openSUSE Security Update : the Linux Kernel (openSUSE-2020-543)

The openSUSE Leap 15.1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2020-11669: An issue was discovered on the powerpc platform. arch/powerpc/kernel/idlebook3s.S did not have save/restore functionality for PNVPOWERSAVEAMR,...

SUSE-SU-2020:1085-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP4 RT kernel was updated to 3.12.31 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-8834: KVM on Power8 processors had a conflicting use of HSTATEHOSTR1 to store r1 state in kvmppchventry plus in kvmppcsave,restoretm,...

FreeBSD : FreeBSD -- ipfw invalid mbuf handling (33edcc56-83f2-11ea-92ab-00163e433440)

Incomplete packet data validation may result in accessing out-of-bounds memory CVE-2019-5614 or may access memory after it has been freed CVE-2019-15874. Impact : Access to out of bounds or freed mbuf data can lead to a kernel panic or other unpredictable results. C Tenable Network Security, Inc...

FreeBSD -- ipfw invalid mbuf handling

Problem Description: Incomplete packet data validation may result in accessing out-of-bounds memory CVE-2019-5614 or may access memory after it has been freed CVE-2019-15874. Impact: Access to out of bounds or freed mbuf data can lead to a kernel panic or other unpredictable results...

FreeBSD-SA-20:10.ipfw

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-20:10.ipfw Security Advisory The FreeBSD Project Topic: ipfw invalid mbuf handling Category: core Module: kernel Announced: 2020-04-21 Credits: Maxime Villard...

CVE-2020-10708

race condition in kernel/audit.c may allow low privilege users trigger kernel panic...

Denial Of Service (DoS)

The kernel packages is vulnerable to Denial of Service DoS. It is due to instances of unsafe sprintf use were found in the Linux kernel Bluetooth implementation. Creating a large number of Bluetooth L2CAP, SCO, or RFCOMM sockets could result in arbitrary memory pages being overwritten. A local,...

Use-after-free

The kernel is vulnerable to use-after-free. Due to a flaw found in the tcprcvstateprocess function in the Linux kernel TCP/IP protocol suite implementation, if a system using IPv6 had the IPV6RECVPKTINFO option set on a listening socket, a remote attacker could send an IPv6 packet to that system,...

Denial Of Service (DoS)

The kernel vulnerable to denial of service DoS. The Parallels Virtuozzo Containers team reported the RHSA-2009:1243 update introduced two flaws in the routing implementation. If an attacker was able to cause a large enough number of collisions in the routing hash table via specially-crafted packe...

Denial Of Service (DoS)

The kernel package is vulnerable to denial of service DoS. The possibility of a timeout value overflow was found in the Linux kernel high-resolution timers functionality, hrtimers. This could allow a local, unprivileged user to execute arbitrary code, or cause a denial of service kernel panic...

CVE-2020-8834

KVM in the Linux kernel on Power8 processors has a conflicting use of HSTATEHOSTR1 to store r1 state in kvmppchventry plus in kvmppcsave,restoretm, leading to a stack corruption. Because of this, an attacker with the ability run code in kernel space of a guest VM can cause the host kernel to pani...

DEBIAN-CVE-2020-8834

KVM in the Linux kernel on Power8 processors has a conflicting use of HSTATEHOSTR1 to store r1 state in kvmppchventry plus in kvmppcsave,restoretm, leading to a stack corruption. Because of this, an attacker with the ability run code in kernel space of a guest VM can cause the host kernel to pani...

CVE-2020-8834 Linux kernel KVM Power8 conflicting use of HSTATE_HOST_R1

KVM in the Linux kernel on Power8 processors has a conflicting use of HSTATEHOSTR1 to store r1 state in kvmppchventry plus in kvmppcsave,restoretm, leading to a stack corruption. Because of this, an attacker with the ability run code in kernel space of a guest VM can cause the host kernel to pani...

CVE-2020-8834

KVM in the Linux kernel on Power8 processors has a conflicting use of HSTATEHOSTR1 to store r1 state in kvmppchventry plus in kvmppcsave,restoretm, leading to a stack corruption. Because of this, an attacker with the ability run code in kernel space of a guest VM can cause the host kernel to pani...

CVE-2017-18674

An issue was discovered on Samsung mobile devices with N7.0 software. The time service aka Timaservice allows a kernel panic. The Samsung ID is SVE-2017-8593 May 2017...

CVE-2017-18674

An issue was discovered on Samsung mobile devices with N7.0 software. The time service aka Timaservice allows a kernel panic. The Samsung ID is SVE-2017-8593 May 2017...

Code injection

An issue was discovered on Samsung mobile devices with N7.0 software. The time service aka Timaservice allows a kernel panic. The Samsung ID is SVE-2017-8593 May 2017...

CVE-2017-18674

CVE-2017-18674 affects Samsung mobile devices running Android N (7.0); the Timaservice time service is susceptible to a kernel panic. The issue is associated with Samsung ID SVE-2017-8593, May 2017. CVSS indicates network attack vector with low privileges required and high availability impact. Th...

CVE-2017-18674

An issue was discovered on Samsung mobile devices with N7.0 software. The time service aka Timaservice allows a kernel panic. The Samsung ID is SVE-2017-8593 May 2017...

UBUNTU-CVE-2020-8834

KVM in the Linux kernel on Power8 processors has a conflicting use of HSTATEHOSTR1 to store r1 state in kvmppchventry plus in kvmppcsave,restoretm, leading to a stack corruption. Because of this, an attacker with the ability run code in kernel space of a guest VM can cause the host kernel to pani...