Ubuntu 16.04 LTS : Linux kernel (HWE) vulnerabilities (USN-3981-2)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3981-2 advisory. USN-3981-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enableme...

USN-3981-1: Linux kernel vulnerabilities

Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered...

CVE-2019-3874

The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches are believed to be vulnerable...

CVE-2019-3874

The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches are believed to be vulnerable...

CVE-2019-3874

CVE-2019-3874 concerns the SCTP socket buffer not being accounted by the cgroups subsystem, enabling a denial-of-service against affected systems. The vulnerability is described in Unity Linux advisories referencing kernel SCTP handling and states that “Kernel 3.10.x and 4.18.x branches are belie...

CVE-2019-3874

The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches are believed to be vulnerable...

CVE-2019-3874

The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches are believed to be vulnerable...

UBUNTU-CVE-2019-3874

The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches are believed to be vulnerable...

CVE-2019-3874

The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Mitigation SELinux prevents a bind of the SCTP socket by a non-root user. To mitigate this issue if not using SELinux, or if a...

RSAC 2019: Container Escape Hack Targets Vulnerable Linux Kernel

Researchers at CyberArk have created a proof-of-concept attack that allows adversaries to bypass container security, escape the container and compromise an entire host system. However, the attack scenario is limited, in that a successful attack depends on unpatched vulnerabilities to be present i...

Important: Red Hat Security Advisory: systemd security update

An update for systemd is now available for Red Hat Enterprise Linux 7.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Important: Red Hat Security Advisory: systemd security update

An update for systemd is now available for Red Hat Enterprise Linux 7.5 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

CentOS 7 : systemd (CESA-2019:0049)

An update for systemd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

Kernel update: Virtuozzo ReadyKernel patch 46.0 for Virtuozzo 7.0.5, 7.0.6, and 7.0.6 HF3

The cumulative Virtuozzo ReadyKernel patch was updated with a stability fix. The patch applies to Virtuozzo kernels 3.10.0-514.26.1.vz7.33.22 7.0.5, 3.10.0-693.1.1.vz7.37.30 7.0.6, and 3.10.0-693.11.6.vz7.40.4 7.0.6 HF3. Vulnerability id: PSBM-82021 Potential kernel hang lockup during destruction...

Kernel update: Virtuozzo ReadyKernel patch 44.0 for Virtuozzo 7.0.6 and 7.0.6 HF3

The cumulative Virtuozzo ReadyKernel patch was updated with stability fixes. The patch applies to Virtuozzo kernels 3.10.0-693.1.1.vz7.37.30 Virtuozzo 7.0.6 and 3.10.0-693.11.6.vz7.40.4 Virtuozzo 7.0.6 HF3. Vulnerability id: PSBM-80340 Hard lockups happened when the kernel was processing SAK Secu...

[SECURITY] Fedora 27 Update: systemd-234-9.fc27

systemd is a system and service manager that runs as PID 1 and starts the rest of the system. It provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups,...

kernel security and bug fix update

3.10.0-693.5.2.0.1.el7.OL7 - ipc ipc/sem.c: bugfix for semctl,,GETZCNT Manfred Spraul orabug 22552377 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676...

kernel security and bug fix update

3.10.0-693.5.2.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-693.5.2 - mm pagecgroup: Fix Kernel bug during boot with memory cgroups enabled...

[SECURITY] Fedora 25 Update: systemd-231-17.fc25

systemd is a system and service manager for Linux, compatible with SysV and LSB init scripts. systemd provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux cgroups,...

[SECURITY] Fedora 24 Update: systemd-229-20.fc24

systemd is a system and service manager for Linux, compatible with SysV and LSB init scripts. systemd provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux cgroups,...