13 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-13053
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The alarmtimernsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because...
openSUSE Security Update : the Linux Kernel (openSUSE-2019-2307)
The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2019-15291: There was a NULL pointer dereference caused by a malicious USB device in the flexcopusbprobe function in the drivers/media/usb/b2c2/flexcop-usb.c driver...
USN-4118-1 linux-aws vulnerabilities
It was discovered that the alarmtimer implementation in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service. CVE-2018-13053 Wen Xu discovered that the XFS filesystem implementation in the Linux kernel did not properly track...
USN-4094-1 linux, linux-hwe, linux-azure, linux-gcp, linux-gke-4.15, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities
It was discovered that the alarmtimer implementation in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service. CVE-2018-13053 Wen Xu discovered that the XFS filesystem implementation in the Linux kernel did not properly track...
USN-4094-1: Linux kernel vulnerabilities
It was discovered that the alarmtimer implementation in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service. CVE-2018-13053 Wen Xu discovered that the XFS filesystem implementation in the Linux kernel did not properly track...
Unbreakable Enterprise kernel security update
2.6.39-400.307.1 - proc: restrict kernel stack dumps to root John Donnelly Orabug: 29114880 CVE-2018-17972 - alarmtimer: Prevent overflow for relative nanosleep Thomas Gleixner Orabug: 29269182 CVE-2018-13053 - ext4: only look at the bgflags field if it is valid Theodore Ts'o Orabug: 29409428...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.31.1 - alarmtimer: Prevent overflow for relative nanosleep Thomas Gleixner Orabug: 29269167 CVE-2018-13053 - KEYS: Don't permit requestkey to construct a new keyring David Howells Orabug: 29304552 CVE-2017-17807 - KEYS: add missing permission check for requestkey destination...
Unbreakable Enterprise kernel security update
4.14.35-1844.2.5 - x86/apic: Switch all APICs to Fixed delivery mode Thomas Gleixner Orabug: 29262403 4.14.35-1844.2.4 - x86/platform/UV: Add check of TSC state set by UV BIOS [email protected] Orabug: 29205471 - x86/tsc: Provide a means to disable TSC ART [email protected] Orabug: 29205471 -...
Ubuntu 14.04 LTS : Linux kernel (Xenial HWE) vulnerabilities (USN-3821-2)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3821-2 advisory. USN-3821-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enableme...
Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-3821-1)
The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3821-1 advisory. Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly ensure that xattr information remained in inode bodies. An...
USN-3821-2: Linux kernel (Xenial HWE) vulnerabilities
USN-3821-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not...
USN-3821-1 linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities
Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly ensure that xattr information remained in inode bodies. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service system crash. CVE-2018-10880 It...
USN-3821-1: Linux kernel vulnerabilities
Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly ensure that xattr information remained in inode bodies. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service system crash. CVE-2018-10880 It...