CVE-2023-54170

In the Linux kernel, the following vulnerability has been resolved: keys: Fix linking a duplicate key to a keyring's assocarray When making a DNS query inside the kernel using dnsquery, the request code can in rare cases end up creating a duplicate index key in the assocarray of the destination...

NULL Pointer Dereference

Linux kernel is vulnerable to NULL pointer dereference attacks. This is due to mishandling of node-splitting in assocarray implementation in assocarrayinsertintoterminalnode function in lib/assocarray.c. A local users could cause a denial of service via a crafted application, as demonstrated by t...

OracleVM 3.4 : Unbreakable / etc (OVMSA-2018-0017) (Meltdown)

The remote OracleVM system is missing necessary patches to address critical security updates : - drivers/char/mem.c: deny access in open operation when securelevel is set Ethan Zhao Orabug: 27234850 Orabug: 27234850 - hugetlb: fix nrpmds accounting with shared page tables Kirill A. Shutemov Orabu...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2018-4025)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-4025 advisory. - dccp: CVE-2017-8824: use-after-free in DCCP code Mohamed Ghannam Orabug: 27290300 CVE-2017-8824 - ALSA: pcm: prevent UAF in sndpcminfo Robb Glass...

Unbreakable Enterprise kernel security update

4.1.12-112.14.14 - drivers/char/mem.c: deny access in open operation when securelevel is set Ethan Zhao Orabug: 27234850 Orabug: 27234850 - hugetlb: fix nrpmds accounting with shared page tables Kirill A. Shutemov Orabug: 26988581 - x86/IBRS: Drop unnecessary WRITEONCE Boris Ostrovsky Orabug:...

kernel: Null pointer dereference due to incorrect node-splitting in assoc_array implementation

A flaw was found in the Linux kernel's implementation of associative arrays introduced in 3.13. This functionality was backported to the 3.10 kernels in Red Hat Enterprise Linux 7. The flaw involved a null pointer dereference in assocarrayapplyedit due to incorrect node-splitting in assocarray...

openSUSE Security Update : the Linux Kernel (openSUSE-2017-1391) (Dirty COW)

The openSUSE Leap 42.3 kernel was updated to 4.4.103 to receive various security and bugfixes. The following security bugs were fixed : - CVE-2017-1000405: A bug in the THP CoW support could be used by local attackers to corrupt memory of other processes and cause them to crash bnc1069496. -...

Oracle Linux 7 : kernel (ELSA-2014-1971)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-1971 advisory. - alsa control: Make sure that id-index does not overflow Jaroslav Kysela 1117313 1117314 CVE-2014-4656 - alsa control: Handle numid overflow Jaroslav...

DEBIAN-CVE-2014-3631

The assocarraygc function in the associative-array implementation in lib/assocarray.c in the Linux kernel before 3.16.3 does not properly implement garbage collection, which allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified othe...