Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

USN-1933-1: Linux kernel (OMAP4) vulnerabilities

Chanam Park reported a Null pointer flaw in the Linux kernel's Ceph client. A remote attacker could exploit this flaw to cause a denial of service system crash. CVE-2013-1059 An information leak was discovered in the Linux kernel's fanotify interface. A local user could exploit this flaw to obtai...

USN-1929-1: Linux kernel vulnerability

An information leak was discovered in the Linux kernel's fanotify interface. A local user could exploit this flaw to obtain sensitive information from kernel memory...

CVE-2013-3198

The NT Virtual DOS Machine NTVDM subsystem in the kernel in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 on 32-bit platforms does not properly validate kernel-memory addresses, which allows local users to gain privileg...

CVE-2013-3197

The NT Virtual DOS Machine NTVDM subsystem in the kernel in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 on 32-bit platforms does not properly validate kernel-memory addresses, which allows local users to gain privileg...

CVE-2013-3197

The NT Virtual DOS Machine NTVDM subsystem in the kernel in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 on 32-bit platforms does not properly validate kernel-memory addresses, which allows local users to gain privileg...

CVE-2013-3196

The NT Virtual DOS Machine NTVDM subsystem in the kernel in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 on 32-bit platforms does not properly validate kernel-memory addresses, which allows local users to gain privileg...

CVE-2013-1943

The KVM subsystem in the Linux kernel before 3.0 does not check whether kernel addresses are specified during allocation of memory slots for use in a guest's physical address space, which allows local users to gain privileges or obtain sensitive information from kernel memory via a crafted...

Oracle Linux 5 : kernel (ELSA-2010-0723)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2010-0723 advisory. - misc make compatallocuserspace incorporate the accessok Don Howard 634463 634464 CVE-2010-3081 - fs xfs: fix missing untrusted inode lookup tag Dave...

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2011-2015)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2011-2015 advisory. - sctp: fix to calc the INIT/INIT-ACK chunk length correctly is set CVE-2011-1573 - dccp: fix oops on Reset after close CVE-2011-1093 - bridge:...

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2013-2520)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2013-2520 advisory. - mm/hotplug: correctly add new zone to all other nodes' zone lists Jiang Liu Orabug: 16603569 CVE-2012-5517 - ptrace: ptraceresume shouldn't wake ...

Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-1900-1)

Dmitry Monakhov reported a race condition flaw the Linux ext4 filesystem that can expose stale data. An unprivileged user could exploit this flaw to cause an information leak. CVE-2012-4508 An information leak was discovered in the Linux kernel's tkill and tgkill system calls when used from compa...

CVE-2013-2164

The mmcioctlcdromreaddata function in drivers/cdrom/cdrom.c in the Linux kernel through 3.10 allows local users to obtain sensitive information from kernel memory via a read operation on a malfunctioning CD-ROM drive...

DEBIAN-CVE-2013-2164

The mmcioctlcdromreaddata function in drivers/cdrom/cdrom.c in the Linux kernel through 3.10 allows local users to obtain sensitive information from kernel memory via a read operation on a malfunctioning CD-ROM drive...

Ubuntu Update for linux-ti-omap4 USN-1882-1

Check for the Version of linux-ti-omap4 OpenVAS Vulnerability Test $Id: gbubuntuUSN18821.nasl 7958 2017-12-01 06:47:47Z santu $ Ubuntu Update for linux-ti-omap4 USN-1882-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is...

Ubuntu: Security Advisory (USN-1883-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Cisco ASA 8.4.4.6 8.2.5.32 - Ethernet Information Leak

Cisco ASA 8.4.4.6 8.2.5.32 - Ethernet Information Leak !/usr/bin/env python CVE-2003-0001 'Etherleak' exploit ================================= Exploit for hosts which use a network device driver that pads ethernet frames with data which vary from one packet to another, likely taken from kernel...

Cisco ASA < 8.4.4.6 < 8.2.5.32 - Ethernet Information Leak

!/usr/bin/env python CVE-2003-0001 'Etherleak' exploit ================================= Exploit for hosts which use a network device driver that pads ethernet frames with data which vary from one packet to another, likely taken from kernel memory, system memory allocated to the device driver, or...

CVE-2013-2147

The HP Smart Array controller disk-array driver and Compaq SMART2 controller disk-array driver in the Linux kernel through 3.9.4 do not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory via 1 a crafted IDAGETPCIINFO command for a...

CVE-2013-2148

The filleventmetadata function in fs/notify/fanotify/fanotifyuser.c in the Linux kernel through 3.9.4 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a read operation on the fanotify descriptor...