MGASA-2016-0281 Updated ctdb packages fix security vulnerability

The kernel fix for CVE-2015-8543 uncovered a bug in ctdb, leading to broken clusters. The ctdb package has been patched to fix this issue...

CVE-2016-5340

The isashmemfile function in drivers/staging/android/ashmem.c in a certain Qualcomm Innovation Center QuIC Android patch for the Linux kernel 3.x mishandles pointer validation within the KGSL Linux Graphics Module, which allows attackers to bypass intended access restrictions by using the /ashmem...

UBUNTU-CVE-2016-5340

The isashmemfile function in drivers/staging/android/ashmem.c in a certain Qualcomm Innovation Center QuIC Android patch for the Linux kernel 3.x mishandles pointer validation within the KGSL Linux Graphics Module, which allows attackers to bypass intended access restrictions by using the /ashmem...

SUSE-SU-2016:0434-1 Security update for kernel live patch 1

This kernel live patch for Linux Kernel 3.12.32-33.1 fixes security issues and bugs: Security issues fixed: - CVE-2015-8539: A negatively instantiated user key could have been used by a local user to leverage privileges bnc958601. - CVE-2015-6937: A NULL pointer dereference flaw was found in the...

SUSE-SU-2016:0386-1 Security update for kernel live patch 6

This kernel live patch for Linux Kernel 3.12.44-52.10.1 fixes security issues and bugs: Security issues fixed: - CVE-2015-8539: A negatively instantiated user key could have been used by a local user to leverage privileges bnc958601. - CVE-2015-6937: A NULL pointer dereference flaw was found in t...

SUSE-SU-2016:0380-1 Security update for kernel live patch 3

This kernel live patch for Linux Kernel 3.12.38-44.1 fixes security issues and bugs: Security issues fixed: - CVE-2015-8539: A negatively instantiated user key could have been used by a local user to leverage privileges bnc958601. - CVE-2015-6937: A NULL pointer dereference flaw was found in the...

SUSE-SU-2016:0383-1 Security update for kernel live patch 5

This kernel live patch for Linux Kernel 3.12.43-52.6.1 fixes security issues and bugs: Security issues fixed: - CVE-2015-8539: A negatively instantiated user key could have been used by a local user to leverage privileges bnc958601. - CVE-2015-6937: A NULL pointer dereference flaw was found in th...

SUSE-SU-2015:1488-1 Live patch for the Linux Kernel

This update contains a kernel live patch for the 3.12.36-38 SUSE Linux Enterprise Server 12 Kernel, fixing following security issues. - CVE-2015-3339: A race condition in the preparebinprm function in fs/exec.c in the Linux kernel allowed local users to gain privileges by executing a setuid progr...

kernel: net: sctp: fix panic on duplicate ASCONF chunks

A flaw was found in the way the Linux kernel's Stream Control Transmission Protocol SCTP implementation handled duplicate Address Configuration Change Chunks ASCONF. A remote attacker could use either of these flaws to crash the system...

grsecurity Kernel Patch 1.9.4 Linux Kernel Memory Protection Weakness

No description provided by source. source: http://www.securityfocus.com/bid/4762/info An attacker with root access may be able to write to kernel memory in spite of the security patch provided by grsecurity. The patch operates by redirecting the write system call, when it is being used to write t...

[oss-security] CVE request -- Linux kernel: sctp: sk_ack_backlog wrap-around problem

Description of the problem: For a TCP-style socket, while processing the COOKIEECHO chunk in sctpsfdo51Dce, after it has passed a series of sanity check, a new association would be created in sctpunpackcookie, but afterwards, some processing maybe failed, and sctpassociationfree will be called to...

[oss-security] CVE-2014-0206 -- Linux kernel: kernel memory disclosure in io_getevents()

A kernel memory disclosure was introduced in aioreadeventsring in v3.10 by commit a31ad380bed817aa25f8830ad23e1a0480fef797. The changes made to aioreadeventsring failed to correctly limit the index into ctx-ringpages, allowing an attacker to cause the subsequent kmap of an arbitrary page with a...

SuSE 11.2 Security Update : Linux kernel (SAT Patch Numbers 8865 / 8868 / 8875)

The SUSE Linux Enterprise 11 Service Pack 2 kernel was updated to fix a regression introduced by the previous update : - scsidhalua: Incorrect reference counting in the SCSI ALUA initialization code lead to system crashes on boot bnc858831. As the update introducing the regression was marked...

MGASA-2014-0044 Updated kernel-rt packages fix multiple vulnerabilities

This kernel update provides an update to the 3.10 longterm branch, currently 3.10.28 and fixes the following security issues: The ath9khtcsetbssidmask function in drivers/net/wireless/ath/ath9k/htcdrvmain.c in the Linux kernel through 3.12 uses a BSSID masking approach to determine the set of MAC...

RedHat Update for kernel RHSA-2014:0108-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Solaris 10 (sparc) : 150400-06

SunOS 5.10: Kernel Patch. Date this patch was last updated by Sun : Dec/13/13 %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is has been withdrawn. Disabled on 2014/02/12. C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0;...

Solaris 10 (x86) : 150401-06

SunOS 5.10x86: Kernel Patch. Date this patch was last updated by Sun : Dec/13/13 %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is has been withdrawn. Disabled on 2014/02/12. C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0;...

kernel: kvm: pv_eoi guest updates with interrupts disabled

A certain Red Hat patch to the KVM subsystem in the kernel package before 2.6.32-358.11.1.el6 on Red Hat Enterprise Linux RHEL 6 does not properly implement the PV EOI feature, which allows guest OS users to cause a denial of service host OS crash by leveraging a time window during which interrup...

RHEL 6 : kernel (RHSA-2013:0841)

Updated kernel packages that fix one security issue are now available for Red Hat Enterprise Linux 6.1 Extended Update Support. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detail...

Solaris 10 (x86) : 148889-05 (deprecated)

SunOS 5.10x86: kernel patch. Date this patch was last updated by Sun : Jun/28/13 This plugin has been deprecated and either replaced with individual 148889 patch-revision plugins, or deemed non-security related. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. @DEPRECATED@ Disabled on...