-2023-52677

In the Linux kernel, the following vulnerability has been resolved: riscv: Check if the code to patch lies in the exit section Otherwise we fall through to vmalloctopage which panics since the address does not lie in the vmalloc region...

UBUNTU-CVE-2023-52677

In the Linux kernel, the following vulnerability has been resolved: riscv: Check if the code to patch lies in the exit section Otherwise we fall through to vmalloctopage which panics since the address does not lie in the vmalloc region...

CVE-2023-52677 riscv: Check if the code to patch lies in the exit section

In the Linux kernel, the following vulnerability has been resolved: riscv: Check if the code to patch lies in the exit section Otherwise we fall through to vmalloctopage which panics since the address does not lie in the vmalloc region...

CVE-2023-52677 riscv: Check if the code to patch lies in the exit section

In the Linux kernel, the following vulnerability has been resolved: riscv: Check if the code to patch lies in the exit section Otherwise we fall through to vmalloctopage which panics since the address does not lie in the vmalloc region...

CVE-2023-52677

In the Linux kernel, the following vulnerability has been resolved: riscv: Check if the code to patch lies in the exit section Otherwise we fall through to vmalloctopage which panics since the address does not lie in the vmalloc region...

CVE-2024-26991

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: x86: Don't overflow lpageinfo when checking attributes Fix KVMSETMEMORYATTRIBUTES to not overflow lpageinfo array and trigger KASAN splat, as seen in the privatememconversionstest selftest. When memory attributes ar...

CVE-2024-26991

CVE-2024-26991 relates to the Linux kernel KVM x86/mmu path. The vulnerability stems from overflow of the lpage_info array when checking attributes during KVM_SET_MEMORY_ATTRIBUTES, which can lead to a vmalloc-out-of-bounds read in hugepage attribute checks (observed as KASAN: vmalloc-out-of-boun...

CVE-2024-26991

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: x86: Don't overflow lpageinfo when checking attributes Fix KVMSETMEMORYATTRIBUTES to not overflow lpageinfo array and trigger KASAN splat, as seen in the privatememconversionstest selftest. When memory attributes ar...

UBUNTU-CVE-2021-47034

In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Fix pte update for kernel memory on radix When adding a PTE a ptesync is needed to order the update of the PTE with subsequent accesses otherwise a spurious fault may be raised. radixsetpteat does not do this for...

PT-2024-8366 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to insufficient input validation in the riscv component of the Linux kernel. This can lead to a denial of service when the code to patch lies outside the exit...