Debian Bug report logs -
#980007
tcmu: CVE-2021-3139
Package:
src:tcmu;
Maintainer for src:tcmu is Freexian Packaging Team <team+freexian@trackerdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Tue, 12 Jan 2021 20:18:01 UTC
Severity: grave
Tags: security, upstream
Found in version tcmu/152 ...
Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
leaks
CVE-2020-27815
A flaw was reported in the JFS filesystem code allowing a local
attacker with the ability to set extended attributes to cause a
denial of service
CVE-2020-27825
Adam pi3 Z ...
A use-after-free flaw was found in kernel/trace/ring_bufferc in Linux kernel (before 510-rc1) There was a race problem in trace_open and resize of cpu buffer running parallely on different cpus, may cause a denial of service problem (DOS) This flaw could even allow a local attacker with special user privilege to a kernel information leak threat ...
In drivers/target/target_core_xcopyc in the Linux kernel before 5107, insufficient identifier checking in the LIO SCSI target code can be used by remote attackers to read or write files via directory traversal in an XCOPY request, aka CID-2896c93811e3 For example, an attack can occur over a network if the attacker has access to one iSCSI LUN T ...
A flaw was found in the JFS filesystem code This flaw allows a local attacker with the ability to set extended attributes to panic the system, causing memory corruption or escalating privileges The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability (CVE-2020-27815)
A flaw was found in the Linu ...
A use-after-free flaw was found in kernel/trace/ring_bufferc in Linux kernel (before 510-rc1) There was a race problem in trace_open and resize of cpu buffer running parallely on different cpus, may cause a denial of service problem (DOS) This flaw could even allow a local attacker with special user privilege to a kernel information leak threat ...
A flaw was found in the Linux kernel's implementation of the Linux SCSI target host, where an authenticated attacker could write to any block on the exported SCSI device backing store This flaw allows an authenticated attacker to send LIO block requests to the Linux system to overwrite data on the backing store The highest threat from this vulner ...
A flaw was found in the Linux kernel's implementation of the Linux SCSI target host, where an authenticated attacker could write to any block on the exported SCSI device backing store This flaw allows an authenticated attacker to send LIO block requests to the Linux system to overwrite data on the backing store The highest threat from this vulner ...
A flaw was found in the Linux kernel's implementation of the Linux SCSI target host, where an authenticated attacker could write to any block on the exported SCSI device backing store This flaw allows an authenticated attacker to send LIO block requests to the Linux system to overwrite data on the backing store The highest threat from this vulner ...
A flaw was found in the Linux kernel's implementation of the Linux SCSI target host, where an authenticated attacker could write to any block on the exported SCSI device backing store This flaw allows an authenticated attacker to send LIO block requests to the Linux system to overwrite data on the backing store The highest threat from this vulner ...