Page 402 of 2837 results (0.024 seconds)

CVSS: 9.8EPSS: 1%CPEs: 13EXPL: 1

An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not check the length of variable elements in a beacon head, leading to a buffer overflow. Se detectó un problema en el archivo net/wireless/nl80211.c en el kernel de Linux versiones hasta 5.2.17. No comprueba la longitud de los elementos variables en un beacon head, lo que provoca un desbordamiento del búfer. A flaw in the Linux kernel's WiFi beacon validation code was discovered. • https://github.com/uthrasri/CVE-2019-16746 http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00009.html http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorap • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 0

In the Linux kernel before 5.2.14, rds6_inc_info_copy in net/rds/recv.c allows attackers to obtain sensitive information from kernel stack memory because tos and flags fields are not initialized. En el kernel de Linux versiones anteriores a 5.2.14, la función rds6_inc_info_copy en el archivo net/rds/recv.c permite a atacantes obtener información confidencial de la memoria de la pila del kernel porque los campos tos y flags no están inicializados. • http://www.openwall.com/lists/oss-security/2019/09/24/2 http://www.openwall.com/lists/oss-security/2019/09/25/1 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.14 https://github.com/torvalds/linux/commit/7d0a06586b2686ba80c4a2da5f91cb10ffbea736 https://security.netapp.com/advisory/ntap-20191031-0005 https://support.f5.com/csp/article/K48351130?utm_source=f5support&amp%3Butm_medium=RSS https://usn.ubuntu.com/4157-1 https://usn.ubuntu.com/4157-2 • CWE-909: Missing Initialization of Resource •

CVSS: 7.8EPSS: 0%CPEs: 68EXPL: 3

There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code. Se presenta un desbordamiento de búfer en la región heap de la memoria en el kernel de Linux, todas las versiones hasta 5.3 (excluyéndola), en el controlador de chip wifi marvell en el kernel de Linux, que permite a usuarios locales causar una denegación de servicio (bloqueo del sistema) o posiblemente ejecutar código arbitrario. A flaw was found in the Linux kernel’s implementation of the Marvell wifi driver, which can allow a local user who has CAP_NET_ADMIN or administrative privileges to possibly cause a Denial Of Service (DOS) by corrupting memory and possible code execution. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html http://www.openwall.com/lists/oss-security/2019/08/28/1 https://access.redhat.com/errata/RHSA-2020:0174 https://access.redhat.com/errata/RHSA-2020:0328&# • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 8.0EPSS: 0%CPEs: 88EXPL: 3

There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code. Se presenta un desbordamiento del búfer en la región heap de la memoria en el kernel, todas las versiones hasta 5.3 (excluyéndola), en el controlador de chip wifi marvell en el kernel de Linux, que permite a usuarios locales causar una denegación de servicio (bloqueo del sistema) o posiblemente ejecutar código arbitrario. A vulnerability was found in the Linux kernel's Marvell WiFi chip driver. Where, while parsing vendor-specific informational attributes, an attacker on the same WiFi physical network segment could cause a system crash, resulting in a denial of service, or potentially execute arbitrary code. This flaw affects the network interface at the most basic level meaning the attacker only needs to affiliate with the same network device as the vulnerable system to create an attack path. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html http://www.openwall.com/lists/oss-security/2019/08/28/1 https://access.redhat.com/errata/RHSA-2020:0174 https://access.redhat.com/errata/RHSA-2020:0204&# • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 0%CPEs: 60EXPL: 0

An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first' and 'ring->last' value could be supplied by a host user-space process. An unprivileged host user or process with access to '/dev/kvm' device could use this flaw to crash the host kernel, resulting in a denial of service or potentially escalating privileges on the system. Se encontró un problema de acceso fuera de límites en el kernel de Linux, todas las versiones hasta 5.3, en la manera en que el hipervisor KVM del kernel de Linux implementa la operación de escritura MMIO Coalesced. Opera en un objeto MMIO ring buffer "struct kvm_coalesced_mmio", en donde los índices de escritura "ring-)first" y "ring-)last" podrían ser suministrados por un proceso de espacio de usuario del host. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html http://www.openwall.com/lists/oss-security/2019/09/20/1 https://access.redhat.com/errata/RHSA-2019:3309 https://access.redhat.com/errata/RHSA-2019:3517&# • CWE-787: Out-of-bounds Write •