NewStart CGSL MAIN 4.05 : kernel Multiple Vulnerabilities (NS-SA-2020-0050)

The remote NewStart CGSL host, running version MAIN 4.05, has kernel packages installed that are affected by multiple vulnerabilities: - basesockcreate in drivers/isdn/mISDN/socket.c in the AFISDN network module in the Linux kernel through 5.3.2 does not enforce CAPNETRAW, which means that...

CVE-2020-7452

In FreeBSD 12.1-STABLE before r357490, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before r357489, and 11.3-RELEASE before 11.3-RELEASE-p7, incorrect use of a user-controlled pointer in the epair virtual network module allowed vnet jailed privileged users to panic the host system and...

CVE-2020-7452

Removed by vendor...

CVE-2019-17056

llcpsockcreate in net/nfc/llcpsock.c in the AFNFC network module in the Linux kernel through 5.3.2 does not enforce CAPNETRAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176...

CVE-2019-17052

ax25create in net/ax25/afax25.c in the AFAX25 network module in the Linux kernel 3.16 through 5.3.2 does not enforce CAPNETRAW, which means that unprivileged users can create a raw socket, aka CID-0614e2b73768...

Design/Logic Flaw

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Quantum Ethernet Network module 140NOE771x1 Versions 7.0 and prior, Quantum processors with integrated Ethernet – 140CPU65xxxxx all Versions, and Premium processors with integrated Ethernet all Versions, which...

CVE-2020-7477

CVE-2020-7477 affects Schneider Electric/Quantum hardware: Quantum Ethernet Network module 140NOE771x1 (versions 7.0 and prior); Quantum processors with integrated Ethernet 140CPU65xxxxx (all versions); and Premium processors with integrated Ethernet (all versions). The vulnerability is a CWE-754...

Oracle Linux 6 : kernel (ELSA-2020-0790)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-0790 advisory. - isdn mISDN: enforce CAPNETRAW for raw sockets Andrea Claudi 1779473 CVE-2019-17055 - net cfg80211: wext: avoid copying malformed SSIDs Jarod Wilson...

CVE-2019-17054

atalkcreate in net/appletalk/ddp.c in the AFAPPLETALK network module in the Linux kernel through 5.3.2 does not enforce CAPNETRAW, which means that unprivileged users can create a raw socket, aka CID-6cc03e8aa36c...

SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:3295-1)

The SUSE Linux Enterprise 15 SP1 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2019-15916: Fixed a memory leak in registerqueuekobjects which might have led denial of service bsc1149448. CVE-2019-0154: Fixed an improper access control...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4871)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4871 advisory. - ieee802154: enforce CAPNETRAW for raw sockets Allen Pais Orabug: 30444947 CVE-2019-17053 - mISDN: enforce CAPNETRAW for raw sockets Ori Nimron...

EulerOS 2.0 SP8 : kernel (EulerOS-SA-2019-2283)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A memory leak in the af9005identifystate function in drivers/media/usb/dvb-usb/af9005.c in the Linux kernel through 5.3.9 allows attackers to...

Linux kernel memory corruption vulnerability (CNVD-2019-42788)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A security vulnerability exists in the ax25create function in the net/ax25/afax25.c file in the AFAX25 network module in Linux kernel 5.3.2 and earlier. An attacker ca...

openSUSE Security Update : the Linux Kernel (openSUSE-2019-2503)

The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2019-0154: An unprotected read access to i915 registers has been fixed that could have been abused to facilitate a local denial-of-service attack. bsc1135966 -...

SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:2946-1)

The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a race condition in the Instruction Fetch Unit of the Intel CPU to cause a Machine Exception...

SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:2947-1)

The SUSE Linux Enterprise 15-SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a race condition in the Instruction Fetch Unit of the Intel CPU to cause a Machine Exceptio...

SUSE SLES12 Security Update : kernel (SUSE-SU-2019:2953-1)

The SUSE Linux Enterprise 15-SP1 Azure Kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a race condition in the Instruction Fetch Unit of the Intel CPU to cause a Machine...

openSUSE Security Update : the Linux Kernel (openSUSE-2019-2444)

The openSUSE Leap 15.1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2019-16995: A memory leak exits in hsrdevfinalize in net/hsr/hsrdevice.c. if hsraddport fails to add a port, which may cause denial of service, aka CID-6caabe7f197d...

Security update for the Linux Kernel (important)

openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2019:2444-1 Rating: important References: 1046299 1046303 1046305 1050244 1050536 1050545 1051510 1055186 1061840 1064802 1065600 1066129 1073513 1082635 1083647 1086323 1087092 1089644 1093205 1097583...

SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2019:2879-1)

The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2017-18595: A double free may be caused by the function allocatetracebuffer in the file kernel/trace/trace.c bnc1149555. CVE-2019-14821: An out-of-bounds acce...