35 matches found
K83102920: Linux kernel vulnerability CVE-2018-18397
Security Advisory Description The userfaultfd implementation in the Linux kernel before 4.19.7 mishandles access control for certain UFFDIO ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file if the user has read-only access to that file, and that file...
Mageia: Security Advisory (MGASA-2019-0171)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2019-0098)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
F5 Networks BIG-IP : Linux kernel vulnerability (K83102920)
The version of F5 Networks BIG-IP installed on the remote host is prior to 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K83102920 advisory. The userfaultfd implementation in the Linux kernel before 4.19.7 mishandles access control for certain UFFDIO ioctl calls, as...
SUSE: Security Advisory (SUSE-SU-2019:0224-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:0196-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2018-18397
A flaw was found in the Linux kernel with files on tmpfs and hugetlbfs. An attacker is able to bypass file permissions on filesystems mounted with tmpfs/hugetlbs to modify a file and possibly disrupt normal system behavior. At this time there is an understanding there is no crash or privilege...
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1076)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Important: Red Hat Security Advisory: kernel-alt security and bug fix update
An update for kernel-alt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...
USN-3901-2: Linux kernel (HWE) vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Description USN-3901-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.04 LTS for Ubuntu 16.0...
Ubuntu: Security Advisory (USN-3903-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-3903-2: Linux kernel (HWE) vulnerabilities
USN-3903-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.10 for Ubuntu 18.04 LTS. Jason Wang discovered that the vhost net driver in the Linux kernel contained an out of bounds...
Ubuntu: Security Advisory (USN-3901-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS / 16.04 LTS : Linux kernel (HWE) vulnerabilities (USN-3901-2)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3901-2 advisory. USN-3901-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux...
USN-3901-2: Linux kernel (HWE) vulnerabilities
USN-3901-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. Jann Horn discovered that the userfaultd implementation in the Linux kernel did not...
RHEL 7 : kernel (RHSA-2019:0324)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:0324 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: userfaultfd bypasses tmpfs file...
Kernel security update: Virtuozzo ReadyKernel patch 71.0 for Virtuozzo 7.0.6 to 7.0.8 HF1 and Virtuozzo Infrastructure Platform 2.5
The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to Virtuozzo kernels 3.10.0-693.1.1.vz7.37.30 Virtuozzo 7.0.6 to 3.10.0-862.11.6.vz7.64.7 Virtuozzo 7.0.8 HF1 and 3.10.0-862.20.2.vz7.73.24 Virtuozzo Infrastructure Platform 2.5...
SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:0224-1)
The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. This update brings following features : Support for Enhanced-IBRS on new Intel CPUs fate326564 The following security bugs were fixed: CVE-2018-9568: In skclonelock of sock.c, there is a possible memory...
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4528)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4528 advisory. - userfaultfd: check VMMAYWRITE was set after verifying the uffd is registered Andrea Arcangeli Orabug: 29163750 CVE-2018-18397 - userfaultfd:...
CentOS 7 : kernel (CESA-2019:0163)
An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...