Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-4660-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4660-1 advisory. It was discovered that a race condition existed in the perf subsystem of the Linux kernel, leading to a use-after-free vulnerability. An...

Ubuntu 20.10 : Linux kernel vulnerabilities (USN-4659-1)

The remote Ubuntu 20.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4659-1 advisory. Several security issues were fixed in the Linux kernel. Tenable has extracted the preceding description block directly from the Ubuntu security advisory. Not...

Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-4657-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4657-1 advisory. Elena Petrova discovered that the pin controller device tree implementation in the Linux kernel did not properly handle string references. A local attack...

MGASA-2020-0392 Updated kernel packages fix security vulnerabilities

A flaw was found in the way the Linux kernel Bluetooth implementation handled L2CAP packets with A2MP CID. A remote attacker in adjacent range could use this flaw to crash the system causing denial of service or potentially execute arbitrary code on the system by sending a specially crafted L2CAP...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-4576-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4576-1 advisory. Hadar Manor discovered that the DCCP protocol implementation in the Linux kernel improperly handled socket reuse, leading to a use-after-free...

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-4578-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4578-1 advisory. Hadar Manor discovered that the DCCP protocol implementation in the Linux kernel improperly handled socket reuse, leading to a use-after-free...

Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-4527-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4527-1 advisory. It was discovered that the Conexant 23885 TV card device driver for the Linux kernel did not properly deallocate memory in some error conditions. A local...

Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-4439-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4439-1 advisory. It was discovered that the network block device nbd implementation in the Linux kernel did not properly check for error conditions in some situations. An...

LSN-0069-1 Kernel Live Patch Security Notice

Relayopen in kernel/relay.c in the Linux kernel through 5.4.1 allows local users to cause a denial of service such as relay blockage by triggering a NULL allocpercpu result. CVE-2019-19462 Fan Yang discovered that the mremap implementation in the Linux kernel did not properly handle DAX Huge Page...

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-4426-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4426-1 advisory. Jason A. Donenfeld discovered that the ACPI implementation in the Linux kernel did not properly restrict loading SSDT code from an EFI...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-4425-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4425-1 advisory. It was discovered that the network block device nbd implementation in the Linux kernel did not properly check for error conditions in some...

USN-4390-1: Linux kernel vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Description It was discovered that the F2FS file system implementation in the Linux kernel did not properly perform bounds checking on xattrs in some situations. A local attacker could possibly use this to expose...

LSN-0068-1 Kernel Live Patch Security Notice

It was discovered that the virtual terminal implementation in the Linux kernel did not properly handle resize events. A local attacker could use this to expose sensitive information. CVE-2020-8647 It was discovered that the virtual terminal implementation in the Linux kernel contained a race...

USN-4369-2 linux, linux-raspi2, linux-raspi2-5.3 regression

USN-4369-1 fixed vulnerabilities in the 5.3 Linux kernel. Unfortunately, that update introduced a regression in overlayfs. This update corrects the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the btrfs implementation in the Linux kernel did not...

Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-4368-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4368-1 advisory. Tristan Madani discovered that the file locking implementation in the Linux kernel contained a race condition. A local attacker could possibly use this t...

LSN-0066-1 Kernel Live Patch Security Notice

It was discovered that the virtual terminal implementation in the Linux kernel did not properly handle resize events. A local attacker could use this to expose sensitive information. CVE-2020-8647 It was discovered that the virtual terminal implementation in the Linux kernel contained a race...

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-4345-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4345-1 advisory. Al Viro discovered that the Linux kernel for s390x systems did not properly perform page table upgrades for kernel sections that use secondar...

SUSE-SU-2020:1118-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-8834: KVM on Power8 processors had a conflicting use of HSTATEHOSTR1 to store r1 state in kvmppchventry plus in kvmppcsave,restoretm, leading to a...

AMI MegaRAC SP-X BMC Vulnerabilities - Lenovo Support US

Lenovo Security Advisory: LEN-29592 Potential Impact: Denial of service, privilege escalation, information disclosure Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2013-4312, CVE-2013-7446, CVE-2014-3631, CVE-2014-5206, CVE-2014-5207, CVE-2014-6410, CVE-2014-7145, CVE-2014-782...

MGASA-2020-0158 Updated kernel-linus packages fix security vulnerabilities

This update is based on upstream 5.5.15 and fixes at least the following security vulnerabilities: In the Linux kernel 5.4.0-rc2, there is a use-after-free read in the blkaddtrace function in kernel/trace/blktrace.c which is used to fill out a blkiotrace structure and place it in a per-cpu...