356 matches found
USN-4591-1 linux, linux-hwe, linux-hwe-5.4, linux-oem, linux-raspi, linux-raspi-5.4, linux-snapdragon vulnerabilities
Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-12351 Andy Nguyen discovered that the...
Denial Of Service (DoS)
The kernel packages is vulnerable to Denial of Service DoS. It is due to instances of unsafe sprintf use were found in the Linux kernel Bluetooth implementation. Creating a large number of Bluetooth L2CAP, SCO, or RFCOMM sockets could result in arbitrary memory pages being overwritten. A local,...
Debian DLA-1799-2 : linux security update (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. This updated advisory text adds a note about the need to install new binary packages. CVE-2018-5995 ADLab of VenusTech discovered that the kernel logge...
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3657)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3657 advisory. - mm: Tighten x86 /dev/mem with zeroing reads Kees Cook Orabug: 26675925 CVE-2017-7889 - more biomapuseriov leak fixes Al Viro Orabug: 27069042...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.20.1 - tty: Fix race in ptywrite leading to NULL deref Todd Vierling Orabug: 25392692 - ocfs2/dlm: ignore cleaning the migration mle that is inuse xuejiufei Orabug: 26479780 - KEYS: fix dereferencing NULL payload with nonzero length Eric Biggers Orabug: 26592025 - oracleasm:...
BSA-2017-431
Security Advisory ID : BSA-2017-431 Component : Kernel Revision : 3.0: Interim A stack buffer overflow flaw was found in the way the Bluetooth subsystem of the Linux kernel processed pending L2CAP configuration responses from a client. On systems with the stack protection feature enabled in the...
Unbreakable Enterprise kernel security update
2.6.39-400.297.8 - Bluetooth: Properly check L2CAP config option output buffer length Ben Seri Orabug: 26796428 CVE-2017-1000251 2.6.39-400.297.7 - xen: fix bio vec merging Roger Pau Monne Orabug: 26645562 CVE-2017-12134 - fs/exec.c: account for argv/envp pointers Kees Cook Orabug: 26638926...
USN-3419-2 linux-hwe vulnerabilities
USN-3419-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.04. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 17.04 for Ubuntu 16.04 LTS. It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux kernel wh...
Wireshark Bluetooth L2CAP Parser Denial of Service Vulnerability
Wireshark formerly known as Ethereal is a network packet analyzer software developed by the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis. A denial-of-service vulnerability exists in the Wireshark Bluetooth L2CAP parser, which...
Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-1216-1)
Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. CVE-2010-4076, CVE-2010-4077 Alex Shi and Eric Dumazet discovered that the network stack...
[USN-1211-1] Linux kernel vulnerabilities
========================================================================== Ubuntu Security Notice USN-1211-1 September 21, 2011 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
Ubuntu 11.04 : linux vulnerabilities (USN-1211-1)
It was discovered that the /proc filesystem did not correctly handle permission changes when programs executed. A local attacker could hold open files to examine details about programs running with higher privileges, potentially increasing the chances of exploiting additional vulnerabilities...
USN-1211-1: Linux kernel vulnerabilities
It was discovered that the /proc filesystem did not correctly handle permission changes when programs executed. A local attacker could hold open files to examine details about programs running with higher privileges, potentially increasing the chances of exploiting additional vulnerabilities...
Ubuntu Update for linux USN-1201-1
Ubuntu Update for Linux kernel vulnerabilities USN-1201-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN12011.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for linux USN-1201-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This...
Ubuntu Update for linux-lts-backport-maverick USN-1205-1
Ubuntu Update for Linux kernel vulnerabilities USN-1205-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN12051.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for linux-lts-backport-maverick USN-1205-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH,...
Ubuntu: Security Advisory (USN-1205-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu Update for linux-mvl-dove USN-1203-1
Ubuntu Update for Linux kernel vulnerabilities USN-1203-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN12031.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for linux-mvl-dove USN-1203-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.n...
Ubuntu 10.10 : linux-mvl-dove vulnerabilities (USN-1208-1)
Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. CVE-2010-4076, CVE-2010-4077 Alex Shi and Eric Dumazet discovered that the network stack...
USN-1208-1: Linux kernel (Marvel DOVE) vulnerabilities
Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. CVE-2010-4076, CVE-2010-4077 Alex Shi and Eric Dumazet discovered that the network stack...
Ubuntu 10.04 LTS : linux-lts-backport-maverick vulnerabilities (USN-1205-1)
It was discovered that the /proc filesystem did not correctly handle permission changes when programs executed. A local attacker could hold open files to examine details about programs running with higher privileges, potentially increasing the chances of exploiting additional vulnerabilities...