Headline

CVE-2021-3714

A flaw was found in the Linux kernels memory deduplication mechanism. Previous work has shown that memory deduplication can be attacked via a local exploitation mechanism. The same technique can be used if an attacker can upload page sized files and detect the change in access time from a networked service to determine if the page has been merged.

2 years ago

CVE

Open in Source

#linux #pdf

%PDF-1.5 %� 7 0 obj << /Type /XObject /Subtype /Form /BBox [ 0 0 100 100 ] /Filter /FlateDecode /FormType 1 /Length 15 /Matrix [ 1 0 0 1 0 0 ] /Resources 8 0 R >> stream x��P(��endstream endobj 9 0 obj << /Type /XObject /Subtype /Form /BBox [ 0 0 100 100 ] /Filter /FlateDecode /FormType 1 /Length 15 /Matrix [ 1 0 0 1 0 0 ] /Resources 10 0 R >> stream x��P(��endstream endobj 11 0 obj << /Type /XObject /Subtype /Form /BBox [ 0 0 100 100 ] /Filter /FlateDecode /FormType 1 /Length 15 /Matrix [ 1 0 0 1 0 0 ] /Resources 12 0 R >> stream x��P(��endstream endobj 17 0 obj << /Type /XObject /Subtype /Form /BBox [ 0 0 100 100 ] /Filter /FlateDecode /FormType 1 /Length 15 /Matrix [ 1 0 0 1 0 0 ] /Resources 18 0 R >> stream x��P(��endstream endobj 20 0 obj << /Type /XObject /Subtype /Form /BBox [ 0 0 100 100 ] /Filter /FlateDecode /FormType 1 /Length 15 /Matrix [ 1 0 0 1 0 0 ] /Resources 21 0 R >> stream x��P(��endstream endobj 23 0 obj << /Type /XObject /Subtype /Form /BBox [ 0 0 100 100 ] /Filter /FlateDecode /FormType 1 /Length 15 /Matrix [ 1 0 0 1 0 0 ] /Resources 24 0 R >> stream x��P(��endstream endobj 26 0 obj << /Type /XObject /Subtype /Form /BBox [ 0 0 100 100 ] /Filter /FlateDecode /FormType 1 /Length 15 /Matrix [ 1 0 0 1 0 0 ] /Resources 27 0 R >> stream x��P(��endstream endobj 167 0 obj << /Filter /FlateDecode /Length 5194 >> stream xڵ[Y��F�~��GvD�Q��4�e�[c��o��j��/3Y�:6�/DV֝�w��o��o�}$�My�Iӛ��M�^D7i�xQ��nޯޖ�v(o�a�^�=�_��󩮶�P��<�b��p�Okn��,ǰ� �,77�8�2?�q_�PQ�z��oUt_�i��˓0�hAA�H��k�?v��[S݆��m�ʮ��’��{��ߦ��n�0��eQ��Ea.�yA^?[�?�� +��$�"�݄f��]�Q��+��sK��L��[�`�ŞJZ��k��p��=��K�h��mW ��_��ɹ��%6�&hQ��5��#Ϗ��^^MU�2�ݹ�ݛ1�f�f2ZA��̎W�=`��\�)��@yBk�Ef��f �’��l�]� �zDD� ��a��߮?[�� -ؔ��n�lE�-wZ�]�e9y��/�� i$�U��HQ퍟S��P�M�Ba0�j�V�m{zZ��μ�N��Ds��{#�1|��s/⼘��H�([��G��@�V��]�"kj��<�b�2KB� ��[hB��Ln�2qя��$��,T��|�[�=-7̣t$�D.�`�ʖ��K�Q��N��$+�ܬ��@gǨ�j��E�ed9�t(�cՔR��ʾl��X �G1wNz��K��(�Wz.ұL��՝�Xnz��c�P�/PxV�2?-�W�dp�|Iޑx&,��0r’�˃eT�Z�ڷ/��wh�E�8i�x��ṙ��p��Zz,zvU_l�=)��˼�N-A �U��>�|I��XPK��cg��.��{��(5�K��H�i��r’��ݖ=�J��.�8!�t�=�ZPM;�m��*#��|�4�]��Fہ��D��jh�4V̺l��$��飼��H/ȍvܕ��\�X0҂`� &=md�W�!5T��թ8��:d��4�.Z��]��ƪ��⣡J(�V��|��T�oMM��MjO� w��N��s��\��P�*$�hu��N+��t�X�’��5�}��c�0m�/��Ȳv�ΐ�:1�@C�Rڋ��T�gNi�{1�V2wT�u�͓m��`(��g;TGk=��o:�D[�I,�P�M9̬!dZ"K?� ��[�)�zG�n�$��9Խ=��W��K�Aզe}@��ѵ�@-�F��9��\.}I��:�l��ڨ��XL�D�3T- �T�#og[l2��WMӾx�I�_��S��!N��P4

Hello everyone! Great news for my open source Scanvus project! You can now perform vulnerability checks on Linux hosts and docker images not only using the Vulners.com API, but also with the Vulns.io VM API. It’s especially nice that all the code to support the new API was written and contributed by colleagues from Vulns.io. […]

1 year ago

Alexander V. Leonov

Open in Source