Solaris 10 (sparc) : 139555-08

SunOS 5.10: Kernel Patch. Date this patch was last updated by Sun : May/07/09 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

Solaris 10 (x86) : 139556-08

SunOS 5.10x86: Kernel Patch. Date this patch was last updated by Sun : May/07/09 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

Unbreakable Enterprise kernel security update

4.1.12-112.14.11 - x86/pti/efi: broken conversion from efi to kernel page table Pavel Tatashin Orabug: 27363926 Orabug: 27352353 CVE-2017-5754 - x86/spec: Always set IBRS to guest value on VMENTER and host on VMEXIT redux Konrad Rzeszutek Wilk Orabug: 27369994 - x86/IBRS: Make sure we restore...

Anti-Virus Updates Required Ahead of Microsoft’s Meltdown, Spectre Patches

Microsoft said it is holding off delivering security updates to Windows PCs for Spectre and Meltdown CPU flaws until hosted anti-virus software confirms it does not make unsupported calls into Windows kernel memory. Affected are PCs running certain AV products that bypass Windows built-in Kernel...

SUSE SLES12 Security Update : kernel (SUSE-SU-2017:2908-1) (KRACK) (Stack Clash)

The SUSE Linux Enterprise 12 SP1 LTS kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2017-15649: net/packet/afpacket.c in the Linux kernel allowed local users to gain privileges via crafted system calls that trigger mishandling of...

DEBIAN-CVE-2017-1000253

Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 committed on April 14, 2015. This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 backported to Linux 3.10.7...

Important kernel security update: CVE-2017-1000111 and other; Virtuozzo ReadyKernel patch 29.1 for Virtuozzo 7.0.5

The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to Virtuozzo kernel 3.10.0-514.26.1.vz7.33.22 Virtuozzo 7.0.5. Vulnerability id: CVE-2017-1000111 A race condition issue leading to a use-after-free flaw was found in the way the raw packet...

SUSE-SU-2017:2103-1 Security update for Linux Kernel Live Patch 20 for SLE 12

This update for the Linux Kernel 3.12.61-5269 fixes several issues. The following security bugs were fixed: - CVE-2017-7533: A bug in inotify code allowed local users to escalate privilege bsc1050751. - CVE-2017-7645: The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel allowed remote...

Kernel security update: CVE-2017-7472 and other; Virtuozzo ReadyKernel patch 19.1 for Virtuozzo 7.0.x

The cumulative Virtuozzo ReadyKernel patch updated with security fixes. The patch applies to Virtuozzo kernels 3.10.0-327.18.2.vz7.15.2 Virtuozzo 7.0.0, 3.10.0-327.36.1.vz7.18.7 Virtuozzo 7.0.1, and 3.10.0-327.36.1.vz7.20.18 Virtuozzo 7.0.3. Vulnerability id: CVE-2017-7472 It was found that...

Oracle VM VirtualBox - virtio-net Guest-to-Host Out-of-Bounds Write

Oracle VM VirtualBox - virtio-net Guest-to-Host Out-of-Bounds Write Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1136 This is a vulnerability that affects VirtualBox VMs that use a virtio network adapter which is a non-standard configuration. It permits the guest kernel to...

VirtualBox Guest-To-Host Out-Of-Bounds Write Exploit

Exploit for multiple platform in category dos / poc VirtualBox: guest-to-host out-of-bounds write via virtio-net CVE-2017-3575 This is a vulnerability that affects VirtualBox VMs that use a virtio network adapter which is a non-standard configuration. It permits the guest kernel to write up to 4G...

MGASA-2016-0281 Updated ctdb packages fix security vulnerability

The kernel fix for CVE-2015-8543 uncovered a bug in ctdb, leading to broken clusters. The ctdb package has been patched to fix this issue...

CVE-2016-5340

The isashmemfile function in drivers/staging/android/ashmem.c in a certain Qualcomm Innovation Center QuIC Android patch for the Linux kernel 3.x mishandles pointer validation within the KGSL Linux Graphics Module, which allows attackers to bypass intended access restrictions by using the /ashmem...

UBUNTU-CVE-2016-5340

The isashmemfile function in drivers/staging/android/ashmem.c in a certain Qualcomm Innovation Center QuIC Android patch for the Linux kernel 3.x mishandles pointer validation within the KGSL Linux Graphics Module, which allows attackers to bypass intended access restrictions by using the /ashmem...

SUSE-SU-2016:0434-1 Security update for kernel live patch 1

This kernel live patch for Linux Kernel 3.12.32-33.1 fixes security issues and bugs: Security issues fixed: - CVE-2015-8539: A negatively instantiated user key could have been used by a local user to leverage privileges bnc958601. - CVE-2015-6937: A NULL pointer dereference flaw was found in the...

SUSE-SU-2016:0386-1 Security update for kernel live patch 6

This kernel live patch for Linux Kernel 3.12.44-52.10.1 fixes security issues and bugs: Security issues fixed: - CVE-2015-8539: A negatively instantiated user key could have been used by a local user to leverage privileges bnc958601. - CVE-2015-6937: A NULL pointer dereference flaw was found in t...

SUSE-SU-2016:0380-1 Security update for kernel live patch 3

This kernel live patch for Linux Kernel 3.12.38-44.1 fixes security issues and bugs: Security issues fixed: - CVE-2015-8539: A negatively instantiated user key could have been used by a local user to leverage privileges bnc958601. - CVE-2015-6937: A NULL pointer dereference flaw was found in the...

SUSE-SU-2016:0383-1 Security update for kernel live patch 5

This kernel live patch for Linux Kernel 3.12.43-52.6.1 fixes security issues and bugs: Security issues fixed: - CVE-2015-8539: A negatively instantiated user key could have been used by a local user to leverage privileges bnc958601. - CVE-2015-6937: A NULL pointer dereference flaw was found in th...

SUSE-SU-2015:1488-1 Live patch for the Linux Kernel

This update contains a kernel live patch for the 3.12.36-38 SUSE Linux Enterprise Server 12 Kernel, fixing following security issues. - CVE-2015-3339: A race condition in the preparebinprm function in fs/exec.c in the Linux kernel allowed local users to gain privileges by executing a setuid progr...

kernel: net: sctp: fix panic on duplicate ASCONF chunks

A flaw was found in the way the Linux kernel's Stream Control Transmission Protocol SCTP implementation handled duplicate Address Configuration Change Chunks ASCONF. A remote attacker could use either of these flaws to crash the system...