kernel security update

3.10.0-327.4.5.OL7 - Oracle Linux certificates Alexey Petrenko 3.10.0-327.4.5 - security keys: Fix keyring ref leak in joinsessionkeyring David Howells 1298931 1298036 CVE-2016-0728...

Important: Red Hat Security Advisory: kernel security update

Updated kernel packages that fix two security issues are now available for Red Hat Enterprise Linux 6.2 Advanced Update Support. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix two security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detail...

Microsoft Windows Kernel Security Feature Bypass (MS15-115: CVE-2015-6113)

A kernel security feature bypass vulnerability has been reported in Microsoft Windows. A remote attacker may exploit this vulnerability by calling a procedure which bypasses access check and allows privileged file access...

kernel security, bug fix, and enhancement update

3.10.0-229.20.1.OL7 - Oracle Linux certificates Alexey Petrenko 3.10.0-229.20.1 - Revert: crypto nx - Check for bogus firmware properties Phillip Lougher 1247127 1190103 - Revert: crypto nx - Moving NX-AES-CBC to be processed logic Phillip Lougher 1247127 1190103 - Revert: crypto nx - Moving...

openSUSE: Security Advisory for Linux (openSUSE-SU-2014:1678-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2015:1611-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 11 SP3 kernel was updated to receive various security and bugfixes. Following security bugs were fixed: - CVE-2015-5707: An integer overflow in the SCSI generic driver could be potentially used by local attackers to crash the kernel or execute code bsc940338. -...

Code injection

The kernel in Apple OS X before 10.10.5 does not properly validate pathnames in the environment, which allows local users to gain privileges via unspecified vectors...

Microsoft Windows Kernel KMD Security Feature CVE-2015-2454 Local Security Bypass Vulnerability

Description Microsoft Windows is prone to a local security-bypass vulnerability. Local attackers can exploit this issue to bypass certain security restrictions and execute arbitrary code by exploiting another vulnerability in the application. Successful exploits may lead to other attacks...

Unbreakable Enterprise kernel security update

2.6.39-400.250.10 - md: use kzalloc when bitmap is disabled Benjamin Randazzo Orabug: 21563042 CVE-2015-5697 - netfilter: nfconntrack: reserve two bytes for nfctext-len Andrey Vagin Orabug: 21562780 CVE-2014-9715...

kernel security and bug fix update

3.10.0-229.11.1 - Oracle Linux certificates Alexey Petrenko 3.10.0-229.11.1 - fs Fixing lease renewal Steve Dickson 1226328 1205048 - fs revert 'nfs: Fixing lease renewal' Carlos Maiolino 1226328 1205048 - redhat spec: Update dracut dependency to 033-241.|ael7b1.5 Phillip Lougher 1241571 1241344...

Unbreakable Enterprise kernel security update

kernel-uek 2.6.32-400.37.9uek - x86, tls: Interpret an all-zero struct userdesc as 'no segment' Andy Lutomirski Orabug: 21518750 - x86, tls, ldt: Stop checking lm in LDTempty Andy Lutomirski Orabug: 21518750 2.6.32-400.37.8uek - KVM: x86: SYSENTER emulation is broken Nadav Amit Orabug: 21502741...

Unbreakable Enterprise kernel security update

kernel-uek 3.8.13-68.3.5 - KVM: x86: SYSENTER emulation is broken Nadav Amit Orabug: 21502739 CVE-2015-0239 CVE-2015-0239 - fs: take imutex during preparebinprm for setugid executables Jann Horn Orabug: 21502254 CVE-2015-3339 - eCryptfs: Remove buggy and unnecessary write in file name decode...

Moderate: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

Updated kernel packages that fix multiple security issues, address several hundred bugs, and add numerous enhancements are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 6. This is the seventh regular update. Red Hat Product Security has rated thi...

Unbreakable Enterprise kernel security update

kernel-uek 3.8.13-68.3.4 - ipv6: Don't reduce hop limit for an interface D.S. Ljungmark Orabug: 21444790 CVE-2015-2922 - ipv4: Missing sknullsnodeinit in pingunhash. David S. Miller Orabug: 21444687 CVE-2015-3636...

CVE-2015-4004

The OZWPAN driver in the Linux kernel through 4.0.5 relies on an untrusted length field during packet parsing, which allows remote attackers to obtain sensitive information from kernel memory or cause a denial of service out-of-bounds read and system crash via a crafted packet...

Oracle Linux 5 : kernel (ELSA-2015-1042)

The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2015-1042 advisory. - fs pipe: fix pipe corruption and iovec overrun on partial copy Mateusz Guzik 1203787 CVE-2015-1805 Tenable has extracted the preceding description block...

SUSE SLED11 / SLES11 Security Update : kernel (SUSE-SU-2014:0189-1)

The SUSE Linux Enterprise 11 Service Pack 3 kernel was updated to 3.0.101 and also includes various other bug and security fixes. A new feature was added : - supported.conf: marked net/netfilter/xtset as supported bnc851066fate313309 The following security bugs have been fixed : CVE-2013-4587:...

SUSE SLES11 Security Update : kernel (SUSE-SU-2014:1138-1)

The SUSE Linux Enterprise Server 11 SP1 LTSS received a roll up update to fix several security and non-security issues. The following security issues have been fixed : - CVE-2013-1860: Heap-based buffer overflow in the wdmincallback function in drivers/usb/class/cdc-wdm.c in the Linux kernel befo...

Microsoft Windows - CNG.SYS Kernel Security Feature Bypass (MS15-052)

Microsoft Windows - CNG.SYS Kernel Security Feature Bypass MS15-052 // Source: http://www.binvul.com/viewthread.php?tid=508 // Source: https://twitter.com/NTarakanov/status/598370525132423168 include include include pragma commentlib, "ntdll.lib" int mainint argc, CHAR argv typedef NTSTATUS stdca...