what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 8 of 8 RSS Feed

CVE-2021-34693

Status Candidate

Overview

net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized.

Related Files

Ubuntu Security Notice USN-5343-1
Posted Mar 23, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5343-1 - Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the Linux kernel did not properly restrict access to the cgroups v1 release_agent feature. A local attacker could use this to gain administrative privileges. It was discovered that the aufs file system in the Linux kernel did not properly restrict mount namespaces, when mounted with the non-default allow_userns option set. A local attacker could use this to gain administrative privileges.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-2853, CVE-2016-2854, CVE-2018-5995, CVE-2019-19449, CVE-2020-12655, CVE-2020-25670, CVE-2020-25673, CVE-2020-26139, CVE-2020-26147, CVE-2020-26555, CVE-2020-26558, CVE-2020-36322, CVE-2020-36385, CVE-2021-20292, CVE-2021-20317, CVE-2021-23134, CVE-2021-28688, CVE-2021-28972, CVE-2021-29650, CVE-2021-32399, CVE-2021-33033, CVE-2021-33034, CVE-2021-33098, CVE-2021-34693, CVE-2021-3483, CVE-2021-3506, CVE-2021-3564
SHA-256 | f52b839ff13c30e863d5be66f515f639c4bbf6c3ac1911f54911c3a1db6abad1
Ubuntu Security Notice USN-5299-1
Posted Feb 22, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5299-1 - Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation could reassemble mixed encrypted and plaintext fragments. A physically proximate attacker could possibly use this issue to inject packets or exfiltrate selected fragments. It was discovered that the bluetooth subsystem in the Linux kernel did not properly perform access control. An authenticated attacker could possibly use this to expose sensitive information.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2020-26147, CVE-2021-28972, CVE-2021-33034, CVE-2021-34693, CVE-2021-3483, CVE-2021-3564, CVE-2021-3612, CVE-2021-3679, CVE-2021-38204, CVE-2021-42008, CVE-2021-45485
SHA-256 | d8a0dffe787d4a58d1bd2849d246c1906fbde64a802ac79bc4262f763d9501ef
Ubuntu Security Notice USN-5073-3
Posted Sep 22, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5073-3 - Norbert Slusarek discovered that the CAN broadcast manger protocol implementation in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to expose sensitive information. Murray McAllister discovered that the joystick device interface in the Linux kernel did not properly validate data passed via an ioctl. A local attacker could use this to cause a denial of service or possibly execute arbitrary code on systems with a joystick device registered. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2021-34693, CVE-2021-3612, CVE-2021-38160
SHA-256 | 54229c6485d89ba4f6823e5d92635e12f16c9f00cf3975395a04c4e81124b2eb
Ubuntu Security Notice USN-5073-2
Posted Sep 17, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5073-2 - Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory. Maxim Levitsky discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not properly prevent a guest VM from enabling AVIC in nested guest VMs. An attacker in a guest VM could use this to write to portions of the host's physical memory. Various other issues were also addressed.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2021-34693, CVE-2021-3612, CVE-2021-3653, CVE-2021-3656, CVE-2021-38160
SHA-256 | 73db5d8411c29b8d786d41416069b7ec21b2ce13e2e482965f04c46f510de2e2
Ubuntu Security Notice USN-5073-1
Posted Sep 11, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5073-1 - Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory. Maxim Levitsky discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not properly prevent a guest VM from enabling AVIC in nested guest VMs. An attacker in a guest VM could use this to write to portions of the host's physical memory. Various other issues were also addressed.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2021-34693, CVE-2021-3612, CVE-2021-3653, CVE-2021-3656, CVE-2021-38160
SHA-256 | d47f70ebd1eef93cc6bda3c8c110382f63a6d1079b05d6e7253e584a3a764072
Ubuntu Security Notice USN-5070-1
Posted Sep 9, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5070-1 - Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory. Maxim Levitsky discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not properly prevent a guest VM from enabling AVIC in nested guest VMs. An attacker in a guest VM could use this to write to portions of the host's physical memory. Various other issues were also addressed.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2020-26541, CVE-2021-22543, CVE-2021-34693, CVE-2021-3612, CVE-2021-3653, CVE-2021-3656, CVE-2021-38198, CVE-2021-38200, CVE-2021-38206, CVE-2021-38207
SHA-256 | a3a2b8603d4257f8b0d4a21be470c82fa48b4774dc9e390edb98c4d8a1ce252a
Ubuntu Security Notice USN-5045-1
Posted Aug 18, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5045-1 - Norbert Slusarek discovered that the CAN broadcast manger protocol implementation in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to expose sensitive information. It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle HCI device initialization failure, leading to a double-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2021-34693, CVE-2021-3564, CVE-2021-3573, CVE-2021-3587
SHA-256 | bde5f3bf782e59c0ed151fd7c46c5d2258f7fcd96669a1026e3e26aff417fae1
Debian Security Advisory 4941-1
Posted Jul 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4941-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2020-36311, CVE-2021-33909, CVE-2021-34693, CVE-2021-3609
SHA-256 | 9e4606f89d1986908d6e85cb89fbdb57f27c0579df76bf6f6ebb8845f2929900
Page 1 of 1
Back1Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    8 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    11 Files
  • 23
    Apr 23rd
    68 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close