22 matches found
OracleVM 3.4 : Unbreakable / etc (OVMSA-2017-0174) (BlueBorne) (Dirty COW) (Stack Clash)
The remote OracleVM system is missing necessary patches to address critical security updates : please see Oracle VM Security Advisory OVMSA-2017-0174 for details. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The package checks in this plugin were extracted from OracleVM Security Advisory...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-103.3.8 - fs/exec.c: account for argv/envp pointers Kees Cook Orabug: 26638900 CVE-2017-1000365 CVE-2017-1000365 4.1.12-103.3.7 - i40e/i40evf: check for stopped admin queue Mitch Williams Orabug: 26654222 4.1.12-103.3.6 - xen: fix bio vec merging Roger Pau Monne Orabug: 26645497...
CVE-2016-1576
The overlayfs implementation in the Linux kernel through 4.5.2 does not properly restrict the mount namespace, which allows local users to gain privileges by mounting an overlayfs filesystem on top of a FUSE filesystem, and then executing a crafted setuid program...
CVE-2016-1576
The overlayfs implementation in the Linux kernel through 4.5.2 does not properly restrict the mount namespace, which allows local users to gain privileges by mounting an overlayfs filesystem on top of a FUSE filesystem, and then executing a crafted setuid program...
CVE-2016-1576
CVE-2016-1576 concerns the Linux kernel overlayfs. The overlayfs implementation up to version 4.5.2 does not properly restrict the mount namespace, enabling a local user to gain privileges by mounting an overlay filesystem on top of a FUSE filesystem and then executing a crafted setuid program. T...
CVE-2016-1576
The overlayfs implementation in the Linux kernel through 4.5.2 does not properly restrict the mount namespace, which allows local users to gain privileges by mounting an overlayfs filesystem on top of a FUSE filesystem, and then executing a crafted setuid program...
Ubuntu 14.04 LTS : Linux kernel (Utopic HWE) regression (USN-2909-2)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-2909-2 advisory. USN-2909-1 fixed vulnerabilities in the Ubuntu 14.10 Linux kernel backported to Ubuntu 14.04 LTS. An incorrect locking fix caused a regression that broke graphics...
Ubuntu: Security Advisory (USN-2910-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-2909-2 linux-lts-utopic regression
USN-2909-1 fixed vulnerabilities in the Ubuntu 14.10 Linux kernel backported to Ubuntu 14.04 LTS. An incorrect locking fix caused a regression that broke graphics displays for Ubuntu 14.04 LTS guests running the Ubuntu 14.10 backport kernel within VMWare virtual machines. This update fixes the...
USN-2910-2: Linux kernel (Vivid HWE) regression
USN-2910-1 fixed vulnerabilities in the Ubuntu 15.04 Linux kernel backported to Ubuntu 14.04 LTS. An incorrect locking fix caused a regression that broke graphics displays for Ubuntu 14.04 LTS guests running the Ubuntu 15.04 backport kernel within VMWare virtual machines. This update fixes the...
USN-2908-5: Linux kernel (Wily HWE) regression
USN-2908-2 fixed vulnerabilities in the Ubuntu 15.10 Linux kernel backported to Ubuntu 14.04 LTS. An incorrect locking fix caused a regression that broke graphics displays for Ubuntu 14.04 LTS guests running the Ubuntu 15.10 backport kernel within VMWare virtual machines. This update fixes the...
USN-2908-4: Linux kernel regression
USN-2908-1 fixed vulnerabilities in the Linux kernel for Ubuntu 15.10. An incorrect locking fix caused a regression that broke graphics displays for Ubuntu 15.10 guests running within VMWare virtual machines. This update fixes the problem. We apologize for the inconvenience. Original advisory...
USN-2910-1 Linux kernel vulnerability | Cloud Foundry
USN-2910-1 Linux kernel vulnerability High Vendor Ubuntu Versions Affected Ubuntu 14.04 Description halfdog discovered that OverlayFS, when mounting on top of a FUSE mount, incorrectly propagated file attributes, including setuid. A local unprivileged attacker could use this to gain privileges...
Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2907-2)
halfdog discovered that OverlayFS, when mounting on top of a FUSE mount, incorrectly propagated file attributes, including setuid. A local unprivileged attacker could use this to gain privileges. CVE-2016-1576 halfdog discovered that OverlayFS in the Linux kernel incorrectly propagated security...
Ubuntu 14.04 LTS : Linux kernel (Utopic HWE) vulnerabilities (USN-2909-1)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2909-1 advisory. halfdog discovered that OverlayFS, when mounting on top of a FUSE mount, incorrectly propagated file attributes, including setuid. A local unprivileged...
Ubuntu: Security Advisory (USN-2910-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-2908-3)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-2909-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-2908-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-2908-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...