CVE-2019-1125

An information disclosure vulnerability exists when certain central processing units CPU speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. To exploit this vulnerability, an attacker would have to log on to an...

SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2019:0765-1) (Spectre)

The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2018-20669: Missing access control checks in ioctl of gpu/drm/i915 driver were fixed which might have lead to information leaks. bnc1122971. CVE-2019-3459,...

Fedora 28 : acpica-tools (2018-8d90571cdf)

Security fix for CVE-2017-13693, CVE-2017-13694, CVE-2017-13695. This provides fixes for the user space ACPICA tools only. Any kernel updates are handled separately. This update also includes the upgrade to the 20190209 version of the upstream source. ---------------------------------------- 09...

Ubuntu: Security Advisory (USN-3821-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OracleVM 3.4 : Unbreakable / etc (OVMSA-2018-0254) (Foreshadow)

The remote OracleVM system is missing necessary patches to address critical security updates : Oracle VM Security Advisory OVMSA-2018-0254 The following updated rpms for Oracle VM 3.4 have been uploaded to the Unbreakable Linux Network : x8664: kernel-uek-4.1.12-124.19.1.el6uek.x8664.rpm...

USN-3690-1: AMD Microcode update | Cloud Foundry

Severity High Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker...

Ubuntu: Security Advisory (USN-3690-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Unbreakable Enterprise kernel security update

4.1.12-124.15.1 - netfilter: nfnetlinkcthelper: Add missing permission checks Kevin Cernekee Orabug: 27260771 CVE-2017-17448 - netlink: Add netns check on taps Kevin Cernekee Orabug: 27260799 CVE-2017-17449 - KVM: Fix stack-out-of-bounds read in writemmio Wanpeng Li Orabug: 27290606 CVE-2017-1774...

Fedora 27 : acpica-tools (2018-7c2e0a998d)

Security fix for CVE-2017-13693, CVE-2017-13694, CVE-2017-13695. This provides fixes for the user space ACPICA tools only. Any kernel updates are handled separately. This update also includes the upgrade to the 20190209 version of the upstream source. ---------------------------------------- 09...

USN-3531-2 intel-microcode regression

USN-3531-1 updated Intel microcode to the 20180108 release. Regressions were discovered in the microcode updates which could cause system instability on certain hardware platforms. At the request of Intel, we have reverted to the previous packaged microcode version, the 20170707 release. Original...

USN-3531-2: Intel Microcode regression

USN-3531-1 updated Intel microcode to the 20180108 release. Regressions were discovered in the microcode updates which could cause system instability on certain hardware platforms. At the request of Intel, we have reverted to the previous packaged microcode version, the 20170707 release. Original...

USN-3531-1 intel-microcode update

It was discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. CVE-2017-5715 This...

Ubuntu 14.04 LTS / 16.04 LTS : NVIDIA graphics drivers vulnerability (USN-3521-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3521-1 advisory. Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel...

USN-3521-1: NVIDIA graphics drivers vulnerability

Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. This update provide...

Oracle: Security Advisory (ELSA-2009-1455)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OracleVM 2.1 : kernel (OVMSA-2009-0023)

The remote OracleVM system is missing necessary patches to address critical security updates : - backport for online resize of blockdev orabug 8585251 rh bugz 444964 - CVE-2009-2692 - net make socksendpage use kernelsendpage Jiri Pirko 517445 516955 - CVE-2009-2698 - net prevent null pointer...

MGASA-2014-0337 Updated kernel-tmb package fixes security vulnerabilities

Updated kernel-tmb provides upstream 3.12.26 kernel and fixes the following security issues: Array index error in the aioreadeventsring function in fs/aio.c in the Linux kernel through 3.15.1 allows local users to obtain sensitive information from kernel memory via a large head value CVE-2014-020...

MGASA-2014-0273 Updated kernel packages fixes security vulnerabilities

The kernel has been updated to the upstream 3.10.44 longterm kernel, and fixes the following security issues: The Netlink implementation in the Linux kernel through 3.14.1 does not provide a mechanism for authorizing socket operations based on the opener of a socket, which allows local users to...

MGASA-2014-0228 Updated kernel packages fix multiple vulnerabilities

Updated kernel provides upstream 3.10.40 kernel and fixes the following security issues: The microcode on AMD 16h 00h through 0Fh processors does not properly handle the interaction between locked instructions and write-combined memory types, which allows local users to cause a denial of service...

CVE-2013-7263

The Linux kernel before 3.12.4 updates certain length values before ensuring that associated data structures have been initialized, which allows local users to obtain sensitive information from kernel stack memory via a 1 recvfrom, 2 recvmmsg, or 3 recvmsg system call, related to net/ipv4/ping.c,...