EUVD-2021-27028

Malware in sbrugna...

kernel: a race out-of-bound read in vt

A race problem was seen in the vtkioctl in drivers/tty/vt/vtioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vcmode is not protected by lock-in vtioctl KDSETMDE. The highest threat from this vulnerability is to data confidentiality...

Ubuntu 16.04 ESM : Linux kernel vulnerabilities (USN-6221-1)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6221-1 advisory. It was discovered that a race condition existed in the overlay file system implementation in the Linux kernel. A local attacker could use this to cause a...

Denial Of Service (DoS)

Linux kernel is vulnerable to Denial Of Service DoS. The vulnerability exists due to the out-of-bounds read in the vtkioctl function of vtioctl.c because it does not properly protect by lock-in vtioctl KDSETMDE, allowing an attacker to cause an application crash...

SUSE CVE-2021-3753

A race problem was seen in the vtkioctl in drivers/tty/vt/vtioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vcmode is not protected by lock-in vtioctl KDSETMDE. The highest threat from this vulnerability is to data confidentiality...

Amazon Linux 2 : kernel (ALASKERNEL-5.10-2022-005)

The version of kernel installed on the remote host is prior to 5.10.62-55.141. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2022-005 advisory. A flaw was found in the Linux kernel's implementation of wireless drivers using the Atheros chipsets. An...

EulerOS 2.0 SP3 : kernel (EulerOS-SA-2022-1171)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In the nl80211policy policy of nl80211.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local...

CVE-2021-3753

A race problem was seen in the vtkioctl in drivers/tty/vt/vtioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vcmode is not protected by lock-in vtioctl KDSETMDE. The highest threat from this vulnerability is to data confidentiality...

CVE-2021-3753

A race problem was seen in the vtkioctl in drivers/tty/vt/vtioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vcmode is not protected by lock-in vtioctl KDSETMDE. The highest threat from this vulnerability is to data confidentiality...

Out-of-bounds

A race problem was seen in the vtkioctl in drivers/tty/vt/vtioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vcmode is not protected by lock-in vtioctl KDSETMDE. The highest threat from this vulnerability is to data confidentiality...

CVE-2021-3753

CVE-2021-3753 describes a race in the Linux kernel’s vt_k_ioctl() (vt_ioctl.c) that may cause an out-of-bounds read in vt as vc_mode write access is not protected by a lock. Impact is listed as data confidentiality; exploitation details are not provided in the supplied documents. Connected source...

CVE-2021-3753

A race problem was seen in the vtkioctl in drivers/tty/vt/vtioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vcmode is not protected by lock-in vtioctl KDSETMDE. The highest threat from this vulnerability is to data confidentiality...

CVE-2021-3753

A race problem was seen in the vtkioctl in drivers/tty/vt/vtioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vcmode is not protected by lock-in vtioctl KDSETMDE. The highest threat from this vulnerability is to data confidentiality...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2022-9088)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9088 advisory. - xfs: map unwritten blocks in XFSIOCALLOC,FREESP just like fallocate Darrick J. Wong Orabug: 33699627 Orabug: 33762471 CVE-2021-4155 - fix...

EulerOS Virtualization 2.9.1 : kernel (EulerOS-SA-2021-2745)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a...

Ubuntu 20.04 LTS : Linux kernel (OEM) vulnerabilities (USN-5115-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5115-1 advisory. It was discovered that a race condition existed in the Atheros Ath9k WiFi driver in the Linux kernel. An attacker could possibly use this to expose...

Ubuntu 20.04 LTS : Linux kernel (OEM) vulnerabilities (USN-5117-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5117-1 advisory. It was discovered that the btrfs file system in the Linux kernel did not properly handle removing a non- existent device id. An attacker with CAPSYSADMIN...

Amazon Linux AMI : kernel (ALAS-2021-1539)

The version of kernel installed on the remote host is prior to 4.14.248-129.473. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2021-1539 advisory. A flaw was found in the Linux kernel. When reusing a socket with an attached dccpshctxccid as a listener, the socke...

Medium: kernel

Issue Overview: A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided by the L1 guest to spawn/handle a nested guest L2. Due to improper validation of the "intctl" field, this issue could...

CVE-2021-3753

A race problem was seen in the vtkioctl in drivers/tty/vt/vtioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vcmode is not protected by lock-in vtioctl KDSETMDE. The highest threat from this vulnerability is to data confidentiality. Mitigation...