SUSE SLES12 Security Update : kernel (SUSE-SU-2020:1603-1)

The SUSE Linux Enterprise 12 SP4 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2020-0543: Fixed a side channel attack against special registers which could have resulted in leaking of read values to cores other than the one which...

Security update for the Linux Kernel (important)

openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2020:0801-1 Rating: important References: 1051510 1058115 1065729 1071995 1082555 1083647 1089895 1090036 1103990 1103991 1103992 1104745 1109837 1111666 1112178 1112374 1113956 1114279 1124278 1127354...

CVE-2020-10732

A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data...

CVE-2020-10732

A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data...

CVE-2020-10732

A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data...

UBUNTU-CVE-2020-10732

A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data...

CVE-2020-10732

A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data...

Kernel: s390: page table upgrade in secondary address mode may lead to privilege escalation

A flaw was found in the Linux kernel on s390 architecture. The issue occurs on multiprocessing systems when one s390 CPU is in Secondary Address Mode and another CPU does a kernel page table upgrade. An inter-processor interrupt IPI is then sent to each active CPU to update the control registers...

Linux kernel information disclosure vulnerability (CNVD-2020-41792)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel. An attacker could exploit this vulnerability to cause a program to crash and gain access to sensitive kernel data...

CVE-2018-7273

In the Linux kernel, through 4.15.4, the floppy driver reveals the addresses of kernel functions and global variables using printk calls within the function showfloppy in drivers/block/floppy.c. An attacker can read this information from dmesg and use the addresses to find the locations of kernel...

CVE-2019-15875

In FreeBSD 12.1-STABLE before r354734, 12.1-RELEASE before 12.1-RELEASE-p2, 12.0-RELEASE before 12.0-RELEASE-p13, 11.3-STABLE before r354735, and 11.3-RELEASE before 11.3-RELEASE-p6, due to incorrect initialization of a stack data structure, core dump files may contain up to 20 bytes of kernel da...

Code injection

In FreeBSD 12.1-STABLE before r354734, 12.1-RELEASE before 12.1-RELEASE-p2, 12.0-RELEASE before 12.0-RELEASE-p13, 11.3-STABLE before r354735, and 11.3-RELEASE before 11.3-RELEASE-p6, due to incorrect initialization of a stack data structure, core dump files may contain up to 20 bytes of kernel da...

CVE-2019-15875

Removed by vendor...

FreeBSD-SA-20:03.thrmisc

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-20:03.thrmisc Security Advisory The FreeBSD Project Topic: kernel stack data disclosure Category: core Module: kernel Announced: 2020-01-28 Credits: Ilja Van...

PT-2020-1361 · Intel +7 · Intel Processors +7

Name of the Vulnerable Software and Affected Versions: IntelR Processors affected versions not specified Description: The issue is related to cleanup errors in some data cache evictions for some IntelR Processors, which may allow an authenticated user to potentially enable information disclosure...

CVE-2017-7558

A kernel data leak due to an out-of-bound read was found in the Linux kernel in inetdiagmsgsctp,laddrfill and sctpgetsctpinfo functions present since version 4.7-rc1 through version 4.13. A data leak happens when these functions fill in sockaddr data structures used to export socket's diagnostic...

SWAPGS Attack — New Speculative Execution Flaw Affects All Modern Intel CPUs

A new variant of the Spectre Variant 1 side-channel vulnerability has been discovered that affects all modern Intel CPUs, and probably some AMD processors as well, which leverage speculative execution for high performance, Microsoft and Red Hat warned. Identified as CVE-2019-1125, the vulnerabili...

CVE-2019-0628

An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'...

CVE-2019-5595

In FreeBSD before 11.2-STABLEr343782, 11.2-RELEASE-p9, 12.0-STABLEr343781, and 12.0-RELEASE-p3, kernel callee-save registers are not properly sanitized before return from system calls, potentially allowing some kernel data used in the system call to be exposed...

FreeBSD Input Validation Vulnerability

FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. A security vulnerability exists in FreeBSD. An attacker could exploit this vulnerability to disclose kernel data used in system calls...