486 matches found
kernel: brcmfmac heap buffer overflow in brcmf_wowl_nd_results
If the Wake-up on Wireless LAN functionality is configured in the brcmfmac driver, which only works with Broadcom FullMAC chipsets, a malicious event frame can be constructed to trigger a heap buffer overflow in the brcmfwowlndresults function. This vulnerability can be exploited by compromised...
kernel: brcmfmac heap buffer overflow in brcmf_wowl_nd_results
If the Wake-up on Wireless LAN functionality is configured in the brcmfmac driver, which only works with Broadcom FullMAC chipsets, a malicious event frame can be constructed to trigger a heap buffer overflow in the brcmfwowlndresults function. This vulnerability can be exploited by compromised...
Buffer Overflows
kernel is vulnerable to buffer overflows. It causes brcmfmac heap buffer overflow in brcmfwowlndresults...
Scientific Linux Security Update : kernel on SL7.x x86_64 (20190903)
Security Fixes: - kernel: hw: Spectre SWAPGS gadget vulnerability CVE-2019-1125 - kernel: brcmfmac heap buffer overflow in brcmfwowlndresults CVE-2019-9500 Bug Fixes: - mlx4 VXLAN over VLAN TCP segmentation - Race condition in /dev/sg due to missing synchronization causes corruption in RHV - pani...
RHEL 7 : kernel (RHSA-2019:2600)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2600 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: hw: Spectre SWAPGS gadget...
RHEL 7 : kernel-rt (RHSA-2019:2609)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2609 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...
openSUSE Security Update : the Linux Kernel (openSUSE-2019-1479)
The openSUSE Leap 15.1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2018-7191: In the tun subsystem devgetvalidname xwas not called before registernetdevice. This allowed local users to cause a denial of service NULL pointer dereferen...
Debian DLA-1799-2 : linux security update (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. This updated advisory text adds a note about the need to install new binary packages. CVE-2018-5995 ADLab of VenusTech discovered that the kernel logge...
Important: kernel
Issue Overview: A flaw was found in the Linux kernel's freescale hypervisor manager implementation. A parameter passed via to an ioctl was incorrectly validated and used in size calculations for the page size calculation. An attacker can use this flaw to crash the system or corrupt memory or,...
openSUSE Security Update : the Linux Kernel (openSUSE-2019-1407) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
The openSUSE Leap 42.3 kernel was updated to 4.4.179 to receive various security and bugfixes. Four new speculative execution information leak issues have been identified in Intel CPUs. bsc1111331 - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling MSBDS - CVE-2018-12127:...
openSUSE Security Update : the Linux Kernel (openSUSE-2019-1404) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes. Four new speculative execution information leak issues have been identified in Intel CPUs. bsc1111331 - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling MSBDS - CVE-2018-12127: Microarchitectural Fill...
CVE-2019-9503
The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f is vulnerable to a frame validation bypass. If the brcmfmac driver receives a firmware event frame from a remote source, the iswlceventframe function will cause this frame to be discarded and unprocessed. I...
UBUNTU-CVE-2019-9500
The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN functionality is configured, a malicious event frame can be constructed to trigger an heap buffer overflow in the brcmfwowlndresults...
OracleVM 3.4 : Unbreakable / etc (OVMSA-2017-0167)
The remote OracleVM system is missing necessary patches to address critical security updates : - Revert 'drivers/char/mem.c: deny access in open operation when securelevel is set' Brian Maly Orabug: 27037811 - xfs: use dedicated log worker wq to avoid deadlock with cil wq Brian Foster Orabug:...
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3635)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3635 advisory. - scsi: scsitransportiscsi: fix the issue that iscsiifrx doesn't parse nlmsg properly Xin Long Orabug: 26988633 CVE-2017-14489 - ipv6: avoid overfl...
Unbreakable Enterprise kernel security update
4.1.12-103.9.2 - Revert 'drivers/char/mem.c: deny access in open operation when securelevel is set' Brian Maly Orabug: 27037811 4.1.12-103.9.1 - xfs: use dedicated log worker wq to avoid deadlock with cil wq Brian Foster Orabug: 27013241 - scsi: scsitransportiscsi: fix the issue that iscsiifrx...
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3629)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2017-3629 advisory. - brcmfmac: fix possible buffer overflow in brcmfcfg80211mgmttx Tim Tianyang Chen Orabug: 26943541 CVE-2017-7541 Tenable has extracted the preceding...
Unbreakable Enterprise kernel security update
4.1.12-103.7.3 - brcmfmac: fix possible buffer overflow in brcmfcfg80211mgmttx Tim Tianyang Chen Orabug: 26943541 CVE-2017-7541 4.1.12-103.7.2 - rebuild bumping release...
DEBIAN-CVE-2017-7541
The brcmfcfg80211mgmttx function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.12.3 allows local users to cause a denial of service buffer overflow and system crash or possibly gain privileges via a crafted NL80211CMDFRAME Netlink packet...
UBUNTU-CVE-2017-7541
The brcmfcfg80211mgmttx function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.12.3 allows local users to cause a denial of service buffer overflow and system crash or possibly gain privileges via a crafted NL80211CMDFRAME Netlink packet...