K55347921: Linux kernel vulnerability CVE-2017-7477

Security Advisory Description Heap-based buffer overflow in drivers/net/macsec.c in the MACsec module in the Linux kernel through 4.10.12 allows attackers to cause a denial of service or possibly have unspecified other impact by leveraging the use of a MAXSKBFRAGS+1 size in conjunction with the...

OracleVM 3.4 : Unbreakable / etc (OVMSA-2017-0174) (BlueBorne) (Dirty COW) (Stack Clash)

The remote OracleVM system is missing necessary patches to address critical security updates : please see Oracle VM Security Advisory OVMSA-2017-0174 for details. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The package checks in this plugin were extracted from OracleVM Security Advisory...

Unbreakable Enterprise kernel security update

kernel-uek 4.1.12-103.3.8 - fs/exec.c: account for argv/envp pointers Kees Cook Orabug: 26638900 CVE-2017-1000365 CVE-2017-1000365 4.1.12-103.3.7 - i40e/i40evf: check for stopped admin queue Mitch Williams Orabug: 26654222 4.1.12-103.3.6 - xen: fix bio vec merging Roger Pau Monne Orabug: 26645497...

Oracle Linux 7 : kernel (ELSA-2017-1842-1) (Stack Clash)

The remote Oracle Linux host is missing a security update for the kernel packages. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The package checks in this plugin were extracted from Oracle Linux Security Advisory ELSA-2017-1842-1. if NASLLEVEL 3000 exit0; include'deprecatednasllevel.inc';...

Important kernel security update: CVE-2017-8797 and other; Virtuozzo ReadyKernel patch 25.0 for Virtuozzo 7.0.4 and 7.0.4 HF3

The cumulative Virtuozzo ReadyKernel patch was updated with security fixes. The patch applies to Virtuozzo kernels 3.10.0-514.16.1.vz7.30.10 Virtuozzo 7.0.4 and 3.10.0-514.16.1.vz7.30.15 Virtuozzo 7.0.4 HF3. Vulnerability id: CVE-2017-8797 The NFSv4 server in the Linux kernel compiled with...

OracleVM 3.4 : Unbreakable / etc (OVMSA-2017-0119)

The remote OracleVM system is missing necessary patches to address critical security updates : - macsec: dynamically allocate space for sglist Jason A. Donenfeld Orabug: 26368162 CVE-2017-7477 - macsec: avoid heap overflow in skbtosgvec Jason A. Donenfeld Orabug: 26368162 CVE-2017-7477 - nfsd:...

CentOS 7 released a kernel security update that fixes five vulnerabilities-vulnerability warning-the black bar safety net

CentOS system maintenance engineer Johnny Hughes today released the security Bulletin, the requirements currently are using CentOS 7 series users as soon as possible the deployment of important kernel security updates. According to Red Hat published upsteam security Bulletin, the kernel update...

Unbreakable Enterprise kernel security update

kernel-uek 4.1.12-94.3.8 - macsec: dynamically allocate space for sglist Jason A. Donenfeld Orabug: 26368162 CVE-2017-7477 - macsec: avoid heap overflow in skbtosgvec Jason A. Donenfeld Orabug: 26368162 CVE-2017-7477 - nfsd: check for oversized NFSv2/v3 arguments J. Bruce Fields Orabug: 26366988...

Oracle Linux 7 : kernel (ELSA-2017-1615-1) (Stack Clash)

Description of changes: - 3.10.0-514.26.1.0.1.el7.OL7 - ipc ipc/sem.c: bugfix for semctl,,GETZCNT Manfred Spraul orabug 22552377 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel olkmodsigningkey.x509alexey.petrenko at oracle.com - Update...

RHEL 7 : kernel-rt (RHSA-2017:1616) (Stack Clash)

An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

kernel security and bug fix update

3.10.0-514.26.1.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-514.26.1 - mm enlarge stack guard gap Larry Woodman 1452732 1452733...

kernel security and bug fix update

3.10.0-514.26.1.0.1.el7.OL7 - ipc ipc/sem.c: bugfix for semctl,,GETZCNT Manfred Spraul orabug 22552377 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676...

Ubuntu 17.04 : linux, linux-raspi2 vulnerabilities (USN-3293-1)

Dmitry Vyukov discovered that KVM implementation in the Linux kernel improperly emulated the VMXON instruction. A local attacker in a guest OS could use this to cause a denial of service memory consumption in the host OS. CVE-2017-2596 Dmitry Vyukov discovered that the generic SCSI sg subsystem i...

Fedora 25 : kernel (2017-17d1c05236)

The 4.10.13 stable update contains a number of important fixes across the tree. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...

CVE-2017-7477

Heap-based buffer overflow in drivers/net/macsec.c in the MACsec module in the Linux kernel through 4.10.12 allows attackers to cause a denial of service or possibly have unspecified other impact by leveraging the use of a MAXSKBFRAGS+1 size in conjunction with the NETIFFFRAGLIST feature, leading...

CVE-2017-7477

Heap-based buffer overflow in drivers/net/macsec.c in the MACsec module in the Linux kernel through 4.10.12 allows attackers to cause a denial of service or possibly have unspecified other impact by leveraging the use of a MAXSKBFRAGS+1 size in conjunction with the NETIFFFRAGLIST feature, leading...