Linux Kernel Organization, Inc. Security Vulnerabilities

CVE-2021-46911 ch_ktls: Fix kernel panic

In the Linux kernel, the following vulnerability has been resolved: ch_ktls: Fix kernel panic Taking page refcount is not ideal and causes kernel panic sometimes. It's better to take tx_ctx lock for the complete skb transmit, to avoid page cleanup if ACK received in...

Rocky Linux 8 : kernel (RLSA-2022:7683)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:7683 advisory. An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an...

[SECURITY] Fedora 39 Update: kernel-6.8.8-200.fc39

The kernel meta...

Amazon Linux 2 : kernel (ALAS-2024-2569)

The version of kernel installed on the remote host is prior to 4.14.276-211.499. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2569 advisory. 2024-06-19: CVE-2022-1011 was added to this advisory. 2024-06-19: CVE-2022-1353 was added to this advisory. ...

Amazon Linux 2 : kernel (ALAS-2024-2581)

The version of kernel installed on the remote host is prior to 4.14.348-265.562. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2581 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/kvm: Disable kvmclock on all CPUs on...

Amazon Linux AMI : kernel (ALAS-2024-1942)

The version of kernel installed on the remote host is prior to 4.14.348-187.562. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2024-1942 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/kvm: Disable kvmclock on all CPUs on...

Linux SMB3 Kernel Server (KSMBD) Installed (Linux)

Linux SMB3 Kernel Server (KSMBD) was detected on the remote Linux...

WordPress Sell Media 2.4.1 - Cross-Site Scripting

WordPress Plugin Sell Media v2.4.1 contains a cross-site scripting vulnerability in /inc/class-search.php that allows remote attackers to inject arbitrary web script or HTML via the keyword parameter (aka $search_term or the Search...

RHEL 8 : kernel (RHSA-2024:3810)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3810 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: use-after-free in...

CVE-2024-31323

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...

CVE-2024-31318

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...

CVE-2024-31317

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...

CVE-2024-31315

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...

CVE-2024-31312

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...

CVE-2024-23711

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...

CVE-2023-21113

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...

CVE-2021-46911 ch_ktls: Fix kernel panic

In the Linux kernel, the following vulnerability has been resolved: ch_ktls: Fix kernel panic Taking page refcount is not ideal and causes kernel panic sometimes. It's better to take tx_ctx lock for the complete skb transmit, to avoid page cleanup if ACK received in...

Amazon Linux AMI : kernel (ALAS-2023-1773)

The version of kernel installed on the remote host is prior to 4.14.318-166.529. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1773 advisory. It was discovered that a nft object or expression could reference a nft set on a different nft table, leading...

Amazon Linux 2 : kernel (ALAS-2023-2100)

The version of kernel installed on the remote host is prior to 4.14.318-240.529. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2100 advisory. It was discovered that a nft object or expression could reference a nft set on a different nft table, leading...

Exploit for Out-of-bounds Write in Lenovo Diagnostics

lenovo_exec...

Windows Kernel Elevation of Privilege Vulnerability

...

Windows Kernel Elevation of Privilege Vulnerability

...

Windows Kernel Elevation of Privilege Vulnerability

...

eZ Publish Kernel and Legacy Unrestricted Upload of File with Dangerous Type

eZ Publish Kernel before 5.4.14.1, 6.x before 6.13.6.2, and 7.x before 7.5.6.2 and eZ Publish Legacy before 5.4.14.1, 2017 before 2017.12.7.2, and 2019 before 2019.03.4.2 allow remote attackers to execute arbitrary code by uploading PHP code, unless the vhost configuration permits only app.php...

Amazon Linux 2 : kernel (ALAS-2023-2359)

The version of kernel installed on the remote host is prior to 4.14.330-250.540. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2359 advisory. 2024-06-19: CVE-2023-52845 was added to this advisory. A use-after-free flaw was found in vcs_read in...

CVE-2024-32547 WordPress Code Insert Manager (Q2W3 Inc Manager) plugin <= 2.5.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Max Bond Code Insert Manager (Q2W3 Inc Manager) allows Reflected XSS.This issue affects Code Insert Manager (Q2W3 Inc Manager): from n/a through...

Important: kernel

Issue Overview: 2024-04-24: CVE-2021-46929 was added to this advisory. 2024-04-24: CVE-2021-46936 was added to this advisory. 2023-10-12: CVE-2021-3923 was added to this advisory. A denial of service flaw for virtual machine guests in the Linux kernel's Xen hypervisor subsystem was found in the...

Amazon Linux 2 : kernel (ALASKERNEL-5.10-2022-020)

The version of kernel installed on the remote host is prior to 5.10.144-127.601. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2022-020 advisory. 2024-06-19: CVE-2022-4744 was added to this advisory. 2024-06-06: CVE-2022-48687 was added to this...

CVE-2024-36286

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu() syzbot reported that nf_reinject() could be called without rcu_read_lock() : WARNING: suspicious RCU usage 6.9.0-rc7-syzkaller-02060-g5c1672705a1a #0...

Oracle Linux 9 : kernel (ELSA-2024-12094)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12094 advisory. An issue was discovered in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Linux kernel before 6.4.10. There is a use-after-free because...

Oracle Linux 8 : kernel (ELSA-2023-7549)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-7549 advisory. Incorrect verifier pruning in BPF in Linux Kernel &gt;=5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary...

RHEL 8 : kernel-rt (RHSA-2023:7551)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7551 advisory. kernel: use after free in nvmet_tcp_free_crypto in NVMe (CVE-2023-5178) hw: amd: Cross-Process Information Leak (CVE-2023-20593) Note...

Amazon Linux 2 : kernel (ALASKERNEL-5.10-2024-060)

The version of kernel installed on the remote host is prior to 5.10.217-205.860. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2024-060 advisory. In the Linux kernel, the following vulnerability has been resolved: tcp: defer shutdown(SEND_SHUTDOWN)...

Amazon Linux 2 : kernel (ALASKERNEL-5.10-2024-061)

The version of kernel installed on the remote host is prior to 5.10.201-191.748. It is, therefore, affected by a vulnerability as referenced in the ALAS2KERNEL-5.10-2024-061 advisory. In the Linux kernel, the following vulnerability has been resolved: tipc: Change nla_policy for bearer-related...

Amazon Linux 2 : kernel (ALASKERNEL-5.4-2024-069)

The version of kernel installed on the remote host is prior to 5.4.276-189.376. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2024-069 advisory. 2024-06-19: CVE-2024-36905 was added to this advisory. 2024-06-19: CVE-2024-36959 was added to this...

NeDi 1.9C - Cross-Site Scripting

NeDi 1.9C is vulnerable to cross-site scripting because of an incorrect implementation of sanitize() in inc/libmisc.php. This function attempts to escape the SCRIPT tag from user-controllable values, but can be easily bypassed, as demonstrated by an onerror attribute of an IMG element as a...

CVE-2024-38614

In the Linux kernel, the following vulnerability has been resolved: openrisc: traps: Don't send signals to kernel mode threads OpenRISC exception handling sends signals to user processes on floating point exceptions and trap instructions (for debugging) among others. There is a bug where the trap.....

Github Enterprise Authenticated Remote Code Execution

An unsafe reflection vulnerability was identified in GitHub Enterprise Server that could lead to reflection injection. This vulnerability could lead to the execution of user-controlled methods and remote code execution. To exploit this bug, an actor would need to be logged into an account on the...

Symfony Vulnerable to PHP Eval Injection

Applications with ESI support (and SSI support as of Symfony 2.6) enabled and using the Symfony built-in reverse proxy (the `Symfony\Component\HttpKernel\HttpCache class) are vulnerable to PHP code injection; a malicious user can inject PHP code that will be executed by the server. HttpCache uses.....

CVE-2024-36969

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix division by zero in setup_dsc_config When slice_height is 0, the division by slice_height in the calculation of the number of slices will cause a division by zero driver crash. This leaves the kernel in a...

RHEL 8 : kernel-rt (RHSA-2024:1269)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1269 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism...

RHEL 9 : kernel-rt (RHSA-2024:0431)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0431 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism...

Amazon Linux AMI : kernel (ALAS-2023-1897)

The version of kernel installed on the remote host is prior to 4.14.330-176.540. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1897 advisory. 2024-06-19: CVE-2023-52845 was added to this advisory. A use-after-free flaw was found in vcs_read in...

CVE-2024-36286

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu() syzbot reported that nf_reinject() could be called without rcu_read_lock() : WARNING: suspicious RCU usage 6.9.0-rc7-syzkaller-02060-g5c1672705a1a #0...

Medium: kernel

Issue Overview: 2024-04-25: CVE-2021-46938 was added to this advisory. A denial-of-service (DoS) flaw was identified in the Linux kernel due to an incorrect memory barrier in xt_replace_table in net/netfilter/x_tables.c in the netfilter subsystem. (CVE-2021-29650) A flaw was found in...

Windows Kernel Elevation of Privilege Vulnerability

...

CVE-2023-4732

A flaw was found in pfn_swap_entry_to_page in memory management subsystem in the Linux Kernel. In this flaw, an attacker with a local user privilege may cause a denial of service problem due to a BUG statement referencing pmd_t...

CVE-2023-4459

A NULL pointer dereference flaw was found in vmxnet3_rq_cleanup in drivers/net/vmxnet3/vmxnet3_drv.c in the networking sub-component in vmxnet3 in the Linux Kernel. This issue may allow a local attacker with normal user privilege to cause a denial of service due to a missing sanity check during...

CVE-2024-5851

A vulnerability classified as problematic has been found in playSMS up to 1.4.7. Affected is an unknown function of the file /index.php?app=main&inc=feature_schedule&op=list of the component SMS Schedule Handler. The manipulation of the argument name/message leads to basic cross site scripting. It....

CVE-2023-42753

An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the h-&gt;nets array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a loc...