Lucene search
K

6413 matches found

F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•45 views

K88205061: Linux kernel vulnerability CVE-2021-28952

Security Advisory Description An issue was discovered in the Linux kernel through 5.11.8. The sound/soc/qcom/sdm845.c soundwire device driver has a buffer overflow when an unexpected port ID number is encountered, aka CID-1c668e1c0a0f. This has been fixed in 5.12-rc4. CVE-2021-28952 Impact There ...

7.8CVSS6.6AI score0.00378EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•54 views

K08413011: Linux kernel vulnerability CVE-2019-7221

Security Advisory Description The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free. CVE-2019-7221 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has evaluated the currently supported releases...

7.8CVSS7.2AI score0.00805EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•72 views

K07020416: Linux kernel vulnerability CVE-2017-18344

Security Advisory Description The timercreate syscall implementation in kernel/time/posix-timers.c in the Linux kernel before 4.14.8 doesn't properly validate the sigevent-sigevnotify field, which leads to out-of-bounds access in the showtimer function called when /proc/$PID/timers is read. This...

5.5CVSS6.5AI score0.03228EPSS
Exploits8Affected Software15
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•36 views

K71891773: BIG-IP APM VPN vulnerability CVE-2021-23002

Security Advisory Description The session ID is visible in the arguments of the f5vpn.exe command when VPN is launched from the browser on a Windows system. Addressing this issue requires both the client and server fixes. CVE-2021-23002 Impact An attacker with privileges to view the command line ...

4.5CVSS5.5AI score0.00339EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•50 views

K91013510: SSL Forward Proxy vulnerability CVE-2022-23016

Security Advisory Description When BIG-IP SSL Forward Proxy with TLS 1.3 is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. CVE-2022-23016 Impact Traffic is disrupted while the TMM process restarts. This vulnerability allows a...

7.5CVSS7.4AI score0.0092EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•35 views

K55539088: Intel SSD vulnerabilities CVE-2020-0584, CVE-2020-12309, CVE-2020-12310, CVE-2020-12311

Security Advisory Description CVE-2020-0584 Buffer overflow in firmware for IntelR SSD DC P4800X and P4801X Series, IntelR OptaneTM SSD 900P and 905P Series may allow an unauthenticated user to potentially enable a denial of service via local access. CVE-2020-12309 Insufficiently protected...

6.2CVSS4.3AI score0.00352EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•19 views

K57214415: NAT slipstream vulnerability

Security Advisory Description This vulnerability exploits the application layer gateway ALG mechanism of network address translations NATs, routers, and firewalls through modification of internal IP extractions for a client browser connection and therefore bypasses the browser's port restrictions...

6.8AI score
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•38 views

K57201259: Intel SGX vulnerabilities CVE-2019-14565, CVE-2019-14566

Security Advisory Description CVE-2019-14565 Insufficient initialization in IntelR SGX SDK Windows versions 2.4.100.51291 and earlier, and Linux versions 2.6.100.51363 and earlier, may allow an authenticated user to enable information disclosure, escalation of privilege or denial of service via...

7.8CVSS7.4AI score0.00355EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•113 views

K55580033: iControl REST vulnerability CVE-2022-35728

Security Advisory Description An authenticated user's iControl REST token may remain valid for a limited time after logging out from the Configuration utility. CVE-2022-35728 Impact A remote unauthenticated attacker may be able to reuse, for a limited time, an authenticated user's iControl REST...

9.8CVSS9.2AI score0.00587EPSS
Exploits0Affected Software14
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•46 views

K50310001: BIG-IP and BIG-IQ iControl SOAP vulnerability CVE-2022-34851

Security Advisory Description An authenticated attacker may cause iControl SOAP to become unavailable through undisclosed requests. CVE-2022-34851 Impact This vulnerability allows a remote authenticated attacker with at least guest role privileges to send undisclosed requests to iControl SOAP,...

6.5CVSS6.4AI score0.00658EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•23 views

K37960100: TMM vulnerability CVE-2020-27713

Security Advisory Description In certain configurations, when a BIG-IP AFM HTTP security profile is applied to a virtual server and the BIG-IP system receives a request with specific characteristics, the connection is reset and the Traffic Management Microkernel TMM leaks memory. CVE-2020-27713...

7.5CVSS7.4AI score0.01261EPSS
Exploits0Affected Software14
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•47 views

K53345784: Linux kernel vulnerability CVE-2017-16912

Security Advisory Description The "getpipe" function drivers/usb/usbip/stubrx.c in the Linux Kernel before version 4.14.8, 4.9.71, and 4.4.114 allows attackers to cause a denial of service out-of-bounds read via a specially crafted USB over IP packet. CVE-2017-16912 Impact This vulnerability allo...

7.1CVSS6.4AI score0.04088EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•41 views

K17047: ICMP packet processing vulnerability CVE-2015-5058

Security Advisory Description Memory leak in the virtual server component in F5 Big-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and PEM 11.5.x before 11.5.1 HF10, 11.5.3 before HF1, and 11.6.0 before HF5, BIG-IQ Cloud, Device, and Security 4.4.0 through 4.5.0, and BIG-IQ ADC 4.5....

7.8CVSS6.7AI score0.01908EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•47 views

K46394694: Linux kernel vulnerability CVE-2016-8650

Security Advisory Description The mpipowm function in lib/mpi/mpi-pow.c in the Linux kernel through 4.8.11 does not ensure that memory is allocated for limb data, which allows local users to cause a denial of service stack memory corruption and panic via an addkey system call for an RSA key with ...

5.5CVSS6.4AI score0.00406EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•46 views

K47730136: Linux kernel vulnerability CVE-2017-16913

Security Advisory Description The "stubrecvcmdsubmit" function drivers/usb/usbip/stubrx.c in the Linux Kernel before version 4.14.8, 4.9.71, and 4.4.114 when handling CMDSUBMIT packets allows attackers to cause a denial of service arbitrary memory allocation via a specially crafted USB over IP...

7.1CVSS6.4AI score0.03896EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•72 views

K52510511: Advanced WAF/ASM buffer-overflow vulnerability CVE-2021-22992

Security Advisory Description A malicious HTTP response to an Advanced WAF/ASM virtual server with Login Page configured in its policy may trigger a buffer overflow, resulting in a DoS attack. In certain situations, it may allow remote code execution RCE, leading to complete system compromise...

9.8CVSS8.5AI score0.72711EPSS
Exploits1Affected Software2
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•59 views

K53084033: OpenSSL vulnerability CVE-2016-2178

Security Advisory Description The dsasignsetup function in crypto/dsa/dsaossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack. CVE-2016-2178 Impact An...

5.5CVSS7.3AI score0.01174EPSS
Exploits1Affected Software26
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•176 views

K50642058: systemd vulnerability CVE-2021-33910

Security Advisory Description basic/unit-name.c in systemd prior to 246.15, 247.8, 248.5, and 249.1 has a Memory Allocation with an Excessive Size Value involving strdupa and alloca for a pathname controlled by a local attacker that results in an operating system crash. CVE-2021-33910 Impact Ther...

5.5CVSS6AI score0.0865EPSS
Exploits2
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•38 views

K51758043: MySQL vulnerability CVE-2016-0639

Security Advisory Description Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.11 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Pluggable Authentication. CVE-2016-0639 Impact There is no impact; F5 products ar...

10CVSS7.8AI score0.10144EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•38 views

K51539421: BIG-IP SIP ALG profile vulnerability CVE-2022-26370

Security Advisory Description When a Session Initiation Protocol SIP message routing framework MRF application layer gateway ALG profile is configured on a Message Routing virtual server, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. CVE-2022-26370 Impact...

7.5CVSS7.5AI score0.00764EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•30 views

K51754851: BIG-IP system vulnerability CVE-2018-5512

Security Advisory Description When Large Receive Offload LRO and SYN cookies are enabled default settings, undisclosed traffic patterns may cause TMM to restart. CVE-2018-5512 Impact An attacker may be able to cause a disruption of service. Exposure to this vulnerability is limited to the data...

7.8CVSS7.4AI score0.03019EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•28 views

K92306170: BIG-IP AFM single endpoint flood/sweep DoS vector security exposure

Security Advisory Description BIG-IP AFM single endpoint sweep and single endpoint flood DoS vector configuration states are unexpectedly disabled after updating/upgrading software to BIG-IP 14.1.0 and later. This issue occurs when all of the following conditions are met: You updated/upgraded you...

6.7AI score
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•30 views

K45407662: BIG-IP DNS vulnerability CVE-2021-23032

Security Advisory Description When a BIG-IP DNS system is configured with non-default Wide IP and pool settings, undisclosed DNS responses can cause the Traffic Management Microkernel TMM to terminate. CVE-2021-23032 Impact Traffic is disrupted while the TMM process restarts. This vulnerability...

7.5CVSS7.6AI score0.00933EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•67 views

K04367730: FRF.16 parser vulnerability CVE-2018-14468

Security Advisory Description The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfrprint. CVE-2018-14468 Impact When tcpdump is active and configured to parse FRF.16 traffic, certain traffic patterns may trigger a crash or other unexpected behavior of the tcpdump...

7.5CVSS6.6AI score0.03985EPSS
Exploits0Affected Software17
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•63 views

K41043270: Intel processor vulnerabilities CVE-2021-0086 and CVE-2021-0089

Security Advisory Description CVE-2021-0086 Observable response discrepancy in floating-point operations for some IntelR Processors may allow an authorized user to potentially enable information disclosure via local access. CVE-2021-0089 Observable response discrepancy in some IntelR Processors m...

6.5CVSS6.6AI score0.00372EPSS
Exploits0Affected Software16
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•59 views

K03009991: iControl REST unauthenticated remote command execution vulnerability CVE-2021-22986

Security Advisory Description The iControl REST interface has an unauthenticated remote command execution vulnerability. CVE-2021-22986 Impact This vulnerability allows for unauthenticated attackers with network access to the iControl REST interface, through the BIG-IP management interface and se...

10CVSS8.8AI score0.99898EPSS
Exploits20Affected Software15
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•147 views

K45012151: Layer 2 security bypass issue CVE-2021-27861, CVE-2021-27862, CVE-2021-27853, CVE-2021-27854

Security Advisory Description CVE-2021-27861 Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length and optionally VLAN0 headers CVE-2021-27862 Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using...

4.7CVSS4.8AI score0.0071EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•35 views

K37890841: BIG-IP APM logging disclosure vulnerability CVE-2019-19150

Security Advisory Description The BIG-IP APM system logs the client-session-id when a per-session policy is attached to the virtual server with debug logging enabled. CVE-2019-19150 Impact The BIG-IP APM system logs the client-session-id in the log files and is available to authenticated...

4.9CVSS5AI score0.00828EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•33 views

K06014092: E2fsprogs vulnerabilities CVE-2019-5094 and CVE-2019-5188

Security Advisory Description CVE-2019-5094 An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. A specially crafted ext4 partition can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can corrupt a partition to...

7.5CVSS7.3AI score0.01105EPSS
Exploits2
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•41 views

K34511555: BIG-IP and BIG-IQ AWS vulnerability CVE-2022-34844

Security Advisory Description When the Data Plane Development Kit DPDK/Elastic Network Adapter ENA driver is used with BIG-IP or BIG-IQ on Amazon Web Services AWS systems, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Successful exploitation relies on conditio...

7.5CVSS7AI score0.0064EPSS
Exploits0Affected Software14
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•54 views

K23465404: BIG-IP LTM and APM NTLM vulnerability CVE-2022-33968

Security Advisory Description When an LTM monitor or APM SSO is configured on a virtual server, and NTLM challenge-response is in use, undisclosed traffic can cause a buffer over-read. CVE-2022-33968 Impact If an attacker controls the server that handles monitor traffic or the APM SSO endpoint,...

4.9CVSS5.4AI score0.00461EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•58 views

K63914421: PHP vulnerability CVE-2016-5770

Security Advisory Description Integer overflow in the SplFileObject::fread function in spldirectory.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer argument, a...

9.8CVSS8.6AI score0.07337EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•37 views

K35255309: Linux kernel vulnerability CVE-2020-11669

Security Advisory Description An issue was discovered in the Linux kernel before 5.2 on the powerpc platform. arch/powerpc/kernel/idlebook3s.S does not have save/restore functionality for PNVPOWERSAVEAMR, PNVPOWERSAVEUAMOR, and PNVPOWERSAVEAMOR, aka CID-53a712bae5dd. CVE-2020-11669 Impact There i...

5.5CVSS6.3AI score0.00476EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•89 views

K28405643: BIG-IP Message Routing MQTT vulnerability CVE-2022-35240

Security Advisory Description When the Message Routing MR Message Queuing Telemetry Transport MQTT profile is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. CVE-2022-35240 Impact System performance can degrade until the TMM process is...

7.5CVSS7.3AI score0.00681EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•37 views

K62695363: OpenSSL vulnerability CVE-2018-0733

Security Advisory Description Because of an implementation bug the PA-RISC CRYPTOmemcmp function is effectively reduced to only comparing the least significant bit of each byte. This allows an attacker to forge messages that would be considered as authenticated in an amount of tries lower than th...

5.9CVSS6.3AI score0.08606EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•76 views

K08440897: Linux kernel vulnerability CVE-2016-0774

Security Advisory Description The 1 piperead and 2 pipewrite implementations in fs/pipe.c in a certain Linux kernel backport in the linux package before 3.2.73-2+deb7u3 on Debian wheezy and the kernel package before 3.10.0-229.26.2 on Red Hat Enterprise Linux RHEL 7.1 do not properly consider the...

6.8CVSS7.2AI score0.00337EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•83 views

K78285929: BIND vulnerability CVE-2021-25220

Security Advisory Description BIND 9.11.0 - 9.11.36 9.12.0 - 9.16.26 9.17.0 - 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 - 9.11.36-S1 9.16.8-S1 - 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected...

6.8CVSS6.8AI score0.0325EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•60 views

K62532228: Linux kernel CVE-2020-10769

Security Advisory Description A buffer over-read flaw was found in RH kernel versions before 5.0 in cryptoauthencextractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module, authenc. When a payload longer than 4 bytes, and is not following 4-byte alignment boundary guidelines, i...

5.5CVSS6.4AI score0.00491EPSS
Exploits1Affected Software14
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•33 views

K31404801: F5 BIG-IP TMM vulnerability CVE-2017-6169

Security Advisory Description In versions 13.0.0, 12.0.0-12.1.3, or 11.6.0-11.6.2, an F5 BIG-IP virtual server using the URL categorization feature may cause the Traffic Management Microkernel TMM to produce a core file when it receives malformed URLs during categorization. CVE-2017-6169. Impact ...

6.8CVSS6.6AI score0.01448EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•51 views

K97399672: Apache Maven vulnerability CVE-2022-29599

Security Advisory Description In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection attacks. CVE-2022-29599 Impact There is no impact; F5 products are not affected by this vulnerability...

9.8CVSS8.8AI score0.04031EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•158 views

K18352029: Linux kernel vulnerability CVE-2017-18017

Security Advisory Description The tcpmssmanglepacket function in net/netfilter/xtTCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service use-after-free and memory corruption or possibly have unspecified other impact by leveraging the...

10CVSS7AI score0.52841EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•32 views

K17663061: BIG-IP SSL state mirroring vulnerability CVE-2020-5885

Security Advisory Description BIG-IP systems set up for connection mirroring in a high availability HA pair transfer sensitive cryptographic objects over an insecure communications channel. This is a control plane issue which is exposed only on the network used for connection mirroring...

9.1CVSS8.7AI score0.00809EPSS
Exploits0Affected Software11
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•69 views

K23180157: libxml2 vulnerability CVE-2017-7376

Security Advisory Description Buffer overflow in libxml2 allows remote attackers to execute arbitrary code by leveraging an incorrect limit for port values when handling redirects. CVE-2017-7376 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Statu...

10CVSS8.1AI score0.23694EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•49 views

K37923932: libTIFF vulnerability CVE-2022-3970

Security Advisory Description A vulnerability was found in LibTIFF. It has been classified as critical. This affects the function TIFFReadRGBATileExt of the file libtiff/tifgetimage.c. The manipulation leads to integer overflow. It is possible to initiate the attack remotely. The exploit has been...

8.8CVSS6.9AI score0.01237EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•59 views

K34239812: Libexpat vulnerability CVE-2019-15903

Security Advisory Description In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XMLGetCurrentLineNumber or XMLGetCurrentColumnNumber then resulted in a heap-based buffer over-read. CVE-2019-15903...

7.5CVSS7.7AI score0.06707EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•31 views

K93174402: Apache Struts 2 vulnerability CVE-2016-3090

Security Advisory Description The TextParseUtil.translateVariables method in Apache Struts 2.x before 2.3.20 allows remote attackers to execute arbitrary code via a crafted OGNL expression with ANTLR tooling. CVE-2016-3090 Impact There is no impact; F5 products are not affected by this...

8.8CVSS8.9AI score0.05663EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•40 views

K93959105: OpenSSL vulnerability CVE-2010-1633

Security Advisory Description RSA verification recovery in the EVPPKEYverifyrecover function in OpenSSL 1.x before 1.0.0a, as used by pkeyutl and possibly other applications, returns uninitialized memory upon failure, which might allow context-dependent attackers to bypass intended key requiremen...

6.4CVSS7.8AI score0.02392EPSS
Exploits2
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•35 views

K52420610: Advanced WAF and BIG-IP ASM TMUI vulnerability CVE-2021-23029

Security Advisory Description Insufficient permission checks may allow authenticated users with guest privileges to perform Server-Side Request Forgery SSRF attacks through F5 Advanced Web Application Firewall WAF and the BIG-IP ASM Configuration utility. CVE-2021-23029 Impact An attacker with...

8.8CVSS8.3AI score0.00875EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•51 views

K53746212: Sudo vulnerability CVE-2019-14287

Security Advisory Description In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration...

9CVSS7AI score0.63917EPSS
Exploits10
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•56 views

K52401347: Linux kernel vulnerability CVE-2021-28972

Security Advisory Description In drivers/pci/hotplug/rpadlparsysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly...

7.2CVSS6.7AI score0.00858EPSS
Exploits0
Total number of security vulnerabilities6413