The vulnerability of the dev_get_valid_name function in the TUN subsystem of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the devgetvalidname function in the TUN subsystem of the Linux operating system is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4710)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4710 advisory. - fork: record starttime late David Herrmann Orabug: 29850581 CVE-2019-6133 - x86/retpoline/ia32entry: Convert to non-speculative calls Ankur Arora...

Unbreakable Enterprise kernel security update

kernel-uek 3.8.13-118.36.1 - tun: call devgetvalidname before registernetdevice Cong Wang Orabug: 29925557 CVE-2018-7191...

DEBIAN-CVE-2018-7191

In the tun subsystem in the Linux kernel before 4.13.14, devgetvalidname is not called before registernetdevice. This allows local users to cause a denial of service NULL pointer dereference and panic via an ioctlTUNSETIFF call with a dev name containing a / character. This is similar to...