1049 matches found
Security update for the Linux Kernel (important)
The openSUSE Leap 42.3 kernel was updated to 4.4.103 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-1000405: A bug in the THP CoW support could be used by local attackers to corrupt memory of other processes and cause them to crash bnc1069496. -...
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3657)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3657 advisory. - mm: Tighten x86 /dev/mem with zeroing reads Kees Cook Orabug: 26675925 CVE-2017-7889 - more biomapuseriov leak fixes Al Viro Orabug: 27069042...
CVE-2017-1000410
The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. This info leak is a result of uninitialized stack variables that may be returned to an attacker in their uninitialized state. B...
CVE-2017-1000410
The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. This info leak is a result of uninitialized stack variables that may be returned to an attacker in their uninitialized state. B...
DEBIAN-CVE-2017-1000410
The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. This info leak is a result of uninitialized stack variables that may be returned to an attacker in their uninitialized state. B...
Design/Logic Flaw
The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. This info leak is a result of uninitialized stack variables that may be returned to an attacker in their uninitialized state. B...
CVE-2017-1000410
The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. This info leak is a result of uninitialized stack variables that may be returned to an attacker in their uninitialized state. B...
CVE-2017-1000410
The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. This info leak is a result of uninitialized stack variables that may be returned to an attacker in their uninitialized state. B...
CVE-2017-1000410
Summary of CVE-2017-1000410 (Linux kernel info leak) : The vulnerability affects Linux kernel 3.3-rc1 and later in how L2CAP ConfigRequest/ConfigResponse are parsed. A stack variable (struct l2cap_conf_efs efs) is declared uninitialized and, depending on parsing flow and input, can be leaked back...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.20.1 - tty: Fix race in ptywrite leading to NULL deref Todd Vierling Orabug: 25392692 - ocfs2/dlm: ignore cleaning the migration mle that is inuse xuejiufei Orabug: 26479780 - KEYS: fix dereferencing NULL payload with nonzero length Eric Biggers Orabug: 26592025 - oracleasm:...
CVE-2017-1000410
The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. This info leak is a result of uninitialized stack variables that may be returned to an attacker in their uninitialized state. B...
UBUNTU-CVE-2017-1000410
The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. This info leak is a result of uninitialized stack variables that may be returned to an attacker in their uninitialized state. B...
Linux Kernel 'bnep_add_connection' function local elevation of privilege vulnerability
Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A security vulnerability exists in the 'bnepaddconnection' function of the net/bluetooth/bnep/core.c file in versions of the Linux kernel prior to 3.19, which stems fr...
UBUNTU-CVE-2017-15868
The bnepaddconnection function in net/bluetooth/bnep/core.c in the Linux kernel before 3.19 does not ensure that an l2cap socket is available, which allows local users to gain privileges via a crafted application...
EulerOS 2.0 SP1 : kernel (EulerOS-SA-2017-1245)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The iscsiifrx function in drivers/scsi/scsitransportiscsi.c in the Linux kernel through 4.13.2 allows local users to cause a denial of service...
SUSE SLES12 Security Update : kernel (SUSE-SU-2017:2793-1) (BlueBorne)
This update for the Linux Kernel 3.12.74-606448 fixes one issue. The following security bugs were fixed : - CVE-2017-15274: security/keys/keyctl.c in the Linux kernel did not consider the case of a NULL payload in conjunction with a nonzero length value, which allowed local users to cause a denia...
Oracle Linux 7 : kernel (ELSA-2017-2930-1) (BlueBorne)
Description of changes: - 3.10.0-693.5.2.0.1.el7.OL7 - ipc ipc/sem.c: bugfix for semctl,,GETZCNT Manfred Spraul orabug 22552377 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel olkmodsigningkey.x509alexey.petrenko at oracle.com - Update...
SUSE SLES12 Security Update : kernel (SUSE-SU-2017:2796-1) (BlueBorne)
This update for the Linux Kernel 3.12.74-606457 fixes one issue. The following security bugs were fixed : - CVE-2017-15274: security/keys/keyctl.c in the Linux kernel did not consider the case of a NULL payload in conjunction with a nonzero length value, which allowed local users to cause a denia...
SUSE SLES12 Security Update : kernel (SUSE-SU-2017:2781-1) (BlueBorne)
This update for the Linux Kernel 3.12.61-5283 fixes one issue. The following security bugs were fixed : - CVE-2017-15274: security/keys/keyctl.c in the Linux kernel did not consider the case of a NULL payload in conjunction with a nonzero length value, which allowed local users to cause a denial ...
Oracle Linux 7 : kernel (ELSA-2017-2930)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-2930 advisory. - net tcp: initialize rcvmss to TCPMINMSS instead of 0 Davide Caratti 1488341 1487061 CVE-2017-14106 - net tcp: fix 0 divide in tcpselectwindow Davide...