CVE-2021-33642
When a file is processed, an infinite loop occurs in next_inline() of the more_curly() function. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
Devamını oku
CVE-2021-33641
When processing files, malloc stores the data of the current line. When processing comments, malloc incorrectly accesses the released memory (use after free). Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
CVE-2021-33640
After tar_close(), libtar.c releases the memory pointed to by pointer t. After tar_close() is called in the list() function, it continues to use pointer t: free_longlink_longname(t->th_buf) . As a result, the released memory is used (use-after-free). Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
CVE-2021-33639
REMAP cmd of SVM driver can be used to remap read only memory as read-write, then cause read only memory/file modified. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
CVE-2021-33638
When the isula cp command is used to copy files from a container to a host machine and the container is controlled by an attacker, the attacker can escape the container. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
CVE-2021-33637
When the isula export command is used to export a container to an image and the container is controlled by an attacker, the attacker can escape the container. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
CVE-2021-33636
When the isula load command is used to load malicious images, attackers can execute arbitrary code. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
CVE-2021-33635
When malicious images are pulled by isula pull, attackers can execute arbitrary code. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
CVE-2021-33634
iSulad uses the lcr+lxc runtime (default) to run malicious images, which can cause DOS. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
CVE-2021-33627
A vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated buffer pointer(CommBuffer). This can be used by an attacker to corrupt data in SMRAM memory and even lead to arbitrary code execution. Devamını Oku
CVE-2021-33626
In the kernel in Insyde InsydeH2O 5.x, certain SMM drivers did not correctly validate the CommBuffer and CommBufferSize parameters, allowing callers to corrupt either the firmware or the OS memory. The fixed versions for this issue in the PnpSmm, SmmResourceCheckDxe, and BeepStatusCode drivers are 05.08.23, 05.16.23, 05.26.23, 05.35.23, 05.43.23, and 05.51.23 (for Kernel 5.0 through…
CVE-2021-33625
An issue was discovered in Kernel 5.x (starting from 5.1) in Insyde InsydeH2O, has a SMM memory corruption vulnerability allowing a possible attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM. Devamını Oku