USN-4946-1: Linux kernel vulnerabilities

It was discovered that the DRM subsystem in the Linux kernel contained double-free vulnerabilities. A privileged attacker could possibly use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-20292 Olivier Benjamin, Norbert Manthey, Martin Mazein, and Jan ...

USN-4947-1: Linux kernel (OEM) vulnerabilities

Kiyin 尹亮 discovered that the x25 implementation in the Linux kernel contained overflows when handling addresses from user space. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-35519 It was discovered that the fastrpc driver i...

USN-4947-1 linux-oem-5.6 vulnerabilities

Kiyin 尹亮 discovered that the x25 implementation in the Linux kernel contained overflows when handling addresses from user space. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-35519 It was discovered that the fastrpc driver i...

USN-4945-1 linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gke, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-kvm, linux-oracle, linux-oracle-5.4 vulnerabilities

It was discovered that the Nouveau GPU driver in the Linux kernel did not properly handle error conditions in some situations. A local attacker could use this to cause a denial of service system crash. CVE-2020-25639 Jan Beulich discovered that the Xen netback backend in the Linux kernel did not...

USN-4945-1: Linux kernel vulnerabilities

It was discovered that the Nouveau GPU driver in the Linux kernel did not properly handle error conditions in some situations. A local attacker could use this to cause a denial of service system crash. CVE-2020-25639 Jan Beulich discovered that the Xen netback backend in the Linux kernel did not...

USN-4904-1 linux, linux-aws, linux-kvm, linux-lts-xenial, linux-raspi2, linux-snapdragon vulnerabilities

Ben Harris discovered that the Linux kernel would strip extended privilege attributes of files when performing a failed unprivileged system call. A local attacker could use this to cause a denial of service. CVE-2015-1350 Andrey Konovalov discovered that the video4linux driver for Hauppauge HD PV...

USN-4904-1: Linux kernel vulnerabilities

Ben Harris discovered that the Linux kernel would strip extended privilege attributes of files when performing a failed unprivileged system call. A local attacker could use this to cause a denial of service. CVE-2015-1350 Andrey Konovalov discovered that the video4linux driver for Hauppauge HD PV...

[SECURITY] Fedora 31 Update: xawtv-3.107-2.fc31

Xawtv is a simple xaw-based TV program which uses the bttv driver or video4linux. Xawtv contains various command-line utilities for grabbing images and .avi movies, for tuning in to TV stations, etc. Xawtv also includes a grabber driver for vic...

Fedora: Security Advisory for xawtv (FEDORA-2020-93db553bb7)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 32 Update: xawtv-3.107-1.fc32

Xawtv is a simple xaw-based TV program which uses the bttv driver or video4linux. Xawtv contains various command-line utilities for grabbing images and .avi movies, for tuning in to TV stations, etc. Xawtv also includes a grabber driver for vic...

Fedora: Security Advisory for xawtv (FEDORA-2020-cd5ad916e4)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-4147-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4147-1 advisory. It was discovered that the Intel Wi-Fi device driver in the Linux kernel did not properly validate certain Tunneled Direct Link Setup TDLS. A physically...

UBUNTU-CVE-2016-2477

mm-video-v4l2/vidc/vdec/src/omxvdecmsm8974.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 mishandles pointers, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or...

DEBIAN-CVE-2016-4568

drivers/media/v4l2-core/videobuf2-v4l2.c in the Linux kernel before 4.5.3 allows local users to cause a denial of service kernel memory write operation or possibly have unspecified other impact via a crafted number of planes in a VIDIOCDQBUF ioctl call...

openSUSE Security Update : kernel (openSUSE-SU-2010:1047-1)

This security update of the openSUSE 11.1 kernel updates the kernel to 2.6.27.56 and fixes various security issues and other bugs. Following security issues were fixed by this update: CVE-2010-2963: A problem in the compat ioctl handling in video4linux allowed local attackers with a video device...

SuSE 11.1 Security Update : Linux kernel (SAT Patch Numbers 3433 / 3436 / 3445)

This update of the SUSE Linux Enterprise Server 11 SP1 kernel brings the kernel to 2.6.32.24 and fixes some critical security bugs and other non-security bugs. Following security bugs were fixed : - A iovec integer overflow in RDS sockets was fixed which could lead to local attackers gaining kern...

SuSE 11.1 Security Update : Linux kernel (SAT Patch Numbers 3462 / 3463)

This update of the SUSE Linux Enterprise Server 11 SP1 kernel brings the kernel to 2.6.32.24 and fixes some critical security bugs and other non-security bugs. Following security bugs were fixed : - A iovec integer overflow in RDS sockets was fixed which could lead to local attackers gaining kern...

Memory corruption

drivers/media/video/v4l2-compat-ioctl32.c in the Video4Linux V4L implementation in the Linux kernel before 2.6.36 on 64-bit platforms does not validate the destination of a memory copy operation, which allows local users to write to arbitrary kernel memory locations, and consequently gain...

CVE-2010-2963

CVE-2010-2963 affects the Linux kernel’s Video4Linux (V4L) implementation on x86_64, where a flaw in the v4l2-compat ioctl32 code fails to validate the destination of a memory copy, enabling a local user to write arbitrary kernel memory via VIDIOCSTUNER on a /dev/video device followed by VIDIOCSM...

openSUSE Security Update : kernel (openSUSE-SU-2010:0919-1)

This update of the openSUSE 11.2 Linux kernel fixes two critical security issues and some bugs. Following security issues were fixed: CVE-2010-3904: A local privilege escalation in RDS sockets allowed local attackers to gain root privileges. CVE-2010-2963: A problem in the compat ioctl handling i...