47 matches found
CLSA-2022-1643637294 Fix CVE(s): CVE-2021-38198
CVE-2021-38198 - ELSCVE-686: KVM: MMU: return page fault error code from permissionfault - ELSCVE-686: kvm: x86: MMU support for EPT accessed/dirty bits - ELSCVE-686: KVM: nVMX: fix EPT permissions as reported in exit qualification - ELSCVE-686: KVM: X86: MMU: Use the correct inherited permission...
kernel: mm: memcontrol: slab: fix obtain a reference to a freeing memcg
In the Linux kernel, the following vulnerability has been resolved: mm: memcontrol: slab: fix obtain a reference to a freeing memcg Patch series "Use objcgroup APIs to charge kmem pages", v5. Since Roman's series "The new cgroup slab memory controller" applied. All slab objects are charged with t...
kernel: slab-out-of-bounds read in fbcon
An out-of-bounds OOB SLAB memory access flaw was found in the Linux kernel's fbcon driver module. A bounds check failure allows a local attacker with special user privileges to gain access to out-of-bounds memory, leading to a system crash or leaking of internal kernel information. The highest...
Important: kernel-livepatch-4.14.177-139.253
Issue Overview: In the Linux kernel 5.0.21, a setxattr operation, after a mount of a crafted ext4 image, can cause a slab-out-of-bounds write access because of an ext4xattrsetentry use-after-free in fs/ext4/xattr.c when a large oldsize value is used in a memset call. CVE-2019-19319 Affected...
Important: Red Hat Security Advisory: kernel security and bug fix update
An update for kernel is now available for Red Hat Enterprise Linux 7.5 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Information Disclosure
Linux kernel is vulnerable to information disclosure attacks. A local user could exploit a flaw in the inetdiagmsgsctpaddrsfill, inetdiagmsgsctpladdrsfill, and sctpgetsctpinfo functions in 'net/sctp/sctpdiag.c' to obtain potentially sensitive information in portions of slab memory on the target...
CVE-2019-11683
udpgroreceivesegment in net/ipv4/udpoffload.c in the Linux kernel 5.x before 5.0.13 allows remote attackers to cause a denial of service slab-out-of-bounds memory corruption or possibly have unspecified other impact via UDP packets with a 0 payload, because of mishandling of padded packets, aka t...