1101 matches found
Updated kernel-tmb packages fix security vulnerabilities
This kernel-tmb update is based on the upstream 4.4.111 and fixes several security issues. The most important fix in this update is for the security issue named "Meltdown" that is fixed in theese kernels by enabling kernel Page Table Isolation KTPI. Note that according to AMD, this issue does not...
Updated kernel packages fix security vulnerabilities
This kernel update is based on the upstream 4.14.13 and fixes several security issues. The most important fix in this update is for the security issue named "Meltdown" that is fixed in theese kernels by enabling kernel Page Table Isolation KPTI. Note that according to AMD, this issue does not...
Updated kernel-tmb packages fix security vulnerabilities
This kernel-tmb update is based on the upstream 4.14.13 and fixes several security issues. The most important fix in this update is for the security issue named "Meltdown" that is fixed in theese kernels by enabling kernel Page Table Isolation KTPI. Note that according to AMD, this issue does not...
Linux kernel memory misreference vulnerability (CNVD-2018-03260)
Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A memory misreference vulnerability exists in the network namespace code in the Linux kernel, which stems from the 'getnetnsbyid' function of the net/core/netnamespace...
Memory corruption
A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function getnetnsbyid in net/core/netnamespace.c does not check for the net::count value after it has found a peer network in netnsids idr, which could lead to double free and memory...
CVE-2017-15129
A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function getnetnsbyid in net/core/netnamespace.c does not check for the net::count value after it has found a peer network in netnsids idr, which could lead to double free and memory...
DEBIAN-CVE-2017-15129
A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function getnetnsbyid in net/core/netnamespace.c does not check for the net::count value after it has found a peer network in netnsids idr, which could lead to double free and memory...
CVE-2017-15129
A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function getnetnsbyid in net/core/netnamespace.c does not check for the net::count value after it has found a peer network in netnsids idr, which could lead to double free and memory...
CVE-2017-15129
CVE-2017-15129 describes a use-after-free in Linux kernel network namespaces: get_net_ns_by_id() may skip verifying net::count after locating a peer in netns_ids idr, enabling a double free and memory corruption. Affected: Linux kernel before 4.14.11; impact includes potential system crash and po...
CVE-2017-15129
A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function getnetnsbyid in net/core/netnamespace.c does not check for the net::count value after it has found a peer network in netnsids idr, which could lead to double free and memory...
UBUNTU-CVE-2017-15129
A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function getnetnsbyid in net/core/netnamespace.c does not check for the net::count value after it has found a peer network in netnsids idr, which could lead to double free and memory...
CVE-2017-15129
A use-after-free vulnerability was found in a network namespaces code affecting the Linux kernel since v4.0-rc1 through v4.15-rc5. The function getnetnsbyid does not check for the net::count value after it has found a peer network in netnsids idr which could lead to double free and memory...
Virtuozzo 7 : readykernel-patch (VZA-2017-115)
According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerability : - Potential use-after-free in the processing of namespaces. Note that Tenable Network Security has extracted the precedi...
Important kernel security update: Virtuozzo ReadyKernel patch 40.0 for Virtuozzo 7.0.4 and 7.0.4 HF3
The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to Virtuozzo kernels 3.10.0-514.16.1.vz7.30.10 Virtuozzo 7.0.4 and 3.10.0-514.16.1.vz7.30.15 Virtuozzo 7.0.4 HF3 Vulnerability id: PSBM-78904 Potential use-after-free in the processing of...
Important kernel security update: Virtuozzo ReadyKernel patch 40.0 for Virtuozzo 7.0.6
The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to Virtuozzo kernel 3.10.0-693.1.1.vz7.37.30 Virtuozzo 7.0.6. Vulnerability id: PSBM-78904 Potential use-after-free in the processing of namespaces...
CVE-2017-17448
The net/netfilter/nfnetlinkcthelper.c function in the Linux kernel through 4.14.4 does not require the CAPNETADMIN capability for new, get, and del operations. This allows local users to bypass intended access restrictions because the nfnlcthelperlist data structure is shared across all net...
CVE-2017-17449
The netlinkdelivertapskb function in net/netlink/afnetlink.c in the Linux kernel through 4.14.4, when CONFIGNLMON is enabled, does not restrict observations of Netlink messages to a single net namespace, which allows local users to obtain sensitive information by leveraging the CAPNETADMIN...
CVE-2017-17448
net/netfilter/nfnetlinkcthelper.c in the Linux kernel through 4.14.4 does not require the CAPNETADMIN capability for new, get, and del operations, which allows local users to bypass intended access restrictions because the nfnlcthelperlist data structure is shared across all net namespaces...
CVE-2017-17450
net/netfilter/xtosf.c in the Linux kernel through 4.14.4 does not require the CAPNETADMIN capability for addcallback and removecallback operations, which allows local users to bypass intended access restrictions because the xtosffingers data structure is shared across all net namespaces...
DEBIAN-CVE-2017-17448
net/netfilter/nfnetlinkcthelper.c in the Linux kernel through 4.14.4 does not require the CAPNETADMIN capability for new, get, and del operations, which allows local users to bypass intended access restrictions because the nfnlcthelperlist data structure is shared across all net namespaces...