what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

CVE-2021-42739

Status Candidate

Overview

The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking.

Related Files

Red Hat Security Advisory 2022-1988-01
Posted May 11, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1988-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, denial of service, information leakage, integer overflow, memory leak, out of bounds read, out of bounds write, privilege escalation, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, kernel, vulnerability, memory leak
systems | linux, redhat
advisories | CVE-2020-0404, CVE-2020-13974, CVE-2020-27820, CVE-2020-4788, CVE-2021-0941, CVE-2021-20322, CVE-2021-21781, CVE-2021-26401, CVE-2021-29154, CVE-2021-3612, CVE-2021-3669, CVE-2021-37159, CVE-2021-3743, CVE-2021-3744, CVE-2021-3752, CVE-2021-3759, CVE-2021-3764, CVE-2021-3772, CVE-2021-3773, CVE-2021-4002, CVE-2021-4037, CVE-2021-4083, CVE-2021-4157, CVE-2021-41864, CVE-2021-4197, CVE-2021-4203, CVE-2021-42739, CVE-2021-4305
SHA-256 | 37a2bc5df5427ed04000a8d10823bd2aed8f25a960acdbe741e5cfa028d617df
Red Hat Security Advisory 2022-1975-01
Posted May 11, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1975-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow, denial of service, information leakage, integer overflow, out of bounds read, out of bounds write, privilege escalation, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-0404, CVE-2020-13974, CVE-2020-27820, CVE-2021-0941, CVE-2021-20322, CVE-2021-26401, CVE-2021-29154, CVE-2021-3612, CVE-2021-3669, CVE-2021-37159, CVE-2021-3743, CVE-2021-3744, CVE-2021-3752, CVE-2021-3759, CVE-2021-3764, CVE-2021-3772, CVE-2021-3773, CVE-2021-4002, CVE-2021-4037, CVE-2021-4083, CVE-2021-4157, CVE-2021-41864, CVE-2021-4197, CVE-2021-4203, CVE-2021-42739, CVE-2021-43389, CVE-2021-43976
SHA-256 | 76e7a83f67a9594d044f0555940c9cdc95fcacfd7cb6fe3ce07a4e4115106e22
Ubuntu Security Notice USN-5361-1
Posted Apr 1, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5361-1 - It was discovered that the VFIO PCI driver in the Linux kernel did not properly handle attempts to access disabled memory spaces. A local attacker could use this to cause a denial of service. Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation did not properly verify certain fragmented frames. A physically proximate attacker could possibly use this issue to inject or decrypt packets.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-12888, CVE-2020-26141, CVE-2020-26145, CVE-2020-3702, CVE-2021-0920, CVE-2021-0935, CVE-2021-28964, CVE-2021-31916, CVE-2021-37159, CVE-2021-39636, CVE-2021-4083, CVE-2021-42739, CVE-2021-43976, CVE-2021-45486
SHA-256 | c315b3f99c654dc04603839d125f1fe9f0159f30ff823c00d323d0852627c9cf
Red Hat Security Advisory 2022-0595-02
Posted Mar 4, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0595-02 - Red Hat Advanced Cluster Management for Kubernetes 2.3.6 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section. Issues addressed include an information leakage vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-25704, CVE-2020-36322, CVE-2021-20321, CVE-2021-23566, CVE-2021-3521, CVE-2021-3712, CVE-2021-3872, CVE-2021-3918, CVE-2021-3984, CVE-2021-4019, CVE-2021-4034, CVE-2021-4122, CVE-2021-4155, CVE-2021-4192, CVE-2021-4193, CVE-2021-42574, CVE-2021-42739, CVE-2021-43565, CVE-2022-0155, CVE-2022-0185, CVE-2022-20612, CVE-2022-20617
SHA-256 | 2598df9c773007328e30775692ba0a74b35fca2f6cdbd52f2b81faf7636ae67b
Ubuntu Security Notice USN-5267-3
Posted Feb 17, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5267-3 - USN-5267-1 fixed vulnerabilities in the Linux kernel. This update provides the corresponding updates for the Linux kernel for Raspberry Pi devices. It was discovered that the Bluetooth subsystem in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-3640, CVE-2021-3752, CVE-2021-42739
SHA-256 | 4a5754d3205b26805abdee8471083dc8dc84e0eb92a3e64f7fad52257c035f4c
Ubuntu Security Notice USN-5267-2
Posted Feb 9, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5267-2 - USN-5267-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a regression that caused the kernel to freeze when accessing CIFS shares in some situations. This update fixes the problem.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-3640, CVE-2021-3752, CVE-2021-42739
SHA-256 | 1fa802d233f94d6e25c95108667119d85ca0d36cae93f6c46bb286febc0cf8da
Ubuntu Security Notice USN-5268-1
Posted Feb 3, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5268-1 - Keyu Man discovered that the ICMP implementation in the Linux kernel did not properly handle received ICMP error packets. A remote attacker could use this to facilitate attacks on UDP based services that depend on source port randomization. It was discovered that the Bluetooth subsystem in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary, kernel, local, udp
systems | linux, ubuntu
advisories | CVE-2021-20322, CVE-2021-3640, CVE-2021-3752, CVE-2021-42739
SHA-256 | b8ba9e5c3e6439e47e28cee9eee4587c8f0d9fce5daef2974af08b9d6e1a91e8
Ubuntu Security Notice USN-5267-1
Posted Feb 3, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5267-1 - It was discovered that the Bluetooth subsystem in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Likang Luo discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-3640, CVE-2021-3752, CVE-2021-42739
SHA-256 | 60617003df6660f9983fff1c2b80b1947ece89928c93e406ca26afce7c3ebf67
Ubuntu Security Notice USN-5266-1
Posted Feb 3, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5266-1 - It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Luo Likang discovered that the FireDTV Firewire driver in the Linux kernel did not properly perform bounds checking in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2021-22600, CVE-2021-42739
SHA-256 | 9ba4147ccb5d95d45a49f7b9e0eac111cb9c9b306758eaa6f87e04a0bcc1f34e
Ubuntu Security Notice USN-5265-1
Posted Feb 3, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5265-1 - Jeremy Cline discovered a use-after-free in the nouveau graphics driver of the Linux kernel during device removal. A privileged or physically proximate attacker could use this to cause a denial of service. It was discovered that the Bluetooth subsystem in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-27820, CVE-2021-3640, CVE-2021-3752, CVE-2021-3772, CVE-2021-4001, CVE-2021-4090, CVE-2021-4093, CVE-2021-4202, CVE-2021-42327, CVE-2021-42739
SHA-256 | 7e0f9271a061ce26f953885a06bf885e09f3bf96703739534c4177eca1b1fff1
Red Hat Security Advisory 2022-0236-04
Posted Jan 26, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0236-04 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2020-25704, CVE-2020-36322, CVE-2021-42739, CVE-2021-44832
SHA-256 | 3e5a6bec35c6856aa056bb4ac5262b34cdac38f80ac88be73be24efc217c752c
Red Hat Security Advisory 2022-0063-06
Posted Jan 16, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0063-06 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow, kernel
systems | linux, redhat
advisories | CVE-2020-25704, CVE-2020-36322, CVE-2021-42739
SHA-256 | c84c038c92bb6a1bc8473039834465b0179c88c022a2c76894a288c9ffd97cd5
Red Hat Security Advisory 2022-0065-05
Posted Jan 12, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0065-05 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow, kernel
systems | linux, redhat
advisories | CVE-2020-25704, CVE-2020-36322, CVE-2021-42739
SHA-256 | 40e4a0ec6d21c586409f55a567705f5d041db004a9c79906afa098e121353a07
Ubuntu Security Notice USN-5207-1
Posted Jan 6, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5207-1 - Nadav Amit discovered that the hugetlb implementation in the Linux kernel did not perform TLB flushes under certain conditions. A local attacker could use this to leak or alter data from other processes that use huge pages. It was discovered that the eBPF implementation in the Linux kernel contained a race condition around read-only maps. A privileged attacker could use this to modify read-only maps.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-4001, CVE-2021-4002, CVE-2021-42739, CVE-2021-43267
SHA-256 | 63504dd3c2b3abff85b5c8960e3f39b8f7a1ce6773225176a4d31ae19837a516
Ubuntu Security Notice USN-5165-1
Posted Dec 1, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5165-1 - It was discovered that the NFC subsystem in the Linux kernel contained a use-after-free vulnerability in its NFC Controller Interface implementation. A local attacker could possibly use this to cause a denial of service or execute arbitrary code. It was discovered that the SCTP protocol implementation in the Linux kernel did not properly verify VTAGs in some situations. A remote attacker could possibly use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2021-3760, CVE-2021-3772, CVE-2021-42327, CVE-2021-42739, CVE-2021-43056, CVE-2021-43267, CVE-2021-43389
SHA-256 | a0b01b9f4766a141e1c20c5d99e1ca222d00d4498a726851cff5f6c91eb4780c
Page 1 of 1
Back1Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close