669 matches found
GSD-2021-1001826 mlxsw: thermal: Fix out-of-bounds memory accesses
mlxsw: thermal: Fix out-of-bounds memory accesses This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.155 by commit...
UVI-2021-1001737 hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary structure field
hwmon: w83793 Fix NULL pointer dereference by removing unnecessary structure field This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.14.10 by...
GSD-2021-1001725 hwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced from sysfs
hwmon: mlxreg-fan Return non-zero value when fan current state is enforced from sysfs This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.14.10 b...
GSD-2021-1001706 netfilter: nf_tables: Fix oversized kvmalloc() calls
netfilter: nftables: Fix oversized kvmalloc calls This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.14.10 by commit...
UVI-2021-1001597 hwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced from sysfs
hwmon: mlxreg-fan Return non-zero value when fan current state is enforced from sysfs This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.151 b...
GSD-2021-1001597 hwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced from sysfs
hwmon: mlxreg-fan Return non-zero value when fan current state is enforced from sysfs This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.151 b...
GSD-2021-1001595 mac80211-hwsim: fix late beacon hrtimer handling
mac80211-hwsim: fix late beacon hrtimer handling This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.151 by commit...
GSD-2021-1001529 netfilter: ipset: Fix oversized kvmalloc() calls
netfilter: ipset: Fix oversized kvmalloc calls This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.249 by commit...
Cypress Solutions CTM-200/CTM-ONE Hard-Coded Credentials Remote Root
!/usr/bin/env python3 Cypress Solutions CTM-200/CTM-ONE Hard-coded Credentials Remote Root Telnet/SSH Vendor: Cypress Solutions Inc. Product web page: https://www.cypress.bc.ca Affected version: CTM-ONE 1.3.6-latest CTM-ONE 1.3.1 CTM-ONE 1.1.9 CTM200 2.7.1.5659-latest CTM200 2.0.5.3356-184 Summar...
GSD-2021-1001448 watchdog: Fix possible use-after-free in wdt_startup()
watchdog: Fix possible use-after-free in wdtstartup This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.276 by commit...
GSD-2021-1001214 jfs: fix GPF in diFree
jfs: fix GPF in diFree This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.13.3 by commit 42f102ea1943ecb10a0756bf75424de5d1d5beed. For more...
GSD-2021-1001089 net: bridge: fix vlan tunnel dst null pointer dereference
net: bridge: fix vlan tunnel dst null pointer dereference This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.13 by commit...
GSD-2021-1000970 drm/tegra: sor: Do not leak runtime PM reference
drm/tegra: sor: Do not leak runtime PM reference This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.45 by commit...
UVI-2021-1000356 i2c: img-scb: fix reference leak when pm_runtime_get_sync fails
i2c: img-scb: fix reference leak when pmruntimegetsync fails This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.37 by commit...
CVE-2021-28971
In intelpmudrainpebsnhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs, userspace applications such as perf-fuzzer can cause a system crash because the PEBS status in a PEBS record is mishandled, aka CID-d88d05a9e0b6...
CVE-2020-7789 Command Injection
This affects the package node-notifier before 9.0.0. It allows an attacker to run arbitrary commands on Linux machines due to the options params not being sanitised when being passed an array...
CVE-2020-29374
An issue was discovered in the Linux kernel before 5.7.3, related to mm/gup.c and mm/hugememory.c. The getuserpages aka gup implementation, when used for a copy-on-write page, does not properly consider the semantics of read operations and therefore can grant unintended write access, aka...
Denial Of Service (DoS)
Linux kernel is vulnerable to denial of service DoS. The vulnerability exists indrivers/net/fjes/fjesmain.c in the Linux kernel does not check the allocworkqueue return value, leading to a NULL pointer dereference...
CVE-2020-1423
An elevation of privilege vulnerability exists in the way that the Windows Subsystem for Linux handles files, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'...
CVE-2020-8649
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vgaconinvertregion function in drivers/video/console/vgacon.c...