Linux kernel competitive conditions vulnerability (CNVD-2016-04425)

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A contention condition vulnerability exists in the 'vopioctl' function in the drivers/misc/mic/vop/vopvringh.c file in Linux kernel 4.6 and earlier. A local attacker can explo...

Linux kernel information disclosure vulnerability (CNVD-2016-04424)

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A security vulnerability exists in the 'schedreadattr' function in the kernel/sched/core.c file in versions of Linux kernel 3.14-rc4 prior to 3.14-rc, which stems from a progr...

CVE-2016-5244

The rdsincinfocopy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message...

CVE-2016-5243

The tipcnlcompatlinkdump function in net/tipc/netlinkcompat.c in the Linux kernel through 4.6.3 does not properly copy a certain string, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message...

CVE-2016-5243

The tipcnlcompatlinkdump function in net/tipc/netlinkcompat.c in the Linux kernel through 4.6.3 does not properly copy a certain string, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message...

CVE-2016-5244

CVE-2016-5244 affects the Linux kernel and involves the function rds_inc_info_copy in net/rds/recv.c not initializing a structure member. This can enable a remote attacker to read sensitive information from kernel stack memory by processing an RDS message, with impact described as kernel informat...

CVE-2016-5243

The tipcnlcompatlinkdump function in net/tipc/netlinkcompat.c in the Linux kernel through 4.6.3 does not properly copy a certain string, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message...

openSUSE Security Update : the Linux Kernel (openSUSE-2016-753)

The openSUSE Leap 42.1 kernel was updated to 4.1.26 to receive various security and bugfixes. The following security bugs were fixed : - CVE-2016-1583: Prevent the usage of mmap when the lower file system does not allow it. This could have lead to local privilege escalation when ecryptfs-utils wa...

Linux kernel information disclosure vulnerability (CNVD-2016-03564)

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. An information disclosure vulnerability exists in the 'x25negotiatefacilities' function in the net/x25/x25facilities.c file in versions of the Linux kernel prior to 4.5.5, whi...

DEBIAN-CVE-2016-4578

sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the 1 sndtimeruserccallback and 2 sndtimerusertinterrupt...

CVE-2016-4485

The llccmsgrcv function in net/llc/afllc.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory by reading a message...

CVE-2016-4569

The sndtimeruserparams function in sound/core/timer.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface...

CVE-2016-4485

The llccmsgrcv function in net/llc/afllc.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory by reading a message...

CVE-2011-1173

The econetsendmsg function in net/econet/afeconet.c in the Linux kernel before 2.6.39 on the x8664 platform allows remote attackers to obtain potentially sensitive information from kernel stack memory by reading uninitialized data in the ah field of an Acorn Universal Networking AUN packet...

openSUSE Security Update : kernel (openSUSE-SU-2011:0004-1)

The openSUSE 11.3 kernel was updated to fix various bugs and security issues. Following security issues have been fixed: CVE-2010-4347: A local user could inject ACPI code into the kernel via the world-writable 'customdebug' file, allowing local privilege escalation. CVE-2010-4258: A local attack...

SuSE 11.3 Security Update : Linux kernel (SAT Patch Numbers 9102 / 9104 / 9105)

The SUSE Linux Enterprise 11 Service Pack 3 kernel has been updated to fix various bugs and security issues. ---------------------------------------------------------------------- - WARNING: If you are running KVM with PCI pass-through on a system with one of the following Intel chipsets: 5500...

SuSE 11.3 Security Update : Linux Kernel (SAT Patch Numbers 9047 / 9050 / 9051)

The SUSE Linux Enterprise 11 Service Pack 3 kernel was updated to fix various bugs and security issues. ---------------------------------------------------------------------- - WARNING: If you are running KVM with PCI pass-through on a system with one of the following Intel chipsets: 5500 revisio...

Scientific Linux Security Update : kernel on SL5.x i386/x86_64 (20140312)

A buffer overflow flaw was found in the way the qethsnmpcommand function in the Linux kernel's QETH network device driver implementation handled SNMP IOCTL requests with an out-of-bounds length. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their...

Ubuntu: Security Advisory (USN-2138-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 5 / 6 : unbreakable enterprise kernel (ELSA-2014-3009)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-3009 advisory. - inet: fix addrlen/msg-msgnamelen assignment in recverror and rxpmtu functions Hannes Frederic Sowa 18247289 CVE-2013-7263 CVE-2013-7265 - inet:...