The vulnerability of the Mac OS X operating system, which allows a perpetrator to gain access to protected information

The vulnerability of the IOAcceleratorFamily component in the Mac OS X operating system is related to the lack of protection for service data. Exploiting this vulnerability can allow an intruder, acting locally, to gain access to protected information about the kernel’s memory layout using...

The vulnerability of the Mac OS X operating system, which allows a perpetrator to obtain confidential information

The vulnerability of the IOFireWireFamily component in the Mac OS X operating system is related to the lack of protection for service data. Exploiting this vulnerability could allow an attacker, operating locally, to obtain confidential information from the kernel’s memory using undefined vectors...

RedHat Update for kernel RHSA-2017:0386-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

kernel: State machine confusion bug in vfio driver leading to memory corruption

A flaw was discovered in the Linux kernel's implementation of VFIO. An attacker issuing an ioctl can create a situation where memory is corrupted and modify memory outside of the expected area. This may overwrite kernel memory and subvert kernel execution...

kernel: State machine confusion bug in vfio driver leading to memory corruption

A flaw was discovered in the Linux kernel's implementation of VFIO. An attacker issuing an ioctl can create a situation where memory is corrupted and modify memory outside of the expected area. This may overwrite kernel memory and subvert kernel execution...

CVE-2017-6347

The skbs processed by ipcmsgrecv are not guaranteed to be linear e.g. when sending UDP packets over loopback with MSGMORE. Using csumpartial on potentially the whole skb len is dangerous; instead be on the safe side and use skbchecksum. This may lead to an infoleak as the kernel memory may be...

SUSE-SU-2017:0575-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP2 kernel was updated to 4.4.49 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2016-7117: Use-after-free vulnerability in the sysrecvmmsg function in net/socket.c in the Linux kernel allowed remote attackers to execute arbitra...

MGASA-2017-0064 Updated kernel-tmb packages fixes security vulnerabilities

This kernel-tmb update is based on upstream 4.4.50 and fixes at least the following security issues: The cgroup offline implementation in the Linux kernel through 4.8.11 mishandles certain drain operations, which allows local users to cause a denial of service system hang by leveraging access to ...

Lurking in 11 years of Linux kernel to mention the right vulnerability-exposure-vulnerability warning-the black bar safety net

Vulnerability number CVE-2017-6074 Vulnerability overview The Linux kernel recently also exposed a privilege escalation vulnerability that can be traced back to 2005, the vulnerabilities affect the Linux operating system major releases, including Redhat, Debian, OpenSUSE and Ubuntu. Using this...

kernel: use after free in dccp protocol

A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol DCCP implementation freed SKB socket buffer resources for a DCCPPKTREQUEST packet when the IPV6RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the...

DEBIAN-CVE-2016-8636

Integer overflow in the memcheckrange function in drivers/infiniband/sw/rxe/rxemr.c in the Linux kernel before 4.9.10 allows local users to cause a denial of service memory corruption, obtain sensitive information from kernel memory, or possibly have unspecified other impact via a write or read...

[ASA-201702-17] linux: multiple issues

Arch Linux Security Advisory ASA-201702-17 ========================================== Severity: High Date : 2017-02-22 CVE-ID : CVE-2016-10088 CVE-2016-9588 CVE-2017-5986 CVE-2017-6074 Package : linux Type : multiple issues Remote : No Link : https://security.archlinux.org/AVG-178 Summary =======...

Ubuntu: Security Advisory (USN-3208-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2016-7714

An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "IOKit" component. It allows local users to obtain sensitive kernel memory-layout information via unspecified vectors...

CVE-2016-7714

An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "IOKit" component. It allows local users to obtain sensitive kernel memory-layout information via unspecified vectors...

CVE-2016-7657

An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "IOKit" component. It allows attackers to obtain sensitive information from kernel memory via a crafted app...

CVE-2017-2357

An issue was discovered in certain Apple products. macOS before 10.12.3 is affected. The issue involves the "IOAudioFamily" component. It allows attackers to obtain sensitive kernel memory-layout information via a crafted app...

CVE-2016-7607

An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "Kernel" component, which allows attackers to obtain sensitive information from kernel memory via a crafted app...

CVE-2016-7625

An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "IOKit" component. It allows local users to obtain sensitive kernel memory-layout information via unspecified vectors...

CVE-2016-7620

An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "IOSurface" component. It allows local users to obtain sensitive kernel memory-layout information via unspecified vectors...