Page 327 of 2787 results (0.018 seconds)

CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 1

An issue was discovered in the Linux kernel through 5.11.x. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory. Specifically, for sequences of pointer arithmetic operations, the pointer modification performed by the first operation is not correctly accounted for when restricting subsequent operations. Se detectó un problema en el kernel de Linux versiones hasta 5.11.x. En el archivo kernel/bpf/verifier.c lleva a cabo especulaciones indeseables fuera de límites en la aritmética de punteros, conllevando a ataques de canal lateral que anulan las mitigaciones de Spectre y consiguen información confidencial de la memoria del kernel. Específicamente, para secuencias de operaciones aritméticas de puntero, la modificación de puntero llevada a cabo por la primera operación no se contabiliza correctamente al restringir operaciones posteriores A vulnerability was discovered in retrieve_ptr_limit in kernel/bpf/verifier.c in the Linux kernel mechanism to mitigate speculatively out-of-bounds loads (Spectre mitigation). • https://github.com/benschlueter/CVE-2021-29155 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=073815b756c51ba9d8384d924c5d1c03ca3d1ae4 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=24c109bb1537c12c02aeed2d51a347b4d6a9b76e https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6f55b2f2a1178856c19bbce2f71449926e731914 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7fedb63a8307dda0ec3b8969a3b233a1dd7ea8e0 https://git.kernel& • CWE-125: Out-of-bounds Read •

CVSS: 7.1EPSS: 0%CPEs: 24EXPL: 0

An out-of-bounds (OOB) memory access flaw was found in fs/f2fs/node.c in the f2fs module in the Linux kernel in versions before 5.12.0-rc4. A bounds check failure allows a local attacker to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability. Se encontró un fallo de acceso a la memoria fuera de límites (OOB) en el archivo fs/f2fs/node.c en el módulo f2fs en el kernel de Linux en versiones anteriores a 5.12.0-rc4. Un fallo en la comprobación de límites permite a un atacante local conseguir acceso a la memoria fuera de límites, conllevando a un bloqueo del sistema o una fuga de información interna del kernel. • http://www.openwall.com/lists/oss-security/2021/05/08/1 https://bugzilla.redhat.com/show_bug.cgi?id=1944298 https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html https://security.netapp.com/advisory/ntap-20210611-0007 https://www.mail-archive.com/linux-kernel%40vger.kernel.org/msg2520013.html https://www.openwall.com/lists/oss-security/2021/03/28/2 • CWE-125: Out-of-bounds Read •

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0

An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka CID-5d069dbe8aaf. fuse_do_getattr() calls make_bad_inode() in inappropriate situations, causing a system crash. NOTE: the original fix for this vulnerability was incomplete, and its incompleteness is tracked as CVE-2021-28950. Se detectó un problema en la implementación del sistema de archivos FUSE en el kernel de Linux versiones anteriores a 510.6, también se conoce como CID-5d069dbe8aaf. La función fuse_do_getattr() llama a la función make_bad_inode() en situaciones inapropiadas, causando un bloqueo del sistema. NOTA: la solución original para esta vulnerabilidad estaba incompleta y su estado incompleto es registrado como CVE-2021-28950 A denial of service flaw was found in fuse_do_getattr in fs/fuse/dir.c in the kernel side of the FUSE filesystem in the Linux kernel. • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.6 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5d069dbe8aaf2a197142558b6fb2978189ba3454 https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html https://www.debian.org/security/2022/dsa-5096 https://www.starwindsoftware.com/security/sw-20220816-0001 https://access.redhat.com/security/cve/CVE-2020-36322 https:// • CWE-459: Incomplete Cleanup •

CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0

BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_comp32.c. Los compiladores BPF JIT en el kernel de Linux hasta la versión 5.11.12 tienen un cálculo incorrecto de los desplazamientos de rama, lo que les permite ejecutar código arbitrario dentro del contexto del kernel. Esto afecta a arch/x86/net/bpf_jit_comp.c y arch/x86/net/bpf_jit_comp32.c A flaw was found in the Linux kernels eBPF implementation. By default, accessing the eBPF verifier is only accessible to privileged users with CAP_SYS_ADMIN. • http://packetstormsecurity.com/files/162434/Kernel-Live-Patch-Security-Notice-LSN-0076-1.html https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=26f55a59dc65ff77cd1c4b37991e26497fc68049 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e4d4d456436bfb2fe412ee2cd489f7658449b098 https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html https://lists.fedoraproject.org/archives/list/package-anno • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0

An issue was discovered in the Linux kernel before 5.8. arch/x86/kvm/svm/svm.c allows a set_memory_region_test infinite loop for certain nested page faults, aka CID-e72436bc3a52. Se detectó un problema en el kernel de Linux versiones anteriores a 5.8. El archivo arch/x86/kvm/svm/svm.c permite un bucle infinito en la función set_memory_region_test para determinados fallos de página anidadas, también se conoce como CID-e72436bc3a52 • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.8 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e72436bc3a5206f95bb384e741154166ddb3202e https://www.debian.org/security/2022/dsa-5095 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •