Untrusted input may lead to remote code execution on Intel vPro/hypervisor platforms Untrusted input may lead to remote code execution on Intel vPro/hypervisor platforms. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.21 Kernel 5.1: version 05.17.21 https://www.insyde.com/security-pledge/SA-2042096

Unsafe use of tcp_cork() may lead to information disclosure on Intel vPro/hypervisor platforms Untrusted input may lead to remote code execution on Intel vPro/hypervisor platforms. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.21 https://www.insyde.com/security-pledge/SA-2042096

Untrusted input in kfifo_buf() may lead to information disclosure on Intel vPro/hypervisor platforms Untrusted input in kfifo_buf() may lead to remote code execution on Intel vPro/hypervisor platforms. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.21 https://www.insyde.com/security-pledge/SA-2042096

Unsafe chown() on a user-defined data

Background Information

Unsafe use of tcp_cork() may lead to information disclosure on Intel vPro/hypervisor platforms. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09 https://www.insyde.com/security-pledge/SA-2042096

Consequences of the issue

This could lead to information disclosure on Intel vPro/hypervisor platforms. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.21 https://www.insyde.com/security-pledge/SA-2042096

Unsafe chown() on a user-defined data

Potential Impact of the Vulnerability

An attacker could cause a denial of service on the host system.

common pitfalls of chown() untrusted input may lead to remote code execution on Intel vPro/hypervisor platforms. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.21

Dependency on Insyde Untrusted input in kfifo_buf() may lead to remote code execution on Intel vPro/hypervisor platforms. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.21 https://www.insyde.com/security-pledge/SA-2042096


Untrusted input in kfifo_buf() may lead to remote code execution on Intel vPro/hypervisor platforms Untrusted input in kfifo_buf() may lead to remote code execution on Intel vPro/hypervisor platforms. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.21 https://www.insyde.com/security-pledge/SA-2042096

Timeline

Published on: 11/15/2022 21:15:00 UTC
Last modified on: 11/23/2022 16:20:00 UTC

References