kernel: use-after-free in sound/core/timer.c

A memory flaw was found in the ALSA subsystem of the Linux kernel. The struct sndtimerinstance function fails the timer-maxinstances check leading to an invalid address. This could lead to a use-after-free vulnerability...

OSV-2020-510 UNKNOWN READ in ot::Timer::GetFireTime

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=13390 Crash type: UNKNOWN READ Crash state: ot::Timer::GetFireTime ot::Timer::DoesFireBefore ot::TimerScheduler::Add...

kernel: use-after-free in block/bfq-iosched.c related to bfq_idle_slice_timer_body

A flaw was found in the Linux kernel's implementation of the BFQ IO scheduler. This flaw allows a local user able to groom system memory to cause kernel memory corruption and possible privilege escalation by abusing a race condition in the IO scheduler...

CVE-2019-20812

A flaw was found in the way the afpacket functionality in the Linux kernel handled the retirement timer setting for TPACKETv3 when getting settings from the underlying network device errors out. This flaw allows a local user who can open the afpacket domain socket and who can hit the error path, ...

kernel: use-after-free in block/bfq-iosched.c related to bfq_idle_slice_timer_body

A flaw was found in the Linux kernel's implementation of the BFQ IO scheduler. This flaw allows a local user able to groom system memory to cause kernel memory corruption and possible privilege escalation by abusing a race condition in the IO scheduler...

Important: kernel-livepatch-4.14.173-137.228

Issue Overview: An issue was discovered in the Linux kernel before 5.6.5. There is a use-after-free in block/bfq-iosched.c related to bfqidleslicetimerbody.CVE-2020-12657 Affected Packages: kernel-livepatch-4.14.173-137.228 Issue Correction: Please ensure you have live patching enabled. Run yum...

Linux kernel resource management error vulnerability (CNVD-2020-37937)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A resource management error vulnerability exists in the 'bfqidleslicetimerbody' function in the block/bfq-iosched.c file in versions of Linux kernel prior to 5.6.5,...

DEBIAN-CVE-2020-12657

An issue was discovered in the Linux kernel before 5.6.5. There is a use-after-free in block/bfq-iosched.c related to bfqidleslicetimerbody...

UBUNTU-CVE-2020-12657

An issue was discovered in the Linux kernel before 5.6.5. There is a use-after-free in block/bfq-iosched.c related to bfqidleslicetimerbody...

Kernel update: Virtuozzo ReadyKernel patch 104.1 for Virtuozzo 7.0 and Virtuozzo Infrastructure Platform 2.5, 3.0, 3.5

The cumulative Virtuozzo ReadyKernel patch was updated with stability fixes. The patch applies to the kernels 3.10.0-862.20.2.vz7.73.24 Virtuozzo 7.0.9 and Virtuozzo Infrastructure Platform 2.5, 3.10.0-862.20.2.vz7.73.29 Virtuozzo 7.0.9 and Virtuozzo Infrastructure Platform 2.5,...

Denial Of Service (DoS)

kernel is vulnerable to denial of service. On 64-bit architectures, the possibility of a timer-expiration value overflow was found in the Linux kernel high-resolution timers functionality, hrtimer. This could allow a local unprivileged user to setup a large interval value, forcing the timer expir...

You cannot run a Windows 8-based or Windows Server 2012-based virtual machine in Windows Server 2008 R2

You cannot run a Windows 8-based or Windows Server 2012-based virtual machine in Windows Server 2008 R2 Symptoms Assume that you have the Hyper-V server role installed on a computer that is running Windows Server 2008 R2. Additionally, you create a virtual machine that is running Windows 8 or...

High CPU load on a Windows Server 2012 R2-based server because NAT keep-alive timer isn't cleaned up

High CPU load on a Windows Server 2012 R2-based server because NAT keep-alive timer isn't cleaned up This article describes an issue in which high CPU load occurs on a Windows Server 2012 R2-based server. Before you install this update, see the Prerequisites section. Symptoms Assume that a VPN...

Virtual machines don't respond to your operation in SCVMM in Windows Server 2012 R2

Virtual machines don't respond to your operation in SCVMM in Windows Server 2012 R2 This article describes an issue in which virtual machines VM don't respond to your operation in System Center 2012 R2 Virtual Machine Manager SCVMM in Windows Server 2012 R2. Before you install this update, see th...

EulerOS Virtualization for ARM 64 3.0.6.0 : kernel (EulerOS-SA-2020-1368)

According to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can...

bpftool, kernel, perf, python security update

CentOS Errata and Security Advisory CESA-2020:0375 An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...

USN-4227-1: Linux kernel vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Description It was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service system crash or...

Important: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Huawei EulerOS: Security Advisory for kvm (EulerOS-SA-2019-1370)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-4227-2: Linux kernel (Azure) vulnerabilities

USN-4227-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux kernel for Microsoft Azure Cloud systems for Ubuntu 14.04 ESM. It was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex Driver for the...