Design/Logic Flaw

In FreeBSD 12.0-STABLE before r349628, 12.0-RELEASE before 12.0-RELEASE-p7, 11.3-PRERELEASE before r349629, 11.3-RC3 before 11.3-RC3-p1, and 11.2-RELEASE before 11.2-RELEASE-p11, a bug in the cdrom driver allows users with read access to the cdrom device to arbitrarily overwrite kernel memory whe...

CVE-2019-5602

In FreeBSD 12.0-STABLE before r349628, 12.0-RELEASE before 12.0-RELEASE-p7, 11.3-PRERELEASE before r349629, 11.3-RC3 before 11.3-RC3-p1, and 11.2-RELEASE before 11.2-RELEASE-p11, a bug in the cdrom driver allows users with read access to the cdrom device to arbitrarily overwrite kernel memory whe...

CVE-2019-5602

Summary (CVE-2019-5602): A privilege-escalation flaw in the FreeBSD cd(4) driver affects multiple releases (11.2-RELEASE prior to 11.2-RELEASE-p11, 11.3-RC3 prior to 11.3-RC3-p1, 12.0-STABLE before r349628, 12.0-RELEASE before 12.0-RELEASE-p7, and related 11.x/12.x lines). A bug in the ioctl path...

FreeBSD -- Privilege escalation in cd(4) driver

Problem Description: To implement one particular ioctl, the Linux emulation code used a special interface present in the cd4 driver which allows it to copy subchannel information directly to a kernel address. This interface was erroneously made accessible to userland, allowing users with read...

CVE-2019-13049

An integer wrap in kernel/sys/syscall.c in ToaruOS 1.10.10 allows users to map arbitrary kernel pages into userland process space via TOARUSYSFUNCMMAP, leading to escalation of privileges...

Debian DLA-1823-1 : linux security update (SACK Panic) (SACK Slowness)

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2019-3846, CVE-2019-10126 huangwen reported multiple buffer overflows in the Marvell wifi mwifiex driver, which a local user could use to cause...

CVE-2019-5017

An exploitable information disclosure vulnerability exists in the KCodes NetUSB.ko kernel module that enables the ReadySHARE Printer functionality of at least two NETGEAR Nighthawk Routers and potentially several other vendors/products. An unauthenticated, remote attacker can craft and send a...

Important kernel security update: Virtuozzo ReadyKernel patch 80.0 for Virtuozzo 7.0.7 to 7.0.8

The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to the kernels 3.10.0-693.17.1.vz7.43.10 Virtuozzo 7.0.7, 3.10.0-693.21.1.vz7.46.7 Virtuozzo 7.0.7 HF2, 3.10.0-693.21.1.vz7.48.2 Virtuozzo 7.0.7 HF3, 3.10.0-862.9.1.vz7.63.3 Virtuozzo 7.0.8...

Safari Webkit Proxy Object Type Confusion

This module exploits a type confusion bug in the Javascript Proxy object in WebKit. The DFG JIT does not take into account that, through the use of a Proxy, it is possible to run arbitrary JS code during the execution of a CreateThis operation. This makes it possible to change the structure of e....

Virtuozzo 7 : readykernel-patch (VZA-2019-044)

According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerability : - It was discovered that a certain sequence of operations related to IPv4 routing could trigger a kernel memory leak. An...

Virtuozzo 7 : readykernel-patch (VZA-2019-043)

According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerability : - It was discovered that a certain sequence of operations related to IPv4 routing could trigger a kernel memory leak. An...

PaX read_kmem Denial of Service Vulnerability

pax is a patch for Linux that is designed to improve system security by preventing the exploitation of memory corruption vulnerabilities. A security vulnerability exists in the grsecurity PaX patch in PaX. An attacker can exploit the vulnerability to cause a system crash memory leak...

CVE-2019-12379

An issue was discovered in coninsertunipair in drivers/tty/vt/consolemap.c in the Linux kernel through 5.1.5. There is a memory leak in a certain case of an ENOMEM outcome of kmalloc. NOTE: This id is disputed as not being an issue...

macOS 10.14.x < 10.14.5 Multiple Vulnerabilities

The remote host is running a version of macOS / Mac OS X that is 10.14.x prior to 10.14.5. It is, therefore, affected by multiple vulnerabilities : - An application may be able to read restricted memory CVE-2019-8603, CVE-2019-8560 - An application may be able to execute arbitrary code with syste...

macOS and Mac OS X Multiple Vulnerabilities (Security Update 2019-003)

The remote host is running Mac OS X 10.12.6 or Mac OS X 10.13.6 and is missing a security update. It is, therefore, affected by multiple vulnerabilities : - An application may be able to read restricted memory CVE-2019-8603, CVE-2019-8560 - An application may be able to execute arbitrary code wit...

kernel: Out-of-bounds write via userland offsets in ebt_entry struct in netfilter/ebtables.c

A flaw was found in the Linux kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory...

kernel: Use-after-free due to race condition in AF_PACKET implementation

A use-after-free flaw can occur in the Linux kernel due to a race condition between packetdobind and packetnotifier functions called for an AFPACKET socket. An unprivileged, local user could use this flaw to induce kernel memory corruption on the system, leading to an unresponsive system or to a...

SUSE-SU-2019:1241-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. Four new speculative execution information leak issues have been identified in Intel CPUs. bsc1111331 - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling MSBDS - CVE-2018-12127:...

Apple Mac OS X Security Updates (HT210119) - 02

Apple Mac OS X is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1477)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The pnrecvmsg function in net/phonet/datagram.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring...