Denial Of Service (DoS)

The kernel is vulnerable to Denial Of Service DoS. The attack is possible because a NULL pointer dereference flaw in ftraceregexlseek in the Linux kernel's ftrace implementation could allow a local, unprivileged user to cause a denial of service. Note: The debugfs file system must be mounted...

CVE-2018-20509

The printbinderrefolocked function in drivers/android/binder.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading " ref desc node" lines in a debugfs file...

CVE-2018-20510

The printbindertransactionilocked function in drivers/android/binder.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading "from code flags" lines in a debugfs file...

CVE-2018-7754

A flaw was found in the Linux kernel in that the aoediskdebugfsshow function in drivers/block/aoe/aoeblk.c allows local users to obtain some kernel address information by reading a debugfs file. This address is not useful to commit a further attack...

CVE-2019-20625

An issue was discovered on Samsung mobile devices with N7.1 and O8.x Exynos chipsets software. The ion debugfs driver allows information disclosure. The Samsung ID is SVE-2018-13427 February 2019...

CVE-2019-20625

An issue was discovered on Samsung mobile devices with N7.1 and O8.x Exynos chipsets software. The ion debugfs driver allows information disclosure. The Samsung ID is SVE-2018-13427 February 2019...

CVE-2019-20625

Summary: CVE-2019-20625 affects Samsung mobile devices with N(7.1) and O(8.x) (Exynos chipsets). The issue is due to the ion debugfs driver, which can disclose information. The Samsung internal identifier is SVE-2018-13427 (Feb 2019). What’s affected / root cause: An information disclosure flaw i...

CVE-2019-20625

An issue was discovered on Samsung mobile devices with N7.1 and O8.x Exynos chipsets software. The ion debugfs driver allows information disclosure. The Samsung ID is SVE-2018-13427 February 2019...

The vulnerability of the debugfs_remove function in Linux kernel, related to the use of memory after it is freed, allows an attacker to gain access to confidential data and also trigger a service failure.

The vulnerability of the debugfsremove function in Linux operating systems relates to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to gain access to confidential data and also trigger a service failure...

DEBIAN-CVE-2019-19770

In the Linux kernel 4.19.83, there is a use-after-free read in the debugfsremove function in fs/debugfs/inode.c which is used to remove a file or directory in debugfs that was previously created with a call to another debugfs function such as debugfscreatefile. NOTE: Linux kernel developers dispu...

CVE-2019-19770

In the Linux kernel 4.19.83, there is a use-after-free read in the debugfsremove function in fs/debugfs/inode.c which is used to remove a file or directory in debugfs that was previously created with a call to another debugfs function such as debugfscreatefile. NOTE: Linux kernel developers dispu...

CVE-2019-19770

In the Linux kernel 4.19.83, there is a use-after-free read in the debugfsremove function in fs/debugfs/inode.c which is used to remove a file or directory in debugfs that was previously created with a call to another debugfs function such as debugfscreatefile. NOTE: Linux kernel developers dispu...

UBUNTU-CVE-2019-19770

In the Linux kernel 4.19.83, there is a use-after-free read in the debugfsremove function in fs/debugfs/inode.c which is used to remove a file or directory in debugfs that was previously created with a call to another debugfs function such as debugfscreatefile. NOTE: Linux kernel developers dispu...

CVE-2019-19770

In the Linux kernel 4.19.83, there is a use-after-free read in the debugfsremove function in fs/debugfs/inode.c which is used to remove a file or directory in debugfs that was previously created with a call to another debugfs function such as debugfscreatefile. NOTE: Linux kernel developers dispu...

CVE-2019-19770

CVE-2019-19770 affects the Linux kernel 4.19.83 and is described as a use-after-free (read) in the debugfs_remove function (fs/debugfs/inode.c), which handles removal of files/dirs created via debugfs. Note: kernel developers dispute this as a debugfs issue, characterizing it as misuse of debugfs...

CVE-2019-19770

In the Linux kernel 4.19.83, there is a use-after-free read in the debugfsremove function in fs/debugfs/inode.c which is used to remove a file or directory in debugfs that was previously created with a call to another debugfs function such as debugfscreatefile. NOTE: Linux kernel developers dispu...

DEBIAN-CVE-2019-9444

In the Android kernel in sync debug fs driver there is a kernel pointer leak due to the usage of printf with %p. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation...

kernel security update

kernel - 2.6.18-419.0.0.0.14 - x86/speculation/mds: Conditionally clear CPU buffers on idle entry Thomas Gleixner orabug 29821515 CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091 - x86/speculation/mds: Call VERW on NMI path when returning to user Patrick Colp orabug 29821515...

OracleVM 3.4 : Unbreakable / etc (OVMSA-2019-0018) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)

The remote OracleVM system is missing necessary patches to address critical security updates : - x86/mds: Add empty commit for CVE-2019-11091 Konrad Rzeszutek Wilk Orabug: 29721935 CVE-2019-11091 - x86/microcode: Add loader version file in debugfs Boris Ostrovsky Orabug: 29754165 - x86/microcode:...

Debian DLA-1771-1 : linux-4.9 security update

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2018-14625 A use-after-free bug was found in the vhost driver for the Virtual Socket protocol. If this driver is used to communicate with a malicio...