Canonical Ubuntu apport Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Canonical Ubuntu. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the apport package...

USN-4369-2: Linux kernel regression

USN-4369-1 fixed vulnerabilities in the 5.3 Linux kernel. Unfortunately, that update introduced a regression in overlayfs. This update corrects the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the btrfs implementation in the Linux kernel did not...

USN-4369-2 linux, linux-raspi2, linux-raspi2-5.3 regression

USN-4369-1 fixed vulnerabilities in the 5.3 Linux kernel. Unfortunately, that update introduced a regression in overlayfs. This update corrects the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the btrfs implementation in the Linux kernel did not...

USN-4369-1: Linux kernel vulnerabilities

It was discovered that the btrfs implementation in the Linux kernel did not properly detect that a block was marked dirty in some situations. An attacker could use this to specially craft a file system image that, when unmounted, could cause a denial of service system crash. CVE-2019-19377 Trista...

USN-4369-1 linux, linux-aws, linux-aws-5.3, linux-azure, linux-azure-5.3, linux-gcp, linux-gcp-5.3, linux-gke-5.3, linux-hwe, linux-kvm, linux-oracle, linux-oracle-5.3, linux-raspi2 vulnerabilities

It was discovered that the btrfs implementation in the Linux kernel did not properly detect that a block was marked dirty in some situations. An attacker could use this to specially craft a file system image that, when unmounted, could cause a denial of service system crash. CVE-2019-19377 Trista...

USN-4368-1: Linux kernel vulnerabilities

Tristan Madani discovered that the file locking implementation in the Linux kernel contained a race condition. A local attacker could possibly use this to cause a denial of service or expose sensitive information. CVE-2019-19769 It was discovered that the Serial CAN interface driver in the Linux...

USN-4368-1 linux-gke-5.0, linux-oem-osp1 vulnerabilities

Tristan Madani discovered that the file locking implementation in the Linux kernel contained a race condition. A local attacker could possibly use this to cause a denial of service or expose sensitive information. CVE-2019-19769 It was discovered that the Serial CAN interface driver in the Linux...

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists as a NULL pointer dereference flaw in the NFSv4 implementation. Several NFSv4 file locking functions failed to check whether a file had been opened on the server before performing locking operations on it...

openSUSE: Security Advisory for qemu (openSUSE-SU-2019:2510-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

OPENSUSE-SU-2019:2510-1 Security update for qemu

This update for qemu fixes the following issues: qemu was updated to v3.1.1.1, a stable, bug-fix-only release, which includes 2 fixes we already carry, as well as one additional use- after-free fix in slirp. CVE-2018-20126 bsc1119991, CVE-2019-14378 bsc1143794, and CVE-2019-15890 bsc1149811...

SUSE SLED15 / SLES15 Security Update : qemu (SUSE-SU-2019:2955-1)

This update for qemu fixes the following issues : qemu was updated to v3.1.1.1, a stable, bug-fix-only release, which includes 2 fixes we already carry, as well as one additional use- after-free fix in slirp. CVE-2018-20126 bsc1119991, CVE-2019-14378 bsc1143794, and CVE-2019-15890 bsc1149811...

Security update for qemu (important)

openSUSE Security Update: Security update for qemu Announcement ID: openSUSE-SU-2019:2059-1 Rating: important References: 1079730 1098403 1111025 1119115 1134883 1135902 1136540 1136778 1140402 1143794 Cross-References: CVE-2019-12155 CVE-2019-13164 CVE-2019-14378 Affected Products: openSUSE Leap...

SUSE SLED15 / SLES15 Security Update : qemu (SUSE-SU-2019:2246-1)

This update for qemu fixes the following issues : Security issues fixed : CVE-2019-14378: Security fix for heap overflow in ipreass on big packet input bsc1143794. CVE-2019-12155: Security fix for NULL pointer dereference while releasing spice resources bsc1135902. CVE-2019-13164: Security fix fo...

The vulnerability of the File Locking Services component in the Solaris operating system allows a hacker to trigger a service failure.

The vulnerability of the File Locking Services component in the Solaris operating system is related to access control deficiencies. Exploiting this vulnerability can allow an attacker to cause a service failure...

CVE-2019-2577

Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite subcomponent: File Locking Services. The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to...

CVE-2019-2577

Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite subcomponent: File Locking Services. The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to...

Design/Logic Flaw

Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite subcomponent: File Locking Services. The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to...

CVE-2019-2577

Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite subcomponent: File Locking Services. The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to...

Oracle Solaris Critical Patch Update : apr2019_SRU11_4_6_4_0

This Solaris system is missing necessary patches to address a critical security update : - Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite subcomponent: File Locking Services. The supported version that is affected is 11. Easily exploitable vulnerability allows...

UBUNTU-CVE-2018-14624

A vulnerability was discovered in 389-ds-base through versions 1.3.7.10, 1.3.8.8 and 1.4.0.16. The lock controlling the error log was not correctly used when re-opening the log file in logerroremergency. An attacker could send a flood of modifications to a very large DN, which would cause slapd t...