PT-2019-3982 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.3.8 Description: The issue is related to a memory leak in the komeda wb connector add function, which can cause a denial of service due to memory consumption. This can be triggered by failures in drm writeback...

kernel security and bug fix update

3.10.0-957.12.1.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-957.12.1 - kernel locking/rwsem: Fix possible missed wakeup Waiman Long 1690323...

Null pointer dereference

When an atomic commit is issued on a writeback panel with a NULL outputlayer parameter in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-06-03, a NULL pointer dereference may potentially occur...

Unbreakable Enterprise kernel security update

kernel-uek 3.8.13-118.20.1 - tty: Fix race in ptywrite leading to NULL deref Todd Vierling Orabug: 25392692 - ocfs2/dlm: ignore cleaning the migration mle that is inuse xuejiufei Orabug: 26479780 - KEYS: fix dereferencing NULL payload with nonzero length Eric Biggers Orabug: 26592025 - oracleasm:...

Microsoft Azure AD Connect Privilege Elevation Vulnerability (4033453)

This host is missing an important security update according to Microsoft Security Advisory 4033453 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

CVE-2017-8613

Azure AD Connect Password writeback, if misconfigured during enablement, allows an attacker to reset passwords and gain unauthorized access to arbitrary on-premises AD privileged user accounts aka "Azure AD Connect Elevation of Privilege Vulnerability."...

Privilege escalation

Azure AD Connect Password writeback, if misconfigured during enablement, allows an attacker to reset passwords and gain unauthorized access to arbitrary on-premises AD privileged user accounts aka "Azure AD Connect Elevation of Privilege Vulnerability."...

CVE-2017-8613

Azure AD Connect Password writeback, if misconfigured during enablement, allows an attacker to reset passwords and gain unauthorized access to arbitrary on-premises AD privileged user accounts aka "Azure AD Connect Elevation of Privilege Vulnerability."...

CVE-2017-8613

Azure AD Connect Password writeback, if misconfigured during enablement, allows an attacker to reset passwords and gain unauthorized access to arbitrary on-premises AD privileged user accounts aka "Azure AD Connect Elevation of Privilege Vulnerability."...

CVE-2017-8613

CVE-2017-8613 concerns Microsoft Azure AD Connect Password writeback. When the password writeback feature is misconfigured during enablement, an attacker could abuse the permission model to reset passwords and gain unauthorized access to arbitrary on‑premises AD privileged user accounts. The vuln...

Microsoft Security Advisory 4033453: Vulnerability in Azure AD Connect Could Allow Elevation of Privilege

The version of Azure Active Directory AD Connect installed on the remote Windows host is prior to 1.1.553.0, and the password writeback setting is enabled. It is, therefore, affected by an elevation of privilege vulnerability due to improper permissions being granted when enabling the password...

Microsoft Issues 'Important' Security Fix for Azure AD Connect

Microsoft is warning customers of a bug in its Azure Active Directory Connect product that could allow an adversary to escalate privileges and reset passwords and gain unauthorized access to user accounts. The advisory 4033453 was issued Tuesday via Microsoft’s TechNet website for the vulnerabili...

kernel: Null pointer dereference in trace_writeback_dirty_page()

A security flaw was found in the Linux kernel that an attempt to move page mapped by AIO ring buffer to the other node triggers NULL pointer dereference at tracewritebackdirtypage, because aiofsbackingdevinfo.dev is 0...

PT-2016-5354 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.4 Description: The issue is related to the trace writeback dirty page implementation in the Linux kernel, which improperly interacts with mm/migrate.c. This can be exploited by local users to cause a denial of...

Scientific Linux Security Update : kernel on SL5.x i386/x86_64 (20140903)

An out-of-bounds memory access flaw was found in the Linux kernel's system call auditing implementation. On a system with existing audit rules defined, a local, unprivileged user could use this flaw to leak kernel memory to user space or, potentially, crash the system. CVE-2014-3917, Moderate...

CentOS 5 : kernel (CESA-2014:1143)

Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

openSUSE Security Update : kernel (openSUSE-SU-2014:0204-1)

The Linux kernel was updated to fix various bugs and security issues : - mm/page-writeback.c: do not count anon pages as dirtyable memory reclaim stalls. - mm/page-writeback.c: fix dirtybalancereserve subtraction from dirtyable memory reclaim stalls. - compatsysrecvmmsg X32 fix bnc860993...

KM-2004-01: Cross-Site Scripting in Blosxom writeback

Security Advisory KM-2004-01: Cross-Site Scripting in Blosxom writeback Affected Application: Blosxom http://www.blosxom.com Severity: Medium to high typical XSS impacts Introduction: Blosxom, a weblog tool, has an optionally-installable plugin commonly used for allowing users to post comments or...