CVE-2019-9259

In the Bluetooth stack, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113575306...

openSUSE Security Update : the Linux Kernel (openSUSE-2019-1924)

The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2019-1125: Fix Spectre V1 variant memory disclosure by speculation over the SWAPGS instruction bsc1139358. - CVE-2019-10207: A NULL pointer dereference was possible i...

openSUSE Security Update : the Linux Kernel (openSUSE-2019-1923)

The openSUSE Leap 15.1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2019-1125: Fix Spectre V1 variant memory disclosure by speculation over the SWAPGS instruction bsc1139358. - CVE-2019-10207: A NULL pointer dereference was possible i...

OPENSUSE-SU-2019:1924-1 Security update for the Linux Kernel

The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-1125: Fix Spectre V1 variant memory disclosure by speculation over the SWAPGS instruction bsc1139358. - CVE-2019-10207: A NULL pointer dereference was possible in...

kernel: Heap address information leak while using L2CAP_GET_CONF_OPT

A flaw was found in the Linux kernel's implementation of Logical Link Control and Adaptation Protocol L2CAP, part of the Bluetooth stack. An attacker, within the range of standard Bluetooth transmissions, can create and send a specially crafted packet. The response to this specially crafted packe...

kernel: Heap address information leak while using L2CAP_GET_CONF_OPT

A flaw was found in the Linux kernel's implementation of Logical Link Control and Adaptation Protocol L2CAP, part of the Bluetooth stack. An attacker, within the range of standard Bluetooth transmissions, can create and send a specially crafted packet. The response to this specially crafted packe...

Amazon Linux AMI : kernel (ALAS-2019-1201)

A flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol L2CAP, part of the Bluetooth stack in the l2capparseconfrsp and l2capparseconfreq functions. An attacker with physical access within the range of standard Bluetooth transmission can create a...

EulerOS 2.0 SP2 : kernel (EulerOS-SA-2019-1302)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the Linux kernel's ext4 filesystem code. A use-after-free is possible in ext4extremovespace function when mounting and...

SUSE-SU-2019:0784-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-2024: A use-after-free when disconnecting a source was fixed which could lead to crashes. bnc1129179. - CVE-2019-9213: expanddownwards in mm/mmap.c lacks a...

Security update for the Linux Kernel (important)

openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2019:0140-1 Rating: important References: 1012382 1015336 1015337 1015340 1019683 1019695 1020645 1023175 1027260 1031492 1043083 1047487 1065600 1068032 1070805 1079935 1086423 1087082 1091405 1094244...

OracleVM 3.3 : Unbreakable / etc (OVMSA-2018-0237)

The remote OracleVM system is missing necessary patches to address critical security updates : - dm: fix race between dmgetfromkobject and dmdestroy Hou Tao CVE-2017-18203 - drm: udl: Properly check framebuffer mmap offsets Greg Kroah-Hartman Orabug: 27986407 CVE-2018-8781 - kernel/exit.c: avoid...

kernel: Stack information leak in the EFS element

A flaw was found in the processing of incoming L2CAP bluetooth commands. Uninitialized stack variables can be sent to an attacker leaking data in kernel address space...

MS08-030: Vulnerability in Bluetooth stack could allow remote code execution

MS08-030: Vulnerability in Bluetooth stack could allow remote code execution Support for Windows Vista Service Pack 1 SP1 ends on July 12, 2011. To continue receiving security updates for Windows, make sure you're running Windows Vista with Service Pack 2 SP2. For more information, refer to this...

EulerOS 2.0 SP1 : kernel (EulerOS-SA-2017-1245)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The iscsiifrx function in drivers/scsi/scsitransportiscsi.c in the Linux kernel through 4.13.2 allows local users to cause a denial of service...

SUSE SLES12 Security Update : kernel (SUSE-SU-2017:2792-1) (BlueBorne)

This update for the Linux Kernel 3.12.74-606454 fixes one issue. The following security bugs were fixed : - CVE-2017-15274: security/keys/keyctl.c in the Linux kernel did not consider the case of a NULL payload in conjunction with a nonzero length value, which allowed local users to cause a denia...

SUSE SLES12 Security Update : kernel (SUSE-SU-2017:2796-1) (BlueBorne)

This update for the Linux Kernel 3.12.74-606457 fixes one issue. The following security bugs were fixed : - CVE-2017-15274: security/keys/keyctl.c in the Linux kernel did not consider the case of a NULL payload in conjunction with a nonzero length value, which allowed local users to cause a denia...

SUSE-SU-2017:2800-1 Security update for Linux Kernel Live Patch 10 for SLE 12 SP2

This update for the Linux Kernel 4.4.74-9229 fixes several issues. The following security bugs were fixed: - CVE-2017-1000251: The native Bluetooth stack in the Linux Kernel BlueZ was vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remo...

SUSE-SU-2017:2799-1 Security update for Linux Kernel Live Patch 8 for SLE 12 SP2

This update for the Linux Kernel 4.4.59-9220 fixes several issues. The following security bugs were fixed: - CVE-2017-1000251: The native Bluetooth stack in the Linux Kernel BlueZ was vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remo...

SUSE-SU-2017:2802-1 Security update for Linux Kernel Live Patch 1 for SLE 12 SP2

This update for the Linux Kernel 4.4.21-81 fixes several issues. The following security bugs were fixed: - CVE-2017-1000251: The native Bluetooth stack in the Linux Kernel BlueZ was vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote...

SUSE-SU-2017:2794-1 Security update for Linux Kernel Live Patch 1 for SLE 12 SP3

This update for the Linux Kernel 4.4.82-63 fixes one issue. The following security issue was fixed: - CVE-2017-1000251: The native Bluetooth stack in the Linux Kernel BlueZ was vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code...