Amazon Linux 2 : kernel (ALAS-2018-1133)

A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation removal. The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one.CVE-2018-16862 An issue wa...

Linux Kernel 4.4 rtnetlink Stack Memory Disclosure

/ Briefs - CVE-2016-4486 has discovered and reported by Kangjie Lu. - This is local exploit against the CVE-2016-4486. Tested version - Distro : Ubuntu 16.04 - Kernel version : 4.4.0-21-generic - Arch : x8664 Prerequisites - None Goal - Leak kernel stack base address of current process by...

Medium: kernel

Issue Overview: A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation removal. The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new...

Kernel memory corruption vulnerability in multiple Apple products (CNVD-2018-24791)

Apple iOS is an operating system developed for mobile devices; macOS Sierra, macOS High Sierra, and macOS Mojave are different versions of specialized operating systems developed for Mac computers; tvOS is a smart TV tvOS is a smart TV operating system. A security vulnerability exists in the Kern...

Apple iOS, tvOS and macOS Mojave Kernel Type Obfuscation Vulnerability

Apple iOS, tvOS, and macOS Mojave are products of Apple Inc. Apple iOS is an operating system for mobile devices; tvOS is an operating system for smart TVs; and macOS Mojave is a specialized operating system for Mac computers. kernel is a component of the Kernel is one of the kernel components. A...

About the security content of watchOS 5.1.2

About the security content of watchOS 5.1.2 This document describes the security content of watchOS 5.1.2. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are...

Apple Mac OS X Security Updates (HT209341)-03

Apple Mac OS X is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2018-4288)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-4288 advisory. - scsi: sg: allocate with GFPZERO in sgbuildindirect Alexander Potapenko Orabug: 28892656 CVE-2018-1000204 Tenable has extracted the preceding...

CVE-2017-18316

Secure application can access QSEE kernel memory through Ontario kernel driver in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660,...

Design/Logic Flaw

Secure application can access QSEE kernel memory through Ontario kernel driver in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660,...

CVE-2017-18316

Secure application can access QSEE kernel memory through Ontario kernel driver in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660,...

CVE-2017-18316

CVE-2017-18316 affects Qualcomm Snapdragon platforms (Automobile, Mobile, Wear) and is triggered via the Ontario kernel driver that can allow a secure application to access QSEE kernel memory. Affected devices/SoCs include MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430...

SUSE-SU-2018:3934-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP4 kernel for Azure was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-18710: An information leak in cdromioctlselectdisc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a...

EulerOS Virtualization 2.5.2 : kernel (EulerOS-SA-2018-1373)

According to the version of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - An issue was discovered in the Linux kernel through 4.19. An information leak in cdromioctlselectdisc in drivers/cdrom/cdrom.c could...

About the security content of iOS 11.4.1 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...

About the security content of macOS High Sierra 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...

About the security content of watchOS 4.3.2 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...

Ubuntu 16.04 LTS : Linux kernel (HWE) vulnerabilities (USN-3820-2)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3820-2 advisory. USN-3820-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enableme...

Ubuntu 14.04 LTS : Linux kernel (Azure) vulnerabilities (USN-3820-3)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3820-3 advisory. Felix Wilhelm discovered that the Xen netback driver in the Linux kernel did not properly perform input validation in some situations. An attacker could...

USN-3820-1: Linux kernel vulnerabilities

Felix Wilhelm discovered that the Xen netback driver in the Linux kernel did not properly perform input validation in some situations. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2018-15471 It was discovered that the generic SCSI...