exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

CVE-2021-38204

Status Candidate

Overview

drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain situations.

Related Files

Ubuntu Security Notice USN-5299-1
Posted Feb 22, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5299-1 - Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation could reassemble mixed encrypted and plaintext fragments. A physically proximate attacker could possibly use this issue to inject packets or exfiltrate selected fragments. It was discovered that the bluetooth subsystem in the Linux kernel did not properly perform access control. An authenticated attacker could possibly use this to expose sensitive information.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2020-26147, CVE-2021-28972, CVE-2021-33034, CVE-2021-34693, CVE-2021-3483, CVE-2021-3564, CVE-2021-3612, CVE-2021-3679, CVE-2021-38204, CVE-2021-42008, CVE-2021-45485
SHA-256 | d8a0dffe787d4a58d1bd2849d246c1906fbde64a802ac79bc4262f763d9501ef
Ubuntu Security Notice USN-5115-1
Posted Oct 21, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5115-1 - It was discovered that a race condition existed in the Atheros Ath9k WiFi driver in the Linux kernel. An attacker could possibly use this to expose sensitive information. Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk discovered that the BPF verifier in the Linux kernel missed possible mispredicted branches due to type confusion, allowing a side-channel attack. An attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2020-3702, CVE-2021-33624, CVE-2021-34556, CVE-2021-35477, CVE-2021-3679, CVE-2021-37159, CVE-2021-3732, CVE-2021-3739, CVE-2021-3743, CVE-2021-3753, CVE-2021-3759, CVE-2021-38166, CVE-2021-38204, CVE-2021-38205, CVE-2021-40490, CVE-2021-42008
SHA-256 | 123e5f4aa3de879d935abfb080a9134445af106fa262a01d71265623b346525a
Ubuntu Security Notice USN-5092-3
Posted Oct 19, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5092-3 - USN-5092-2 fixed vulnerabilities in Linux 5.11-based kernels. Unfortunately, for Linux kernels intended for use within Microsoft Azure environments, that update introduced a regression that could cause the kernel to fail to boot in large Azure instance types. This update fixes the problem. Various other issues were also addressed.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-33624, CVE-2021-34556, CVE-2021-35477, CVE-2021-3679, CVE-2021-37159, CVE-2021-37576, CVE-2021-38160, CVE-2021-38199, CVE-2021-38201, CVE-2021-38204, CVE-2021-38205, CVE-2021-41073
SHA-256 | 2f8462834b9c412b2c94caea0415569d6a8d0a25ce4c553b1643bb9766389a30
Ubuntu Security Notice USN-5091-3
Posted Oct 15, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5091-3 - USN-5091-1 fixed vulnerabilities in Linux 5.4-based kernels. Unfortunately, for Linux kernels intended for use within Microsoft Azure environments, that update introduced a regression that could cause the kernel to fail to boot in large Azure instance types. This update fixes the problem. Various other issues were also addressed.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-33624, CVE-2021-3679, CVE-2021-37576, CVE-2021-38160, CVE-2021-38199, CVE-2021-38204
SHA-256 | 24c408984ea4c4c10e651302744cddabd5b13c5cce9576cf919599003f060a83
Ubuntu Security Notice USN-5094-2
Posted Oct 1, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5094-2 - It was discovered that the KVM hypervisor implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. An attacker who could start and control a VM could possibly use this to expose sensitive information or execute arbitrary code. It was discovered that the tracing subsystem in the Linux kernel did not properly keep track of per-cpu ring buffer state. A privileged attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2021-22543, CVE-2021-3679, CVE-2021-3732, CVE-2021-38204, CVE-2021-38205
SHA-256 | d31622e283cd38f8cb186bd7afe5560894a41bd02dd928f9715cafc78b2e7e09
Ubuntu Security Notice USN-5091-2
Posted Oct 1, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5091-2 - Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk discovered that the BPF verifier in the Linux kernel missed possible mispredicted branches due to type confusion, allowing a side-channel attack. An attacker could use this to expose sensitive information. It was discovered that the tracing subsystem in the Linux kernel did not properly keep track of per-cpu ring buffer state. A privileged attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel
systems | linux, ubuntu
advisories | CVE-2021-33624, CVE-2021-3679, CVE-2021-38160, CVE-2021-38199, CVE-2021-38204
SHA-256 | 8a8a2e75ddbcda95809cae2b0daa43ffa458f1fb2f6eba2572ac767c9100c9b1
Ubuntu Security Notice USN-5096-1
Posted Sep 30, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5096-1 - Valentina Palmiotti discovered that the io_uring subsystem in the Linux kernel could be coerced to free adjacent memory. A local attacker could use this to execute arbitrary code. Benedict Schlueter discovered that the BPF subsystem in the Linux kernel did not properly protect against Speculative Store Bypass side- channel attacks in some situations. A local attacker could possibly use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-34556, CVE-2021-35477, CVE-2021-3612, CVE-2021-3679, CVE-2021-37159, CVE-2021-3732, CVE-2021-38160, CVE-2021-38166, CVE-2021-38199, CVE-2021-38201, CVE-2021-38202, CVE-2021-38203, CVE-2021-38204, CVE-2021-38205, CVE-2021-40490, CVE-2021-41073
SHA-256 | 98f615f379d8346abea7dc65ffd543f999a46dbda2ec8a72bcaac4dbaea40126
Ubuntu Security Notice USN-5092-2
Posted Sep 29, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5092-2 - Valentina Palmiotti discovered that the io_uring subsystem in the Linux kernel could be coerced to free adjacent memory. A local attacker could use this to execute arbitrary code. Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk discovered that the BPF verifier in the Linux kernel missed possible mispredicted branches due to type confusion, allowing a side-channel attack. An attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-33624, CVE-2021-34556, CVE-2021-35477, CVE-2021-3679, CVE-2021-37159, CVE-2021-37576, CVE-2021-38160, CVE-2021-38199, CVE-2021-38201, CVE-2021-38204, CVE-2021-38205, CVE-2021-41073
SHA-256 | fe6e6f7b890fe9c454e6d8b6981a93e9900e3e12cc8de38080233a23b6f9f395
Ubuntu Security Notice USN-5094-1
Posted Sep 29, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5094-1 - It was discovered that the KVM hypervisor implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. An attacker who could start and control a VM could possibly use this to expose sensitive information or execute arbitrary code. It was discovered that the tracing subsystem in the Linux kernel did not properly keep track of per-cpu ring buffer state. A privileged attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2021-22543, CVE-2021-3679, CVE-2021-3732, CVE-2021-37576, CVE-2021-38204, CVE-2021-38205
SHA-256 | 61410dbe4257dd87ae714e3f86a082bb3acae0802b9d7ce2e4fc034d086c4838
Ubuntu Security Notice USN-5092-1
Posted Sep 28, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5092-1 - Valentina Palmiotti discovered that the io_uring subsystem in the Linux kernel could be coerced to free adjacent memory. A local attacker could use this to execute arbitrary code. Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk discovered that the BPF verifier in the Linux kernel missed possible mispredicted branches due to type confusion, allowing a side-channel attack. An attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-33624, CVE-2021-34556, CVE-2021-35477, CVE-2021-3679, CVE-2021-37159, CVE-2021-37576, CVE-2021-38160, CVE-2021-38199, CVE-2021-38201, CVE-2021-38204, CVE-2021-38205, CVE-2021-41073
SHA-256 | ebcf129926760acf6a8d3e98fe23c9b1ac0c8a4d82db537ed58774cee102bccf
Ubuntu Security Notice USN-5091-1
Posted Sep 28, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5091-1 - Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk discovered that the BPF verifier in the Linux kernel missed possible mispredicted branches due to type confusion, allowing a side-channel attack. An attacker could use this to expose sensitive information. It was discovered that the tracing subsystem in the Linux kernel did not properly keep track of per-cpu ring buffer state. A privileged attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel
systems | linux, ubuntu
advisories | CVE-2021-33624, CVE-2021-3679, CVE-2021-37576, CVE-2021-38160, CVE-2021-38199, CVE-2021-38204
SHA-256 | e091ef36b1fd7e00cec219aaafc4dbf41a9c32a20d118dea6371229fe281294a
Page 1 of 1
Back1Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    0 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    0 Files
  • 7
    Feb 7th
    0 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close