100 matches found
GSD-2022-1006205 ALSA: timer: Use deferred fasync helper
ALSA: timer: Use deferred fasync helper This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.291 by commit...
PT-2022-34018 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.138 Description: The issue is related to the ALSA timer and the use of a deferred fasync helper. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versio...
PT-2022-34206 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.211 Description: The issue is related to the ALSA timer and the use of a deferred fasync helper. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel version...
GSD-2022-1005468 ALSA: timer: Use deferred fasync helper
ALSA: timer: Use deferred fasync helper This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.63 by commit...
PT-2022-33726 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.63 Description: The issue is related to the ALSA timer and the use of a deferred fasync helper. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel version...
PT-2022-33330 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.4 Description: The issue is related to the ALSA timer and the use of a deferred fasync helper. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions...
USN-4227-1: Linux kernel vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Description It was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service system crash or...
USN-4227-2: Linux kernel (Azure) vulnerabilities
USN-4227-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux kernel for Microsoft Azure Cloud systems for Ubuntu 14.04 ESM. It was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex Driver for the...
Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-4227-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4227-1 advisory. It was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex Driver for the Linux kernel. A physically proximate attack...
OracleVM 3.3 : Unbreakable / etc (OVMSA-2018-0237)
The remote OracleVM system is missing necessary patches to address critical security updates : - dm: fix race between dmgetfromkobject and dmdestroy Hou Tao CVE-2017-18203 - drm: udl: Properly check framebuffer mmap offsets Greg Kroah-Hartman Orabug: 27986407 CVE-2018-8781 - kernel/exit.c: avoid...
Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2017-3658)
The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3658 advisory. - ping: implement proper locking Eric Dumazet Orabug: 26540288 CVE-2017-2671 - mm: Tighten x86 /dev/mem with zeroing reads Kees Cook Orabug: 266759...
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3657)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3657 advisory. - mm: Tighten x86 /dev/mem with zeroing reads Kees Cook Orabug: 26675925 CVE-2017-7889 - more biomapuseriov leak fixes Al Viro Orabug: 27069042...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.20.1 - tty: Fix race in ptywrite leading to NULL deref Todd Vierling Orabug: 25392692 - ocfs2/dlm: ignore cleaning the migration mle that is inuse xuejiufei Orabug: 26479780 - KEYS: fix dereferencing NULL payload with nonzero length Eric Biggers Orabug: 26592025 - oracleasm:...
Oracle Linux 7 : kernel (ELSA-2017-3315)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2017-3315 advisory. - sound alsa: timer: Use common error handling code in alsatimerinit Jaroslav Kysela 1465998 1465999 CVE-2017-1000380 - sound alsa: timer: Adjust a condition...
RHEL 7 : kernel (RHSA-2017:3315)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2017:3315 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. These updated kernel packages include several security issues a...
kernel: information leak due to a data race in ALSA timer
It was found that the timer functionality in the Linux kernel ALSA subsystem is prone to a race condition between read and ioctl system call handlers, resulting in an uninitialized memory disclosure to user space. A local user could use this flaw to read information belonging to other users...
kernel: information leak due to a data race in ALSA timer
It was found that the timer functionality in the Linux kernel ALSA subsystem is prone to a race condition between read and ioctl system call handlers, resulting in an uninitialized memory disclosure to user space. A local user could use this flaw to read information belonging to other users...
CVE-2017-1000380
sound/core/timer.c in the Linux kernel before 4.11.5 is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed when a read and an ioctl happen at the same ti...
OracleVM 3.3 : Unbreakable / etc (OVMSA-2016-0163)
The remote OracleVM system is missing necessary patches to address critical security updates : - aacraid: Check size values after double-fetch from user Dave Carroll Orabug: 25060050 CVE-2016-6480 CVE-2016-6480 - IB/srpt: Simplify srpthandletskmgmt Bart Van Assche Orabug: 25060011 CVE-2016-6327 -...
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2016-3644)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-3644 advisory. - acpi: Disable ACPI table override if securelevel is set Linn Crosetto Orabug: 25058966 CVE-2016-3699 - aacraid: Check size values after...