CVE-2020-12364

Null pointer reference in some IntelR Graphics Drivers for Windows before version 26.20.100.7212 and before version Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access...

Vulnerability fixed in DNS implementations

Researchers have discovered a vulnerability in a number of DNS implementations. The researchers have named the vulnerability SAD DNS, an acronymmm for Side-channel AttackeD DNS. This vulnerability has since been given CVE attribute CVE-2020-25705. The vulnerability allows a malicious party to rou...

CVE-2019-15794

Overlayfs in the Linux kernel and shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, both replace vma-vmfile in their mmap handlers. On error the original value is not restored, and the reference is put for the file to which vmfile points. On...

Pixel Update Bulletin—February 2020Stay organized with collectionsSave and categorize content based on your preferences.

The Pixel Update Bulletin contains details of security vulnerabilities and functional improvements affecting supported Pixel devices Google devices. For Google devices, security patch levels of 2020-02-05 or later address all issues in this bulletin and all issues in the February 2020 Android...

Kernel update: Virtuozzo ReadyKernel patch 95.0 for Virtuozzo 7.0 and Virtuozzo Infrastructure Platform 2.5

The cumulative Virtuozzo ReadyKernel patch was updated with stability fixes. The patch applies to the kernel 3.10.0-862.20.2.vz7.73.24 Virtuozzo 7.0.9 and Virtuozzo Infrastructure Platform 2.5. Vulnerability id: PSBM-100118 scsi: printing lots of messages about rejected I/O causes a hard lockup a...

Kernel update: Virtuozzo ReadyKernel patch 92.0 for Virtuozzo 7.0 and Virtuozzo Infrastructure Platform 2.5, 3.0

The cumulative Virtuozzo ReadyKernel patch was updated with stability fixes. The patch applies to the kernels 3.10.0-693.21.1.vz7.48.2 Virtuozzo 7.0.7 HF3, 3.10.0-862.9.1.vz7.63.3 Virtuozzo 7.0.8, 3.10.0-862.11.6.vz7.64.7 Virtuozzo 7.0.8 HF1, 3.10.0-862.20.2.vz7.73.24 Virtuozzo 7.0.9 and Virtuozz...

Ubuntu 19.10 - ubuntu-aufs-modified mmap_region() Breaks Refcounting in overlayfs/shiftfs Error Path

Tested on 19.10. Ubuntu's aufs kernel patch includes the following change which I interestingly can't see in the AUFS code at https://github.com/sfjro/aufs5-linux/blob/master/mm/mmap.c: ================================================================== +define vmafputvma vmadofputvma, func, LINE...

UBUNTU-CVE-2019-15792

In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, shiftfsbtrfsioctlfdreplace calls fdgetoldfd, then without further checks passes the resulting file into shiftfsrealfdget, which casts file-privatedata, a void that points to a filesystem-depende...

Ubuntu ubuntu-aufs-modified mmap_region() Refcounting Issue

Ubuntu: ubuntu-aufs-modified mmapregion breaks refcounting in overlayfs/shiftfs error path Tested on 19.10. Ubuntu's aufs kernel patch includes the following change which I interestingly can't see in the AUFS code at https://github.com/sfjro/aufs5-linux/blob/master/mm/mmap.c:...

Important kernel security update: Virtuozzo ReadyKernel patch 89.2 for Virtuozzo 7.0 and Virtuozzo Infrastructure Platform 2.5, 3.0

The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to the kernels 3.10.0-693.21.1.vz7.46.7 Virtuozzo 7.0.7 HF2, 3.10.0-693.21.1.vz7.48.2 Virtuozzo 7.0.7 HF3, 3.10.0-862.9.1.vz7.63.3 Virtuozzo 7.0.8, 3.10.0-862.11.6.vz7.64.7 Virtuozzo 7.0.8...

FreeBSD-SA-19:23.midi

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-19:23.midi Security Advisory The FreeBSD Project Topic: kernel memory disclosure from /dev/midistat Category: core Module: sound Announced: 2019-08-20 Credits:...

Linux - Use-After-Free via race Between modify_ldt() and #BR Exception

Linux - Use-After-Free via race Between modifyldt and BR Exception / When a BR exception is raised because of an MPX bounds violation, Linux parses the faulting instruction and computes the linear address of its memory operand. If the userspace instruction is in 32-bit code, this involves looking...

Kernel security update: Virtuozzo ReadyKernel patch 80.0 for Virtuozzo 7.0 Update 10

The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to the kernel 3.10.0-957.10.1.vz7.85.17 Virtuozzo 7.0 Update 10. Vulnerability id: PSBM-94535 It was discovered that a certain sequence of operations related to IPv4 routing could trigger a...

SUSE-SU-2019:0767-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Server 12 SP4 Azure kernel was updated to fix various issues. The following security bugs were fixed: - CVE-2019-2024: A use-after-free when disconnecting a source was fixed which could lead to crashes. bnc1129179. - CVE-2019-9213: expanddownwards in mm/mmap.c lacked a...

Linux - 'kvm_ioctl_create_device()' NULL Pointer Dereference

kvmioctlcreatedevice contains the following code: dev = kzallocsizeofdev, GFPKERNEL; if !dev return -ENOMEM; dev-ops = ops; dev-kvm = kvm; mutexlock&kvm-lock; ret = ops-createdev, cd-type; if ret lock; kfreedev; return ret; listadd&dev-vmnode, &kvm-devices; mutexunlock&kvm-lock; if ops-init...

Linux - kvm_ioctl_create_device() NULL Pointer Dereference

Linux - kvmioctlcreatedevice NULL Pointer Dereference kvmioctlcreatedevice contains the following code: dev = kzallocsizeofdev, GFPKERNEL; if !dev return -ENOMEM; dev-ops = ops; dev-kvm = kvm; mutexlock&kvm-lock; ret = ops-createdev, cd-type; if ret lock; kfreedev; return ret; listadd&dev-vmnode,...

Linux - #VMA Use-After-Free via Buggy vmacache_flush_all() Fastpath Exploit

Exploit for linux platform in category local exploits Linux - VMA Use-After-Free via Buggy vmacacheflushall Fastpath Exploit Since commit 615d6e8756c8 "mm: per-thread vma caching", first in 3.15, Linux has per-task VMA caches that contain up to four VMA pointers for fast lookup. VMA caches are...

Important kernel security update: CVE-2017-18344; Virtuozzo ReadyKernel patch 56.0 for all supported Virtuozzo 7.0 kernels

The cumulative Virtuozzo ReadyKernel patch was updated with a security fix. The patch applies to all supported Virtuozzo 7.0 kernels. Vulnerability id: CVE-2017-18344 The implementation of timercreate system call in the Linux kernel before 4.14.8 doesn't properly validate the sigevent::sigevnotif...

CVE-2017-18344

The timercreate syscall implementation in kernel/time/posix-timers.c in the Linux kernel doesn't properly validate the sigevent-sigevnotify field, which leads to out-of-bounds access in the showtimer function. Mitigation Attached to this bugzilla is a systemtap script that will prevent opening an...

Kernel security update: Virtuozzo ReadyKernel patch 49.0 for Virtuozzo 7.0.1, 7.0.3, 7.0.5, 7.0.6, and 7.0.6 HF3

The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to Virtuozzo 7.0 kernels 3.10.0-327.42.0.vz7.18.7 7.0.1, 3.10.0-327.42.0.vz7.20.18 7.0.3, 3.10.0-514.26.1.vz7.33.22 7.0.5, 3.10.0-693.1.1.vz7.37.30 7.0.6, and 3.10.0-693.11.6.vz7.40.4 7.0.6...