SUSE: Security Advisory (SUSE-SU-2018:1538-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RancherOS < 1.4.0 Information Disclosure

The remote host is running a version of RancherOS prior to 1.4.0, hence is exposted to a side-channel vulnerabilities: - Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a...

Microsoft Windows - POP/MOV SS Local Privilege Elevation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/post/common' require 'msf/core/post/file' require 'msf/core/post/windows/priv' require 'msf/core/post/windows/registry' require 'msf/core/exploit/exe'...

SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1539-1)

This update for the Linux Kernel 3.12.61-52125 fixes several issues. The following security issues were fixed : - CVE-2018-8897: A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual SDM was mishandled in the development of some or all...

SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1526-1)

This update for the Linux Kernel 3.12.61-52122 fixes several issues. The following security issues were fixed : - CVE-2017-13166: An elevation of privilege vulnerability in the kernel v4l2 video driver was fixed. bsc1085447. - CVE-2018-8897: A statement in the System Programming Guide of the Inte...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2018-4098)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2018-4098 advisory. kernel-uek 3.8.13-118.20.7 - x86/entry/64: Dont use IST entry for BP stack Andy Lutomirski CVE-2018-8897 Tenable has extracted the preceding description blo...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2018-4096)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-4096 advisory. - x86/kernel/traps.c: fix tracedienotifier return value Kris Van Hees CVE-2018-8897 - x86/entry/64: Dont use IST entry for BP stack Andy Lutomirski...

Privilege escalation

A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual SDM was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for DB exceptions that are deferred by MOV SS or POP SS, as demonstrated ...