exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 14 of 14 RSS Feed

CVE-2020-28915

Status Candidate

Overview

A buffer over-read (at the framebuffer layer) in the fbcon code in the Linux kernel before 5.8.15 could be used by local attackers to read kernel memory, aka CID-6735b4632def.

Related Files

Red Hat Security Advisory 2022-6696-01
Posted Sep 27, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6696-01 - Red Hat Advanced Cluster Management for Kubernetes 2.4.6 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Critical. Issues addressed include crlf injection and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2015-20107, CVE-2020-28915, CVE-2021-40528, CVE-2022-0391, CVE-2022-1012, CVE-2022-1292, CVE-2022-1586, CVE-2022-1729, CVE-2022-1785, CVE-2022-1897, CVE-2022-1927, CVE-2022-2068, CVE-2022-2097, CVE-2022-21123
SHA-256 | 93b0f967c0fc17f3ba55a522337de68e746328883ab6a3bcc0a9d9569b072751
Red Hat Security Advisory 2022-5840-01
Posted Aug 4, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5840-01 - The Migration Toolkit for Containers enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2018-1000858, CVE-2018-25032, CVE-2019-13050, CVE-2019-17594, CVE-2019-17595, CVE-2019-18218, CVE-2019-20838, CVE-2020-14155, CVE-2020-28915, CVE-2020-29361, CVE-2020-29362, CVE-2020-29363, CVE-2021-36084, CVE-2021-36085
SHA-256 | 42e01a6d5bc88185e1a2422b06a068eb5eb39518221abce55975738768ed0e4a
Red Hat Security Advisory 2022-5531-01
Posted Jul 27, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5531-01 - Red Hat Advanced Cluster Management for Kubernetes 2.5.1 General Availability release images, which fix security issues and bugs.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-28915, CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2021-40528, CVE-2022-1271, CVE-2022-1621, CVE-2022-1629, CVE-2022-22576, CVE-2022-24450, CVE-2022-25313, CVE-2022-25314, CVE-2022-27666, CVE-2022-27774
SHA-256 | f41ee848b6d0c115a722f77ecc6e1af8a8aefc16c64c38321266f8cf8d547612
Red Hat Security Advisory 2022-5556-01
Posted Jul 27, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5556-01 - Logging Subsystem 5.4.3 has security updates. Issues addressed include denial of service and out of bounds read vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2020-28915, CVE-2021-38561, CVE-2021-40528, CVE-2022-1271, CVE-2022-1621, CVE-2022-1629, CVE-2022-22576, CVE-2022-25313, CVE-2022-25314, CVE-2022-26691, CVE-2022-27666, CVE-2022-27774, CVE-2022-27776, CVE-2022-27782
SHA-256 | 6ddc3f6f99dbf4a5b530359707a6e2dd268fc21dae51c4ad4ddab62aad4ea62b
Red Hat Security Advisory 2022-5316-01
Posted Jul 1, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5316-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, memory leak, and out of bounds read vulnerabilities.

tags | advisory, overflow, kernel, vulnerability, memory leak
systems | linux, redhat
advisories | CVE-2020-28915, CVE-2022-27666
SHA-256 | b24f3a668e5712e347898fac5bf44b79e82271227a5a45bbb15bb5d697552e57
Red Hat Security Advisory 2022-5344-01
Posted Jun 29, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5344-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow and out of bounds read vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-28915, CVE-2022-27666
SHA-256 | e40b81ebd419027685248a7cc72731de7ab7d98e6aebf6151c4aca407d5a53eb
Ubuntu Security Notice USN-4752-1
Posted Feb 25, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4752-1 - Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen discovered that legacy pairing and secure-connections pairing authentication in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. A physically proximate attacker could use this to impersonate a previously paired Bluetooth device. Jay Shin discovered that the ext4 file system implementation in the Linux kernel did not properly handle directory access with broken indexing, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2020-10135, CVE-2020-14314, CVE-2020-15436, CVE-2020-15437, CVE-2020-24490, CVE-2020-25212, CVE-2020-25284, CVE-2020-25641, CVE-2020-25643, CVE-2020-25704, CVE-2020-27152, CVE-2020-27815, CVE-2020-28588, CVE-2020-28915, CVE-2020-29368, CVE-2020-29369, CVE-2020-29371, CVE-2020-29660, CVE-2020-29661, CVE-2020-35508
SHA-256 | 9d423aca91d7f1b70463a45e888e4c441f17d4136f7beccf8bf581dc633b7a2e
Ubuntu Security Notice USN-4660-2
Posted Dec 14, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4660-2 - USN-4660-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a regression in the software raid10 driver when used with fstrim that could lead to data corruption. This update fixes the problem. It was discovered that a race condition existed in the perf subsystem of the Linux kernel, leading to a use-after-free vulnerability. An attacker with access to the perf subsystem could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-14351, CVE-2020-14390, CVE-2020-25211, CVE-2020-25284, CVE-2020-25285, CVE-2020-25641, CVE-2020-25643, CVE-2020-25645, CVE-2020-28915, CVE-2020-4788
SHA-256 | b683340da7eef1e285118a4d437c5ecf07c3a00fa703347ee4cb1c9ef5624aa8
Ubuntu Security Notice USN-4658-2
Posted Dec 14, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4658-2 - USN-4658-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a regression in the software raid10 driver when used with fstrim that could lead to data corruption. This update fixes the problem. It was discovered that a race condition existed in the binder IPC implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-0423, CVE-2020-10135, CVE-2020-14351, CVE-2020-14390, CVE-2020-25211, CVE-2020-25284, CVE-2020-25643, CVE-2020-25645, CVE-2020-25705, CVE-2020-28915, CVE-2020-4788
SHA-256 | bbc584a0fe5af295e0f436fdc4bd981b54271cf0c2a539f59dc946b7ea324060
Ubuntu Security Notice USN-4659-2
Posted Dec 14, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4659-2 - USN-4659-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a regression in the software raid10 driver when used with fstrim that could lead to data corruption. This update fixes the problem. It was discovered that a race condition existed in the binder IPC implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-0423, CVE-2020-10135, CVE-2020-14351, CVE-2020-25705, CVE-2020-27152, CVE-2020-28915, CVE-2020-4788
SHA-256 | e138a7080f715c2dcc2727e15e0e258a11808c6d9e156fb00fa4ac8c8953c766
Ubuntu Security Notice USN-4660-1
Posted Dec 3, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4660-1 - It was discovered that a race condition existed in the perf subsystem of the Linux kernel, leading to a use-after-free vulnerability. An attacker with access to the perf subsystem could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the frame buffer implementation in the Linux kernel did not properly handle some edge cases in software scrollback. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-14351, CVE-2020-14390, CVE-2020-25211, CVE-2020-25284, CVE-2020-25285, CVE-2020-25641, CVE-2020-25643, CVE-2020-25645, CVE-2020-28915, CVE-2020-4788
SHA-256 | 846750eeb23d3d60a26a9e5dd5ee57d3a56322b40ec7af818f318a1c862c2d90
Ubuntu Security Notice USN-4659-1
Posted Dec 2, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4659-1 - It was discovered that a race condition existed in the binder IPC implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen discovered that legacy pairing and secure-connections pairing authentication in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. A physically proximate attacker could use this to impersonate a previously paired Bluetooth device. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2020-0423, CVE-2020-10135, CVE-2020-14351, CVE-2020-25705, CVE-2020-27152, CVE-2020-28915, CVE-2020-4788
SHA-256 | 9a0f9a2f26c0dfddf7589768d4e433696e87ba393c23e7f724162684bf154fac
Ubuntu Security Notice USN-4658-1
Posted Dec 2, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4658-1 - It was discovered that a race condition existed in the binder IPC implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen discovered that legacy pairing and secure-connections pairing authentication in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. A physically proximate attacker could use this to impersonate a previously paired Bluetooth device. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2020-0423, CVE-2020-10135, CVE-2020-14351, CVE-2020-14390, CVE-2020-25211, CVE-2020-25284, CVE-2020-25643, CVE-2020-25645, CVE-2020-25705, CVE-2020-28915, CVE-2020-4788
SHA-256 | 4ed9af991deebf6c3244cf4de2f7dbb22af21f0a04f28319291a7673feba8d42
Ubuntu Security Notice USN-4657-1
Posted Dec 2, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4657-1 - Elena Petrova discovered that the pin controller device tree implementation in the Linux kernel did not properly handle string references. A local attacker could use this to expose sensitive information. Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen discovered that legacy pairing and secure-connections pairing authentication in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. A physically proximate attacker could use this to impersonate a previously paired Bluetooth device. Various other issues were also addressed.

tags | advisory, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2020-0427, CVE-2020-10135, CVE-2020-12352, CVE-2020-14351, CVE-2020-14390, CVE-2020-25211, CVE-2020-25284, CVE-2020-25643, CVE-2020-25645, CVE-2020-25705, CVE-2020-28915, CVE-2020-4788
SHA-256 | dbfacde5bfc0db84799a2a413ab853f7c93216a094a4a437b9daba32978b1e77
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close