Page 449 of 4759 results (0.016 seconds)

CVSS: 7.4EPSS: 0%CPEs: 3EXPL: 1

A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well on the Linux Based Products (RUGGEDCOM RM1224: All versions between v5.0 and v6.4, SCALANCE M-800: All versions between v5.0 and v6.4, SCALANCE S615: All versions between v5.0 and v6.4, SCALANCE SC-600: All versions prior to v2.1.3, SCALANCE W1750D: v8.3.0.1, v8.6.0, and v8.7.0, SIMATIC Cloud Connect 7: All versions, SIMATIC MV500 Family: All versions, SIMATIC NET CP 1243-1 (incl. SIPLUS variants): Versions 3.1.39 and later, SIMATIC NET CP 1243-7 LTE EU: Version Se encontró un fallo en los paquetes ICMP en el kernel de Linux puede permitir a un atacante escanear rápidamente los puertos UDP abiertos. Este defecto permite a un atacante remoto fuera de la ruta eludir efectivamente la aleatorización del puerto de origen UDP. • https://github.com/tdwyer/CVE-2020-25705 https://us-cert.cisa.gov/ics/advisories/icsa-21-131-03 https://access.redhat.com/security/cve/CVE-2020-25705 https://bugzilla.redhat.com/show_bug.cgi?id=1894579 • CWE-330: Use of Insufficiently Random Values •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1

An issue was discovered in ioapic_lazy_update_eoi in arch/x86/kvm/ioapic.c in the Linux kernel before 5.9.2. It has an infinite loop related to improper interaction between a resampler and edge triggering, aka CID-77377064c3a9. Se detectó un problema en la función ioapic_lazy_update_eoi en el archivo arch/x86/kvm/ioapic.c en el kernel de Linux versiones anteriores a 5.9.2. Presenta un bucle infinito relacionado con la interacción inapropiada entre el remuestreador y la activación de borde, también se conoce como CID-77377064c3a9 A stack overflow flaw via an infinite loop condition issue was found in the KVM hypervisor of the Linux kernel. This flaw occurs while processing interrupts because the IRQ state is erroneously set. • http://www.openwall.com/lists/oss-security/2020/11/03/1 https://bugzilla.kernel.org/show_bug.cgi?id=208767 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.9.2 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=77377064c3a94911339f13ce113b3abf265e06da https://access.redhat.com/security/cve/CVE-2020-27152 https://bugzilla.redhat.com/show_bug.cgi?id=1888886 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •

CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0

An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. Guest OS users can cause a denial of service (host OS hang) via a high rate of events to dom0, aka CID-e99502f76271. Se detectó un problema en el kernel de Linux versiones hasta 5.9.1, como es usado con Xen versiones hasta 4.14.x. Los usuarios del Sistema Operativo invitado pueden causar una denegación de servicio (suspensión del Sistema Operativo host) por medio de una alta tasa de eventos en dom0, también se conoce como CID-e99502f76271 • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00075.html http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00025.html http://www.openwall.com/lists/oss-security/2021/01/19/6 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e99502f76271d6bc4e374fe368c50c67a1fd3070 https://github.com/torvalds/linux/commit/e99502f76271d6bc4e374fe368c50c67a1fd3070 https://lists.debian.org/debian-lts-announce/2020/12/msg00015.html https://lists.debian.org/debian-lts-announ •

CVSS: 4.7EPSS: 0%CPEs: 5EXPL: 0

An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. drivers/xen/events/events_base.c allows event-channel removal during the event-handling loop (a race condition). This can cause a use-after-free or NULL pointer dereference, as demonstrated by a dom0 crash via events for an in-reconfiguration paravirtualized device, aka CID-073d0552ead5. Se detectó un problema en el kernel de Linux versiones hasta 5.9.1, como es usado con Xen versiones hasta 4.14.x. El archivo drivers/xen/events/events_base.c permite la eliminación del canal de eventos durante el ciclo de manejo de eventos (una condición de carrera). Esto puede causar una desreferencia del puntero NULL y un uso de la memoria previamente liberada como es demostrado por un bloqueo dom0 por medio de eventos para un dispositivo paravirtualizado en reconfiguración, también se conoce como CID-073d0552ead5 • http://www.openwall.com/lists/oss-security/2021/01/19/3 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=073d0552ead5bfc7a3a9c01de590e924f11b5dd2 https://github.com/torvalds/linux/commit/073d0552ead5bfc7a3a9c01de590e924f11b5dd2 https://lists.debian.org/debian-lts-announce/2020/12/msg00015.html https://lists.debian.org/debian-lts-announce/2020/12/msg00027.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ZG6TZLD23QO3PV2AN2HB625ZX47ALTT https:/&#x • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free CWE-476: NULL Pointer Dereference •

CVSS: 8.8EPSS: 0%CPEs: 13EXPL: 2

Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. Una comprobación de entrada incorrecta en BlueZ puede permitir a un usuario no autenticado habilitar potencialmente una escalada de privilegios por medio de un acceso adyacente A flaw was found in the way the Linux kernel’s Bluetooth implementation handled L2CAP (Logical Link Control and Adaptation Protocol) packets with A2MP (Alternate MAC-PHY Manager Protocol) CID (Channel Identifier). This flaw allows a remote attacker in an adjacent range to crash the system, causing a denial of service or potentially executing arbitrary code on the system by sending a specially crafted L2CAP packet. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. • https://www.exploit-db.com/exploits/49754 http://packetstormsecurity.com/files/162131/Linux-Kernel-5.4-BleedingTooth-Remote-Code-Execution.html https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00435.html?wapkw=CVE-2020-12351 https://access.redhat.com/security/cve/CVE-2020-12351 https://bugzilla.redhat.com/show_bug.cgi?id=1886521 • CWE-20: Improper Input Validation CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •