5 matches found
Amazon Linux 2 : kernel (ALASKERNEL-5.4-2022-011)
The version of kernel installed on the remote host is prior to 5.4.38-17.76. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2022-011 advisory. In the Linux kernel 5.3.10, there is a use-after-free read in the perftracelockacquire function related to...
Updated kernel-linus packages fix security vulnerabilities
This update is based on upstream 5.5.15 and fixes at least the following security vulnerabilities: In the Linux kernel 5.4.0-rc2, there is a use-after-free read in the blkaddtrace function in kernel/trace/blktrace.c which is used to fill out a blkiotrace structure and place it in a per-cpu...
Updated kernel packages fix security vulnerabilities
This update is based on upstream 5.5.9 and fixes at least the following security vulnerabilities: In the Linux kernel 5.4.0-rc2, there is a use-after-free read in the blkaddtrace function in kernel/trace/blktrace.c which is used to fill out a blkiotrace structure and place it in a per-cpu...
CVE-2020-9391
An issue was discovered in the Linux kernel 5.4 and 5.5 through 5.5.6 on the AArch64 architecture. It ignores the top byte in the address passed to the brk system call, potentially moving the memory break downwards when the application expects it to move upwards, aka CID-dcde237319e6. This has be...
CVE-2020-9391
CVE-2020-9391 affects the Linux kernel on AArch64 (versions 5.4 to 5.5.6). The top byte of the address passed to brk is ignored, potentially moving the program break downward instead of upward, which can cause heap corruption in glibc malloc. Public sources in the connected documents consistently...