exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

CVE-2021-29155

Status Candidate

Overview

An issue was discovered in the Linux kernel through 5.11.x. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory. Specifically, for sequences of pointer arithmetic operations, the pointer modification performed by the first operation is not correctly accounted for when restricting subsequent operations.

Related Files

Red Hat Security Advisory 2021-4140-02
Posted Nov 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4140-02 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow, bypass, denial of service, double free, heap overflow, information leakage, null pointer, out of bounds read, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-0427, CVE-2020-24502, CVE-2020-24503, CVE-2020-24504, CVE-2020-24586, CVE-2020-24587, CVE-2020-24588, CVE-2020-26139, CVE-2020-26140, CVE-2020-26141, CVE-2020-26143, CVE-2020-26144, CVE-2020-26145, CVE-2020-26146, CVE-2020-26147, CVE-2020-29368, CVE-2020-29660, CVE-2020-36158, CVE-2020-36386, CVE-2021-0129, CVE-2021-20194, CVE-2021-20239, CVE-2021-23133, CVE-2021-28950, CVE-2021-28971, CVE-2021-29155
SHA-256 | 06051ab16cb42d450d376dba8b9418f4b1e3e84d93535dfa51d4c79b9b2affd5
Download | Favorite | View
Ubuntu Security Notice USN-4999-1
Posted Jun 23, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4999-1 - Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. Piotr Krysiuk discovered that the eBPF implementation in the Linux kernel did not properly enforce limits for pointer operations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability, protocol
systems | linux, ubuntu
advisories | CVE-2020-24586, CVE-2020-24587, CVE-2020-24588, CVE-2020-25670, CVE-2020-25671, CVE-2020-25673, CVE-2020-26139, CVE-2020-26141, CVE-2020-26145, CVE-2020-26147, CVE-2021-23133, CVE-2021-29155, CVE-2021-31440, CVE-2021-31829, CVE-2021-33200, CVE-2021-3609
SHA-256 | 608a8996ce80308dbc8f67bc54e75f304a5acf75c42f7825463b1e10f884ffae
Download | Favorite | View
Ubuntu Security Notice USN-4983-1
Posted Jun 4, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4983-1 - Piotr Krysiuk discovered that the eBPF implementation in the Linux kernel did not properly enforce limits for pointer operations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Piotr Krysiuk and Benedict Schlueter discovered that the eBPF implementation in the Linux kernel performed out of bounds speculation on pointer arithmetic. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-29155, CVE-2021-31829, CVE-2021-33200, CVE-2021-3501
SHA-256 | c8d6a4d1ac66d32b7a2f8aec8f4be767802cb76e03860da72e2558c5974f173a
Download | Favorite | View
Ubuntu Security Notice USN-4977-1
Posted Jun 3, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4977-1 - Kiyin discovered that the NFC LLCP protocol implementation in the Linux kernel contained a reference counting error. A local attacker could use this to cause a denial of service. Kiyin discovered that the NFC LLCP protocol implementation in the Linux kernel did not properly deallocate memory in certain error situations. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2020-25670, CVE-2020-25673, CVE-2021-29155, CVE-2021-3501
SHA-256 | e08eead12351b562c8393556b5d0d894119bfeac691f89307ba19ce69383d1de
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close