CentOS Update for kernel CESA-2014:0740 centos5

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : kernel (openSUSE-SU-2011:0861-1)

The openSUSE 11.3 kernel was updated to 2.6.34.10 to fix various bugs and security issues. Following security issues have been fixed: CVE-2011-2495: The /proc/PID/io interface could be used by local attackers to gain information on other processes like number of password characters typed or...

[oss-security] CVE request: Linux kernel DoS with syscall auditing

Issuing a system call with a random large number will OOPS, depending on configuration. A configuration that will enable this bug is: auditctl -a exit,always -S open No privilege whatsoever is required to trigger the OOPS. It's possible that this can be extended to more than just a DoS -- with so...

openSUSE Security Update : kernel (openSUSE-SU-2012:0206-1)

The openSUSE 11.3 kernel was updated to fix various bugs and security issues. Following security issues have been fixed: CVE-2011-4604: If root does read on a specific socket, it's possible to corrupt kernel memory over network, with an ICMP packet, if the B.A.T.M.A.N. mesh protocol is used...

openSUSE Security Update : Kernel (openSUSE-SU-2010:0592-1)

This update of the openSUSE 11.3 kernel brings the kernel to version 2.6.34.4 and contains a lot of bug and security fixes CVE-2010-3110: Missing bounds checks in several ioctls of the Novell Client novfs /proc interface allowed unprivileged local users to crash the kernel or even execute code in...

Oracle Linux 5 : kernel (ELSA-2014-0740)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-0740 advisory. - infiniband rds: dereference of a NULL device Jacob Tanenbaum 1079216 1079217 CVE-2013-7339 - block floppy: don't write kernel-only members to FDRAWCM...

kernel security update

CentOS Errata and Security Advisory CESA-2014:0740 Updated kernel packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring...

kernel: block: floppy: privilege escalation via FDRAWCMD floppy ioctl command

A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free using the kfree function arbitrary kernel memory. CVE-2014-173...

kernel: block: floppy: privilege escalation via FDRAWCMD floppy ioctl command

A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free using the kfree function arbitrary kernel memory. CVE-2014-173...

CVE-2014-3873

The ktrace utility in the FreeBSD kernel 8.4 before p11, 9.1 before p14, 9.2 before p7, and 9.3-BETA1 before p1 uses an incorrect page fault kernel trace entry size, which allows local users to obtain sensitive information from kernel memory via a kernel process trace...

Design/Logic Flaw

The ktrace utility in the FreeBSD kernel 8.4 before p11, 9.1 before p14, 9.2 before p7, and 9.3-BETA1 before p1 uses an incorrect page fault kernel trace entry size, which allows local users to obtain sensitive information from kernel memory via a kernel process trace...

CVE-2014-3873

The ktrace utility in the FreeBSD kernel 8.4 before p11, 9.1 before p14, 9.2 before p7, and 9.3-BETA1 before p1 uses an incorrect page fault kernel trace entry size, which allows local users to obtain sensitive information from kernel memory via a kernel process trace...

Debian DSA-2952-1 : kfreebsd-9 - security update

Several vulnerabilities have been discovered in the FreeBSD kernel that may lead to a denial of service or possibly disclosure of kernel memory. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2014-1453 A remote, authenticated attacker could cause the NF...

[SECURITY] [DSA 2952-1] kfreebsd-9 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2952-1 [email protected] http://www.debian.org/security/ Nico Golde June 05, 2014 http://www.debian.org/security/faq - -------------------------------------------------------------------------...

Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-2240-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2240-1 advisory. Pinkie Pie discovered a flaw in the Linux kernel's futex subsystem. An unprivileged local user could exploit this flaw to cause a denial of service syste...

USN-2241-1: Linux kernel vulnerabilities

Pinkie Pie discovered a flaw in the Linux kernel's futex subsystem. An unprivileged local user could exploit this flaw to cause a denial of service system crash or gain administrative privileges. CVE-2014-3153 A flaw was discovered in the Linux kernel virtual machine's kvm validation of interrupt...

USN-2240-1: Linux kernel vulnerabilities

Pinkie Pie discovered a flaw in the Linux kernel's futex subsystem. An unprivileged local user could exploit this flaw to cause a denial of service system crash or gain administrative privileges. CVE-2014-3153 An information leak was discovered in the netfilter subsystem of the Linux kernel. An...

DEBIAN-CVE-2014-3917

kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIGAUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service OOPS via a large value of a syscall number...

CVE-2014-3917

CVE-2014-3917 affects the Linux kernel up to 3.14.5, specifically kernel/auditsc.c when CONFIG_AUDITSYSCALL is enabled with certain syscall rules. Local users can obtain sensitive single-bit values from kernel memory or trigger a denial of service (OOPS) by using a large syscall number. Exploitat...

CVE-2014-3917

kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIGAUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service OOPS via a large value of a syscall number...