Amazon Linux: Security Advisory (ALAS-2016-718)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

kernel: compat IPT_SO_SET_REPLACE setsockopt

A flaw was discovered in processing setsockopt for 32 bit processes on 64 bit systems. This flaw will allow attackers to alter arbitrary kernel memory when unloading a kernel module. This action is usually restricted to root-privileged users but can also be leveraged if the kernel is compiled wit...

Linux Memory Extractor: LiME

Linux Memory Extractor LiME formerly DMD is A Loadable Kernel Module LKM which allows for volatile memory acquisition from Linux and Linux-based devices, such as Android. This makes LiME unique as it is the first tool that allows for full memory captures on Android devices. It also minimizes its...

kernel: infiniband: Unprivileged process can overwrite kernel memory using rdma_ucm.ko

A flaw was found in the way certain interfaces of the Linux kernel's Infiniband subsystem used write as bi-directional ioctl replacement, which could lead to insufficient memory security checks when being invoked using the splice system call. A local unprivileged user on a system with either...

Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20160712)

Security Fix : - A flaw was found in the way certain interfaces of the Linux kernel's Infiniband subsystem used write as bi-directional ioctl replacement, which could lead to insufficient memory security checks when being invoked using the the splice system call. A local unprivileged user on a...

Fedora 22 : xen (2016-4edd58a3b5)

cleaner way to set kernel module load list Unrestricted qemu logging XSA-180, CVE-2014-3672 1339125 Qemu: scsi: esp: OOB write while writing to 's-cmdbuf' in espregwrite CVE-2016-4439 1337502 Qemu: scsi: esp: OOB write while writing to 's-cmdbuf' in getcmd CVE-2016-4441 1337505 Qemu: scsi: megasa...

Fedora 23 : xen (2016-8d3fe9914b)

cleaner way to set kernel module load list Unrestricted qemu logging XSA-180, CVE-2014-3672 1339125 Qemu: scsi: esp: OOB write while writing to 's-cmdbuf' in espregwrite CVE-2016-4439 1337502 Qemu: scsi: esp: OOB write while writing to 's-cmdbuf' in getcmd CVE-2016-4441 1337505 Qemu: scsi: megasa...

Fedora 23 : xen (2016-19c82866bb)

in systemd only try to load kernel modules that are in Fedora 1291089 x86 software guest page walk PS bit handling flaw XSA-176, CVE-2016-4480 1332657 ---- create link to /usr/bin/qemu-system-i386 from /usr/lib/xen/bin for back compatibility and for virt-manager, cleaner fix for XSA-179 on...

Vulnerabilities of the Debian GNU/Linux operating system that allow a remote attacker to compromise the accessibility of protected information

The Linux-modules-2.6.18-6-xen-vserver-amd64 package of the Debian GNU/Linux operating system has multiple vulnerabilities. Exploitation of these vulnerabilities may result in a violation of the accessibility of protected information. These vulnerabilities can be exploited remotely...

Vulnerabilities of the Debian GNU/Linux operating system that allow a remote attacker to compromise the accessibility of protected information

The Linux-modules-2.6.26-2-xen-686 package from the Debian GNU/Linux operating system has multiple vulnerabilities. Exploitation of these vulnerabilities may result in a violation of the accessibility of protected information. These vulnerabilities can be exploited remotely...

Vulnerabilities in the Debian GNU/Linux operating system that allow a malicious individual to compromise the confidentiality, integrity, and accessibility of protected information

The Linux-modules-2.6.18-5-xen-vserver-686 package of the Debian GNU/Linux operating system has multiple vulnerabilities. Its operation may lead to breaches of confidentiality, integrity, and accessibility of protected information...

CVE-2016-2059

The CVE-2016-2059 issue affects the Linux kernel IPC router module (msm_ipc_router_bind_control_port) in the IPC router core for kernel 3.x used in Qualcomm QuIC Android MSM devices. The vulnerability arises because the function does not verify that a port is a client port, enabling a local attac...

[SECURITY] Fedora 23 Update: fuse-encfs-1.8.1-1.fc23

EncFS implements an encrypted filesystem in userspace using FUSE. FUSE provides a Linux kernel module which allows virtual filesystems to be writt en in userspace. EncFS encrypts all data and filenames in the filesystem and passes access through to the underlying filesystem. Similar to CFS except...

Analyzing Linux Malware Sandbox: Limon

Limon is a sandbox developed as a research project written in python, which automatically collects, analyzes, and reports on the run time indicators of Linux malware. It allows one to inspect the Linux malware before execution, during execution, and after execution post-mortem analysis by...

Multiple F5 products last hop kernel module memory leak vulnerability

F5 BIG-IP LTM, etc. are products of F5 USA.LTM is a local traffic manager; APM is a set of solutions that provide secure and unified access to business-critical applications and networks. A memory leak vulnerability exists in the last hop kernel module of several F5 products. A remote attacker...

kernel: crypto api unprivileged arbitrary module load via request_module()

A flaw was found in the way the Linux kernel's Crypto subsystem handled automatic loading of kernel modules. A local user could use this flaw to load any installed kernel module, and thus increase the attack surface of the running kernel...

Important: Red Hat Security Advisory: kernel-rt security, bug fix, and enhancement update

Updated kernel-rt packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, whic...

CVE-2015-7394

The datastor kernel module in F5 BIG-IP Analytics, APM, ASM, Link Controller, and LTM 11.1.0 before 12.0.0, BIG-IP AAM 11.4.0 before 12.0.0, BIG-IP AFM, PEM 11.3.0 before 12.0.0, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.1.0 through 11.3.0, BIG-IP GTM 11.1.0 through 11.6.0, BIG-IP PSM 11.1....

Code injection

The datastor kernel module in F5 BIG-IP Analytics, APM, ASM, Link Controller, and LTM 11.1.0 before 12.0.0, BIG-IP AAM 11.4.0 before 12.0.0, BIG-IP AFM, PEM 11.3.0 before 12.0.0, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.1.0 through 11.3.0, BIG-IP GTM 11.1.0 through 11.6.0, BIG-IP PSM 11.1....

CVE-2015-7394

The datastor kernel module in F5 BIG-IP Analytics, APM, ASM, Link Controller, and LTM 11.1.0 before 12.0.0, BIG-IP AAM 11.4.0 before 12.0.0, BIG-IP AFM, PEM 11.3.0 before 12.0.0, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.1.0 through 11.3.0, BIG-IP GTM 11.1.0 through 11.6.0, BIG-IP PSM 11.1....