USN-3169-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry

Severity Medium Vendor Ubuntu Versions Affected Ubuntu 14.04 LTS Description Dmitry Vyukov discovered that the KVM implementation in the Linux kernel did not properly initialize the Code Segment CS in certain error cases. A local attacker could use this to expose sensitive information kernel...

USN-3179-1: OpenJDK 8 vulnerabilities

Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. A remote attacker could possibly use this flaw to obtain clear text data from long encrypted sessions. This update moves those algorithms to the legacy algorithm set and causes...

[SECURITY] [DLA 791-1] libav security update

Package : libav Version : 6:0.8.20-0+deb7u1 CVE ID : CVE-2016-9819 CVE-2016-9820 CVE-2016-9821 CVE-2016-9822 Multiple integer overflows have been discovered in libav 11.8 and earlier, allowing remote attackers to cause a crash via a crafted MP3 file. For Debian 7 "Wheezy", these problems have bee...

Ubuntu: Security Advisory (USN-3169-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-3169-4)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-3170-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-3170-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS : Linux kernel (Xenial HWE) vulnerabilities (USN-3169-2)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3169-2 advisory. USN-3169-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enableme...

Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-3168-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3168-1 advisory. Dmitry Vyukov discovered that the KVM implementation in the Linux kernel did not properly initialize the Code Segment CS in certain error cases. A local...

Ubuntu 16.04 LTS : Linux kernel (Qualcomm Snapdragon) vulnerabilities (USN-3169-4)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3169-4 advisory. Baozeng Ding discovered a race condition that could lead to a use-after- free in the Advanced Linux Sound Architecture ALSA subsystem of the Linux kernel...

Ubuntu 16.10 : linux vulnerabilities (USN-3170-1)

Dmitry Vyukov discovered that the KVM implementation in the Linux kernel did not properly initialize the Code Segment CS in certain error cases. A local attacker could use this to expose sensitive information kernel memory. CVE-2016-9756 Andrey Konovalov discovered that signed integer overflows...

Ubuntu 16.04 LTS : Linux kernel (Raspberry Pi 2) vulnerabilities (USN-3169-3)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3169-3 advisory. Baozeng Ding discovered a race condition that could lead to a use-after- free in the Advanced Linux Sound Architecture ALSA subsystem of the Linux kernel...

Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-3169-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3169-1 advisory. Dmitry Vyukov discovered that the KVM implementation in the Linux kernel did not properly initialize the Code Segment CS in certain error cases. A local...

Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-3168-2)

USN-3168-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Dmitry Vyukov discovered that the KVM implementation in the Linux kernel did not...

USN-3170-2: Linux kernel (Raspberry Pi 2) vulnerabilities

Andrey Konovalov discovered that the ipv6 icmp implementation in the Linux kernel did not properly check data structures on send. A remote attacker could use this to cause a denial of service system crash. CVE-2016-9919 Andrey Konovalov discovered that signed integer overflows existed in the...

USN-3170-1: Linux kernel vulnerabilities

Dmitry Vyukov discovered that the KVM implementation in the Linux kernel did not properly initialize the Code Segment CS in certain error cases. A local attacker could use this to expose sensitive information kernel memory. CVE-2016-9756 Andrey Konovalov discovered that signed integer overflows...

USN-3169-4: Linux kernel (Qualcomm Snapdragon) vulnerabilities

Baozeng Ding discovered a race condition that could lead to a use-after- free in the Advanced Linux Sound Architecture ALSA subsystem of the Linux kernel. A local attacker could use this to cause a denial of service system crash. CVE-2016-9794 Andrey Konovalov discovered that signed integer...

USN-3169-3: Linux kernel (Raspberry Pi 2) vulnerabilities

Baozeng Ding discovered a race condition that could lead to a use-after- free in the Advanced Linux Sound Architecture ALSA subsystem of the Linux kernel. A local attacker could use this to cause a denial of service system crash. CVE-2016-9794 Andrey Konovalov discovered that signed integer...

CVE-2016-8705

Multiple integer overflows in processbinupdate function in Memcached, which is responsible for processing multiple commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution...

CVE-2016-8705

Multiple integer overflows in processbinupdate function in Memcached, which is responsible for processing multiple commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution...