Download
| Alert*
|
oval:org.secpod.oval:def:59814
linux-image-oem-osp1 5.0 series is installed oval:org.secpod.oval:def:70227 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-oracle: Linux kernel for Oracle Cloud systems - linux-aws-5.3: Linux kernel for Amazon Web ... oval:org.secpod.oval:def:705707 linux-oem-osp1: Linux kernel for OEM systems - linux-raspi2-5.3: Linux kernel for Raspberry Pi systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:705692 linux-gke-5.0: Linux kernel for Google Container Engine systems - linux-gke-5.3: Linux kernel for Google Container Engine systems - linux-hwe: Linux hardware enablement kernel - linux-oem-osp1: Linux kernel for OEM systems - linux-raspi2-5.3: Linux kernel for Raspberry Pi systems Several securit ... oval:org.secpod.oval:def:70222 linux-gke-5.0: Linux kernel for Google Container Engine systems - linux-oem-osp1: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:70231 linux-gke-5.0: Linux kernel for Google Container Engine systems - linux-oem-osp1: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:61662 It was discovered that a heap-based buffer overflow existed in the Marvell Libertas WLAN Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. oval:org.secpod.oval:def:61684 A memory leak in the mlx5_fpga_conn_create_cq() function in drivers/net/ethernet/mellanox/mlx5/core/fpga/conn.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering mlx5_vector2eqn() failures, aka CID-c8c2a057fdc7. oval:org.secpod.oval:def:61661 It was discovered that a heap-based buffer overflow existed in the Marvell Libertas WLAN Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. oval:org.secpod.oval:def:70259 linux: Linux kernel - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-oracle: Linux kernel for Oracle Cloud systems - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-gcp-5.4: Linux kernel for Google Cloud Platform systems - linux-gke-4.15: Linux kernel for ... oval:org.secpod.oval:def:70210 linux-gke-5.0: Linux kernel for Google Container Engine systems - linux-oem-osp1: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:61659 Michael Hanselmann discovered that the CIFS implementation in the Linux kernel did not sanitize paths returned by an SMB server. An attacker controlling an SMB server could use this to overwrite arbitrary files. oval:org.secpod.oval:def:61679 In the Linux kernel before 5.3.9, there are multiple out-of-bounds write bugs that can be caused by a malicious USB device in the Linux kernel HID drivers, aka CID-d9d4b1e46d95. This affects drivers/hid/hid-axff.c, drivers/hid/hid-dr.c, drivers/hid/hid-emsff.c, drivers/hid/hid-gaff.c, drivers/hid/hi ... oval:org.secpod.oval:def:61678 It was discovered that in some situations the fair scheduler in the Linux kernel did not permit a process to use its full quota time slice. A local attacker could use this to cause a denial of service. oval:org.secpod.oval:def:61677 It was discovered that the PEAK-System Technik USB driver in the Linux kernel did not properly sanitize memory before sending it to the device. A physically proximate attacker could use this to expose sensitive information . oval:org.secpod.oval:def:61676 It was discovered that the Microchip CAN BUS Analyzer driver in the Linux kernel contained a use-after-free vulnerability on device disconnect. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. oval:org.secpod.oval:def:61675 It was discovered that the NXP PN533 NFC USB driver in the Linux kernel did not properly free resources after a late probe error, leading to a use- after-free vulnerability. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. oval:org.secpod.oval:def:61674 It was discovered that the driver for memoryless force-feedback input devices in the Linux kernel contained a use-after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service or execute arbitrary code. oval:org.secpod.oval:def:61673 It was discovered that the AMD Display Engine Driver in the Linux kernel did not properly deallocate memory in certain error conditions. A local attack could use this to cause a denial of service . oval:org.secpod.oval:def:61672 It was discovered that the Cascoda CA8210 SPI 802.15.4 wireless controller driver for the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could use this to cause a denial of service . oval:org.secpod.oval:def:61671 It was discovered that the AMD Audio CoProcessor Driver for the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker with the ability to load modules could use this to cause a denial of service . oval:org.secpod.oval:def:70203 linux-gke-5.0: Linux kernel for Google Container Engine systems - linux-oem-osp1: Linux kernel for OEM processors Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:70192 linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke-5.0: Linux kernel for Google Container Engine systems - linux-oem-osp1: Linux kernel for OEM processors - linux-oracle-5.0: Linux kernel for Oracle Cloud systems Seve ... oval:org.secpod.oval:def:61669 It was discovered that the ADIS16400 IIO IMU Driver for the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could use this to cause a denial of service . oval:org.secpod.oval:def:61668 Anthony Steinhauser discovered that the Linux kernel did not properly perform Spectre_RSB mitigations to all processors for PowerPC architecture systems in some situations. A local attacker could use this to expose sensitive information. oval:org.secpod.oval:def:61667 Nicolas Waisman discovered that the WiFi driver stack in the Linux kernel did not properly validate SSID lengths. A physically proximate attacker could use this to cause a denial of service . oval:org.secpod.oval:def:61666 Nicolas Waisman discovered that the Chelsio T4/T5 RDMA Driver for the Linux kernel performed DMA from a kernel stack. A local attacker could use this to cause a denial of service . oval:org.secpod.oval:def:61665 It was discovered that the QLogic Fibre Channel driver in the Linux kernel did not properly check for error, leading to a NULL pointer dereference. A local attacker could possibly use this to cause a denial of service . oval:org.secpod.oval:def:61664 It was discovered that the Fujitsu ES network device driver for the Linux kernel did not properly check for errors in some situations, leading to a NULL pointer dereference. A local attacker could use this to cause a denial of service. oval:org.secpod.oval:def:61686 In binder_transaction of binder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid I ... oval:org.secpod.oval:def:61663 It was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. oval:org.secpod.oval:def:61683 A memory leak in the crypto_reportstat() function in drivers/virt/vboxguest/vboxguest_utils.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering copy_form_user() failures, aka CID-e0b0cb938864. oval:org.secpod.oval:def:61660 It was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. oval:org.secpod.oval:def:61682 A memory leak in the gs_can_open() function in drivers/net/can/usb/gs_usb.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-fb5be6a7b486. oval:org.secpod.oval:def:61681 A memory leak in the nl80211_get_ftm_responder_stats() function in net/wireless/nl80211.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering nl80211hdr_put() failures, aka CID-1399c59fa929. NOTE: third parties dispute the relevance of ... oval:org.secpod.oval:def:61680 A memory leak in the predicate_parse() function in kernel/trace/trace_events_filter.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-96c5c6e6a5b6. oval:org.secpod.oval:def:61685 A memory leak in the dwc3_pci_probe() function in drivers/usb/dwc3/dwc3-pci.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering platform_device_add_properties() failures, aka CID-9bbfceea12a8. oval:org.secpod.oval:def:61670 It was discovered that the Intel OPA Gen1 Infiniband Driver for the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could use this to cause a denial of service . |
