CVE-2021-4090

Related Files

Ubuntu Security Notice USN-5527-1

Posted Jul 20, 2022

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5527-1 - It was discovered that Checkmk incorrectly handled authentication. An attacker could possibly use this issue to cause a race condition leading to information disclosure. It was discovered that Checkmk incorrectly handled certain inputs. An attacker could use these cross-site scripting issues to inject arbitrary html or javascript code to obtain sensitive information including user information, session cookies and valid credentials.

tags | advisory, arbitrary, javascript, xss, info disclosure

systems | linux, ubuntu

advisories | CVE-2017-14955, CVE-2021-40906, CVE-2022-24565

SHA-256 | 45daf753e998edd792b4728e6f35f35c6493b1e6cc974ee1082da7f33c59b2dc

Download | Favorite | View

Ubuntu Security Notice USN-5362-1

Posted Apr 1, 2022

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5362-1 - Nick Gregory discovered that the Linux kernel incorrectly handled network offload functionality. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Enrico Barberis, Pietro Frigo, Marius Muench, Herbert Bos, and Cristiano Giuffrida discovered that hardware mitigations added by ARM to their processors to address Spectre-BTI were insufficient. A local attacker could potentially use this to expose sensitive information.

tags | advisory, denial of service, arbitrary, kernel, local

systems | linux, ubuntu

advisories | CVE-2021-4083, CVE-2021-4090, CVE-2021-4155, CVE-2021-42327, CVE-2022-0001, CVE-2022-0185, CVE-2022-0330, CVE-2022-0435, CVE-2022-0492, CVE-2022-0516, CVE-2022-0742, CVE-2022-0847, CVE-2022-22942, CVE-2022-23222, CVE-2022-23960, CVE-2022-25636

SHA-256 | 15aee9355fdfa4005c244c11432f609c7d439bd4c9e2bb1fc22da50bd8c0cbbd

Download | Favorite | View

Ubuntu Security Notice USN-5265-1

Posted Feb 3, 2022

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5265-1 - Jeremy Cline discovered a use-after-free in the nouveau graphics driver of the Linux kernel during device removal. A privileged or physically proximate attacker could use this to cause a denial of service. It was discovered that the Bluetooth subsystem in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local

systems | linux, ubuntu

advisories | CVE-2020-27820, CVE-2021-3640, CVE-2021-3752, CVE-2021-3772, CVE-2021-4001, CVE-2021-4090, CVE-2021-4093, CVE-2021-4202, CVE-2021-42327, CVE-2021-42739

SHA-256 | 7e0f9271a061ce26f953885a06bf885e09f3bf96703739534c4177eca1b1fff1

Download | Favorite | View

Ubuntu Security Notice USN-5217-1

Posted Jan 11, 2022

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5217-1 - It was discovered that the NFS server implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the eBPF implementation in the Linux kernel did not properly validate the memory size of certain ring buffer operation arguments. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local

systems | linux, ubuntu

advisories | CVE-2021-4090

SHA-256 | 33416da69c07925753e4dd155ea2d3da8c14e95aa648b39481c4bc7f778617d3

Download | Favorite | View