Untrusted input may lead to remote code execution on Intel vPro/hypervisor platforms Untrusted input may lead to remote code execution on Intel vPro/hypervisor platforms. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.21 Kernel 5.1: version 05.17.21 https://www.insyde.com/security-pledge/SA-2042096
Unsafe use of tcp_cork() may lead to information disclosure on Intel vPro/hypervisor platforms Untrusted input may lead to remote code execution on Intel vPro/hypervisor platforms. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.21 https://www.insyde.com/security-pledge/SA-2042096
Untrusted input in kfifo_buf() may lead to information disclosure on Intel vPro/hypervisor platforms Untrusted input in kfifo_buf() may lead to remote code execution on Intel vPro/hypervisor platforms. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.21 https://www.insyde.com/security-pledge/SA-2042096
Unsafe chown() on a user-defined data
Background Information
Unsafe use of tcp_cork() may lead to information disclosure on Intel vPro/hypervisor platforms. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09 https://www.insyde.com/security-pledge/SA-2042096
Consequences of the issue
This could lead to information disclosure on Intel vPro/hypervisor platforms. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.21 https://www.insyde.com/security-pledge/SA-2042096
Unsafe chown() on a user-defined data
Potential Impact of the Vulnerability
An attacker could cause a denial of service on the host system.
common pitfalls of chown() untrusted input may lead to remote code execution on Intel vPro/hypervisor platforms. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.21
Dependency on Insyde Untrusted input in kfifo_buf() may lead to remote code execution on Intel vPro/hypervisor platforms. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.21 https://www.insyde.com/security-pledge/SA-2042096
Untrusted input in kfifo_buf() may lead to remote code execution on Intel vPro/hypervisor platforms Untrusted input in kfifo_buf() may lead to remote code execution on Intel vPro/hypervisor platforms. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.21 https://www.insyde.com/security-pledge/SA-2042096
Timeline
Published on: 11/15/2022 21:15:00 UTC
Last modified on: 11/23/2022 16:20:00 UTC