kernel: soft lockup on aio

It was found that due to excessive fileslock locking, a soft lockup could be triggered in the Linux kernel when performing asynchronous I/O operations. A local, unprivileged user could use this flaw to crash the system...

kernel, perf, python security update

CentOS Errata and Security Advisory CESA-2015:0290 Updated kernel packages that fix multiple security issues, address several hundred bugs, and add numerous enhancements are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 7. This is the first regul...

DEBIAN-CVE-2014-8172

The filesystem implementation in the Linux kernel before 3.13 performs certain operations on lists of files with an inappropriate locking approach, which allows local users to cause a denial of service soft lockup or system crash via unspecified use of Asynchronous I/O AIO operations...

CVE-2014-8172

The filesystem implementation in the Linux kernel before 3.13 performs certain operations on lists of files with an inappropriate locking approach, which allows local users to cause a denial of service soft lockup or system crash via unspecified use of Asynchronous I/O AIO operations...

UBUNTU-CVE-2014-8172

The filesystem implementation in the Linux kernel before 3.13 performs certain operations on lists of files with an inappropriate locking approach, which allows local users to cause a denial of service soft lockup or system crash via unspecified use of Asynchronous I/O AIO operations...

Command Execution Vulnerability in Youyou's Email System of Shenzhen Hechen Communication Technology Co.

Shenzhen Hechen Communication Technology Co., Ltd. Youyou mail system is a modern enterprise to set up a professional e-mail service of a set of overall solutions, the mail system not only provides the conventional e-mail functions, but also extends the e-mail monitoring, e-mail antivirus, e-mail...

kernel: soft lockup on aio

It was found that due to excessive fileslock locking, a soft lockup could be triggered in the Linux kernel when performing asynchronous I/O operations. A local, unprivileged user could use this flaw to crash the system...

WordPress Plugin AJAX Post Search 'the_search_function' SQL Injection Vulnerability

WordPress is a content management system developed using the PHP language. WordPress plugin AJAX Post Search 'thesearchfunction' suffers from a SQL injection vulnerability that allows remote attackers to execute arbitrary SQL commands via the 'thesearchtext' parameter...

[SECURITY] Fedora 20 Update: libserf-1.3.7-1.fc20

The serf library is a C-based HTTP client library built upon the Apache Portable Runtime APR library. It multiplexes connections, running the read/write communication asynchronously. Memory copies and transformations are kept to a minimum to provide high performance operation...

AIX Java Advisory : java_apr2014_advisory.asc

The version of Java SDK installed on the remote host is potentially affected by the following vulnerabilities : - There is an information disclosure flaw in libjpeg and libjpeg-turbo allowing remote attackers access to uninitialized memory via crafted JPEG images. CVE-2013-6629 - A vulnerability ...

Debian DSA-2971-1 : dbus - security update

Several vulnerabilities have been discovered in dbus, an asynchronous inter-process communication system. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2014-3477 Alban Crequy at Collabora Ltd. discovered that dbus-daemon sends an AccessDenied error to...

[SECURITY] [DSA 2971-1] dbus security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2971-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso July 02, 2014 http://www.debian.org/security/faq -...

PT-2015-4025 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.13 Description: The issue is related to the filesystem implementation in the Linux kernel, which uses an inappropriate locking approach when performing certain operations on lists of files. This can be exploit...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 6.2 Extended Update Support. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, whi...

kernel: ext4: AIO vs fallocate stale data exposure

Race condition in fs/ext4/extents.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from a deleted file by reading an extent that was not properly marked as uninitialized...

Fedora Update for nodejs-graceful-fs FEDORA-2013-12908

Check for the Version of nodejs-graceful-fs OpenVAS Vulnerability Test Fedora Update for nodejs-graceful-fs FEDORA-2013-12908 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

PT-2013-4201 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version Description: The issue allows remote attackers to execute arbitrary code via a malformed asynchronous RPC request. An elevation of privilege vulnerability exists in the way that Windows...

August 2013 Microsoft Patch Tuesday Security Updates

Microsoft took less than a month to incorporate an Oracle Outside In patch and fix a critically rated remote code execution bug in Exchange Servers. The Microsoft patch is among three critical bulletins—eight overall—released today as part of its August 2013 Patch Tuesday security updates. Oracle...

Microsoft Windows RPC Elevation Of Privilege (MS13-062; CVE-2013-3175)

An elevation of privilege vulnerability exists in the way that Windows handles asynchronous RPC requests...

Fedora Update for nodejs-vows FEDORA-2013-11780

Check for the Version of nodejs-vows OpenVAS Vulnerability Test Fedora Update for nodejs-vows FEDORA-2013-11780 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it und...