Input validation

An input validation issue existed in the kernel. This issue was addressed with improved input validation. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5...

SUSE-SU-2019:0784-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-2024: A use-after-free when disconnecting a source was fixed which could lead to crashes. bnc1129179. - CVE-2019-9213: expanddownwards in mm/mmap.c lacks a...

SUSE-SU-2019:0726-1 Security update for the Linux Kernel (Live Patch 2 for SLE 12 SP4)

This update for the Linux Kernel 4.12.14-956 fixes several issues. The following security issues were fixed: - CVE-2019-9213: Expanddownwards in mm/mmap.c lacked a check for the mmap minimum address, which made it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP...

CVE-2019-7221

The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free...

kernel security, bug fix, and enhancement update

3.10.0-957.10.1.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-957.10.1 - fs revert 'fs nfs: Don't write back further requests if there is a...

CVE-2019-1999

CVE-2019-1999 is evidenced in connected Nessus advisories for Unity Linux kernel updates (UTSA-2026-003839/004335/000386). The issue is in binder_alloc_free_page in binder_alloc.c, causing a possible double free due to improper locking. This can lead to local escalation of privilege in the kernel...

kernel security and bug fix update

2.6.32-754.11.1.OL6 - Update genkey bug 25599697 2.6.32-754.11.1 - x86 mm/fault: Allow stack access below rsp Waiman Long 1644401 - sound alsa: rawmidi: Change resized buffers atomically Denys Vlasenko 1593083 CVE-2018-10902...

SUSE-SU-2019:0298-1 Security update for the Linux Kernel (Live Patch 0 for SLE 12 SP4)

This update for the Linux Kernel 4.12.14-9441 fixes one issue. The following security issue was fixed: - CVE-2018-16884: A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time could make bcsvcprocess use wrong back-channel I...

Unbreakable Enterprise kernel security update

kernel-uek 3.8.13-118.30.1 - ext4: validate that metadata blocks do not overlap superblock Theodore Ts'o Orabug: 28220451 CVE-2018-1094 - ext4: always initialize the crc32c checksum driver Theodore Ts'o Orabug: 28220451 CVE-2018-1094 CVE-2018-1094 - vfs: Add sbrdonlysb to query the MSRDONLY flag ...

SUSE SLES11 Security Update : kernel (SUSE-SU-2019:13937-1)

The SUSE Linux Enterprise 12 SP3 kernel was updated to 3.0.101 to receive various security and bugfixes. The following security bugs were fixed : CVE-2018-9516: In hiddebugeventsread of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. This could lead...

kernel security, bug fix, and enhancement update

3.10.0-957.5.1.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-957.5.1 - fs revert 'fs sunrpc: Ensure we always close the socket after a...

Kernel security update: Virtuozzo ReadyKernel patch 70.0 for Virtuozzo 7.0.8 and 7.0.8 HF1

The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to Virtuozzo kernels 3.10.0-862.9.1.vz7.63.3 7.0.8 and 3.10.0-862.11.6.vz7.64.7 7.0.8 HF1. Vulnerability id: PSBM-90803 A flaw was found in the implementation of ebtables in the Linux kerne...

Taking a page from the kernel's book: A TLB issue in mremap()

Posted by Jann Horn, Project Zero This is a technical blog post about TLB flushing bugs in kernels, intended for people interested in kernel security and memory management. Introduction: Bugs in Memory Management code There have been some pretty scary bugs in memory management in the past, like:...

Unbreakable Enterprise kernel security update

4.1.12-124.24.3 - ext4: update idisksize when new eof exceeds it Shan Hai Orabug: 28940828 - ext4: update idisksize if direct write past ondisk size Eryu Guan Orabug: 28940828 - ext4: protect idisksize update by idatasem in direct write path Eryu Guan Orabug: 28940828 - ALSA: usb-audio: Fix UAF...

Important kernel security update: Virtuozzo ReadyKernel patch 69.0 for Virtuozzo 7.0.4 HF3 to 7.0.8 HF1

The cumulative Virtuozzo ReadyKernel patch was updated with a security fix. The patch applies to all supported Virtuozzo kernels. Vulnerability id: CVE-2018-16884 A flaw was found in the implementation of NFS v4.1 in the Linux kernel. NFS v4.1 shares mounted in different network namespaces at the...

SUSE-SU-2018:4208-1 Security update for the Linux Kernel (Live Patch 7 for SLE 12 SP3)

This update for the Linux Kernel 4.4.103-638 fixes one issue. The following security issue was fixed: - CVE-2018-5848: Fixed an unsigned integer overflow in wmisetie. This could lead to a buffer overflow bsc1097356...

Security update for the Linux Kernel (important)

The openSUSE Leap 15.0 kernel was updated to 4.12.14-lp150.12.28.1 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-18281: The mremap syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate removes entries from the...

SUSE-SU-2018:4127-1 Security update for the Linux Kernel (Live Patch 18 for SLE 12 SP2)

This update for the Linux Kernel 4.4.114-9264 fixes one issue. The following security issue was fixed: - CVE-2018-5848: Fixed an unsigned integer overflow in wmisetie. This could lead to a buffer overflow bsc1097356...

CVE-2018-9519

In easelcommhwbuildscatterlist, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System privileges required. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-69808833...

Unbreakable Enterprise kernel security update

4.1.12-124.22.4 - Revert commit 8bd274934987 'block: fix bdi vs gendisk lifetime mismatch' Ashish Samant Orabug: 28968102 - KVM/x86: Add IBPB support Ashok Raj Orabug: 28703712 - x86/intel/spectrev2: Remove unnecessary retpcompiler test Boris Ostrovsky Orabug: 28814570 - x86/intel/spectrev4:...