what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 38 RSS Feed

CVE-2021-4155

Status Candidate

Overview

A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them.

Related Files

Ubuntu Security Notice USN-5926-1
Posted Mar 7, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5926-1 - Kirill Tkhai discovered that the XFS file system implementation in the Linux kernel did not calculate size correctly when pre-allocating space in some situations. A local attacker could use this to expose sensitive information. Lee Jones discovered that a use-after-free vulnerability existed in the Bluetooth implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-4155, CVE-2022-20566, CVE-2022-41858, CVE-2022-42895, CVE-2023-0045, CVE-2023-23559
SHA-256 | a41914777c5a10c7ff57a46d9d192b11651b4647733ebe5adb378ce5a4e9e4af
Ubuntu Security Notice USN-5884-1
Posted Feb 23, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5884-1 - Kirill Tkhai discovered that the XFS file system implementation in the Linux kernel did not calculate size correctly when pre-allocating space in some situations. A local attacker could use this to expose sensitive information. Lee Jones discovered that a use-after-free vulnerability existed in the Bluetooth implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-4155, CVE-2022-20566, CVE-2022-41858, CVE-2022-42895, CVE-2023-0045, CVE-2023-23559
SHA-256 | 9fb79a1f43ccc6d619c96a07def2979ca05b8979050b2933267dc0bc2e17d747
Red Hat Security Advisory 2022-1417-01
Posted Apr 20, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1417-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-0466, CVE-2021-0920, CVE-2021-4155, CVE-2022-0492
SHA-256 | a1855a4358516ae7f91cd9312df1efeaeeb9fe1fe48d1dafbe1dd6848b141dd1
Red Hat Security Advisory 2022-1263-01
Posted Apr 7, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1263-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include buffer overflow, code execution, integer overflow, privilege escalation, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2021-0920, CVE-2021-4028, CVE-2021-4083, CVE-2021-4155, CVE-2021-45417, CVE-2022-0330, CVE-2022-0778, CVE-2022-22942, CVE-2022-24407, CVE-2022-25235, CVE-2022-25236, CVE-2022-25315
SHA-256 | 8099208ae1c6aef8c286b95bb11ce25104d7ea396a4083c6ef51ad9bcd09650a
Ubuntu Security Notice USN-5362-1
Posted Apr 1, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5362-1 - Nick Gregory discovered that the Linux kernel incorrectly handled network offload functionality. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Enrico Barberis, Pietro Frigo, Marius Muench, Herbert Bos, and Cristiano Giuffrida discovered that hardware mitigations added by ARM to their processors to address Spectre-BTI were insufficient. A local attacker could potentially use this to expose sensitive information.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-4083, CVE-2021-4090, CVE-2021-4155, CVE-2021-42327, CVE-2022-0001, CVE-2022-0185, CVE-2022-0330, CVE-2022-0435, CVE-2022-0492, CVE-2022-0516, CVE-2022-0742, CVE-2022-0847, CVE-2022-22942, CVE-2022-23222, CVE-2022-23960, CVE-2022-25636
SHA-256 | 15aee9355fdfa4005c244c11432f609c7d439bd4c9e2bb1fc22da50bd8c0cbbd
Red Hat Security Advisory 2022-0958-01
Posted Mar 18, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0958-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-0920, CVE-2021-4028, CVE-2021-4083, CVE-2021-4155, CVE-2022-0330, CVE-2022-0492, CVE-2022-22942
SHA-256 | 9beb6e392ff5610d64056a391fbce786ec02c468a9da9985a7ea90ed21f4bcb8
Red Hat Security Advisory 2022-0595-02
Posted Mar 4, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0595-02 - Red Hat Advanced Cluster Management for Kubernetes 2.3.6 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section. Issues addressed include an information leakage vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-25704, CVE-2020-36322, CVE-2021-20321, CVE-2021-23566, CVE-2021-3521, CVE-2021-3712, CVE-2021-3872, CVE-2021-3918, CVE-2021-3984, CVE-2021-4019, CVE-2021-4034, CVE-2021-4122, CVE-2021-4155, CVE-2021-4192, CVE-2021-4193, CVE-2021-42574, CVE-2021-42739, CVE-2021-43565, CVE-2022-0155, CVE-2022-0185, CVE-2022-20612, CVE-2022-20617
SHA-256 | 2598df9c773007328e30775692ba0a74b35fca2f6cdbd52f2b81faf7636ae67b
Red Hat Security Advisory 2022-0735-01
Posted Mar 4, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0735-01 - Red Hat Advanced Cluster Management for Kubernetes 2.4.2 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section. Issues addressed include denial of service, open redirection, privilege escalation, and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2021-22963, CVE-2021-3521, CVE-2021-3712, CVE-2021-3807, CVE-2021-3872, CVE-2021-3918, CVE-2021-3984, CVE-2021-4019, CVE-2021-4034, CVE-2021-41089, CVE-2021-41091, CVE-2021-4122, CVE-2021-4155, CVE-2021-4192, CVE-2021-4193, CVE-2021-42574, CVE-2021-43565, CVE-2021-43816, CVE-2021-43858, CVE-2022-0185, CVE-2022-0235, CVE-2022-24407, CVE-2022-24450
SHA-256 | 0f428578537f68dfaf14cf427f755f1edf5314f8b08ecb6c1be275b4a8bd343e
Red Hat Security Advisory 2022-0712-01
Posted Mar 2, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0712-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-0466, CVE-2021-4155, CVE-2022-0330
SHA-256 | 9976a84e246d5080207d0f29307069bb09e2ebfb5c5b35fdac6be577b0dc75a9
Red Hat Security Advisory 2022-0718-01
Posted Mar 2, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0718-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-0466, CVE-2021-4155, CVE-2022-0330
SHA-256 | 9440a03f6bbd1d2344fa57b67ff535b87cf006276481b3338192a6df7c81f3f7
Red Hat Security Advisory 2022-0620-01
Posted Feb 23, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0620-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include double free, out of bounds write, privilege escalation, and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-0465, CVE-2020-0466, CVE-2021-0920, CVE-2021-3564, CVE-2021-3573, CVE-2021-3752, CVE-2021-4155, CVE-2022-0330, CVE-2022-22942
SHA-256 | 63324cce18db8d1f06bc8d01cde1688dfbe96f1be29a3d711888a743dee833d0
Red Hat Security Advisory 2022-0622-01
Posted Feb 23, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0622-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include double free, out of bounds write, privilege escalation, and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-0465, CVE-2020-0466, CVE-2021-0920, CVE-2021-3564, CVE-2021-3573, CVE-2021-3752, CVE-2021-4155, CVE-2022-0330, CVE-2022-22942
SHA-256 | 1abf9ccc7a6610c1e2f76510441d10c8276850c7233a64d96784a8a539ab2872
Red Hat Security Advisory 2022-0629-01
Posted Feb 23, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0629-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include privilege escalation and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-0920, CVE-2021-4028, CVE-2021-4155
SHA-256 | 47b3dc904a7204faf6e15c69e500933b4ff798e5f889a832814df22cc9905008
Red Hat Security Advisory 2022-0636-01
Posted Feb 23, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0636-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-0920, CVE-2021-4028, CVE-2021-4155
SHA-256 | bda529498837213cadd6b42e364bdc151826b39e673be9a80a83c24a1160ac94
Red Hat Security Advisory 2022-0592-01
Posted Feb 22, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0592-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-0466, CVE-2021-0920, CVE-2021-4155, CVE-2022-0330, CVE-2022-22942
SHA-256 | 309b102eb4c93fc5c0e75351bfa6ae9f099da900cb14257534fb1df97107605f
Ubuntu Security Notice USN-5298-1
Posted Feb 22, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5298-1 - It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. J

tags | advisory, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2021-22600, CVE-2021-28714, CVE-2021-39685, CVE-2021-4083, CVE-2021-4155, CVE-2021-4202, CVE-2022-0330, CVE-2022-22942
SHA-256 | 09c5b3fccd425392b5367e56e1a647931c3ab62c1011ad7cd2bfc5d674d117af
Red Hat Security Advisory 2022-0590-01
Posted Feb 22, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0590-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-0920, CVE-2021-4028, CVE-2021-4155
SHA-256 | 0938412c0f6a72492867ad9c15b093af2fe77335328f5d59beb7ae9e9c61656f
Ubuntu Security Notice USN-5294-2
Posted Feb 22, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5294-2 - It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Szymon Heidrich discovered that the USB Gadget subsystem in the Linux kernel did not properly restrict the size of control requests for certain gadget types, leading to possible out of bounds reads or writes. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2021-22600, CVE-2021-39685, CVE-2021-4083, CVE-2021-4155, CVE-2021-4202, CVE-2021-43975, CVE-2022-0330, CVE-2022-22942
SHA-256 | 5105eb29948fcb5529fd8e2dd4f4213888887afb870b9269ae382729e9917fae
Ubuntu Security Notice USN-5297-1
Posted Feb 22, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5297-1 - Szymon Heidrich discovered that the USB Gadget subsystem in the Linux kernel did not properly restrict the size of control requests for certain gadget types, leading to possible out of bounds reads or writes. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Jann Horn discovered a race condition in the Unix domain socket implementation in the Linux kernel that could result in a read-after-free. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, unix, ubuntu
advisories | CVE-2021-39685, CVE-2021-4083, CVE-2021-4155, CVE-2021-4202, CVE-2021-43975, CVE-2022-0330, CVE-2022-22942
SHA-256 | 980f289a042ba936f0cb85b0ddd84821719c9ed533807a57016c9733fb2ff925
Ubuntu Security Notice USN-5295-2
Posted Feb 22, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5295-2 - It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Jann Horn discovered a race condition in the Unix domain socket implementation in the Linux kernel that could result in a read-after-free. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local, protocol
systems | linux, unix, ubuntu
advisories | CVE-2021-22600, CVE-2021-4083, CVE-2021-4155, CVE-2022-0330, CVE-2022-22942
SHA-256 | 6e16b06a5023be6ffa2a13a9d5e710e7e9884f26097c1fab4798cf891a79ce27
Ubuntu Security Notice USN-5295-1
Posted Feb 18, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5295-1 - It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Jann Horn discovered a race condition in the Unix domain socket implementation in the Linux kernel that could result in a read-after-free. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local, protocol
systems | linux, unix, ubuntu
advisories | CVE-2021-22600, CVE-2021-4083, CVE-2021-4155, CVE-2022-0330, CVE-2022-22942
SHA-256 | b547d8a973a224e901b06eaeedecd20d12b7bfbede9c1be88b6689532cb1a805
Ubuntu Security Notice USN-5294-1
Posted Feb 18, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5294-1 - It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Szymon Heidrich discovered that the USB Gadget subsystem in the Linux kernel did not properly restrict the size of control requests for certain gadget types, leading to possible out of bounds reads or writes. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2021-22600, CVE-2021-39685, CVE-2021-4083, CVE-2021-4155, CVE-2021-4202, CVE-2021-43975, CVE-2022-0330, CVE-2022-22942
SHA-256 | 1366df82d8fcd6815d5088e53ffe7f4c0a5200426d7806e8827105451bd46108
Red Hat Security Advisory 2022-0530-01
Posted Feb 16, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0530-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2021-4155
SHA-256 | 6a289fba24583ae8526316e483adea91516d9ab608f5c47debdf2882854ca254
Red Hat Security Advisory 2022-0533-01
Posted Feb 16, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0533-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-0466, CVE-2021-4155
SHA-256 | b6c9ec6c025e503bba5029e4ab7874fcf281b136f87c96e416fa2b993de9eccd
Red Hat Security Advisory 2022-0531-01
Posted Feb 16, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0531-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-0466, CVE-2021-4155
SHA-256 | b4060548eed57781f77b2e2b93ec6304e2516fa8cd7295c625a3f804e5648733
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    0 Files
  • 5
    Mar 5th
    0 Files
  • 6
    Mar 6th
    0 Files
  • 7
    Mar 7th
    0 Files
  • 8
    Mar 8th
    0 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    0 Files
  • 12
    Mar 12th
    0 Files
  • 13
    Mar 13th
    0 Files
  • 14
    Mar 14th
    0 Files
  • 15
    Mar 15th
    0 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    0 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close