kernel: denial of service in arch/powerpc/kernel/signal_32.c and arch/powerpc/kernel/signal_64.c via sigreturn() system call

A flaw was found in the PowerPc platform, where the kernel will panic if the transactional memory is disabled. An attacker could use this flaw to panic the system by constructing a signal context through the transactional memory MSR bits set...

CVE-2019-20577

An issue was discovered on Samsung mobile devices with P9.0 Exynos chipsets software. The MALI GPU Driver allows a kernel panic. The Samsung ID is SVE-2019-14372 August 2019...

CVE-2019-20577

An issue was discovered on Samsung mobile devices with P9.0 Exynos chipsets software. The MALI GPU Driver allows a kernel panic. The Samsung ID is SVE-2019-14372 August 2019...

Code injection

An issue was discovered on Samsung mobile devices with P9.0 Exynos chipsets software. The MALI GPU Driver allows a kernel panic. The Samsung ID is SVE-2019-14372 August 2019...

CVE-2019-20577

An issue was discovered on Samsung mobile devices with P9.0 Exynos chipsets software. The MALI GPU Driver allows a kernel panic. The Samsung ID is SVE-2019-14372 August 2019...

CVE-2019-20577

CVE-2019-20577 affects Samsung mobile devices running P(9.0) on Exynos chipsets, where the Mali GPU driver can cause a kernel panic. The issue is documented across multiple sources (NVD, Red Hat RH:CVE-2019-20577, CVE records) with Samsung’s internal reference SVE-2019-14372 (August 2019). Public...

Security Bulletin: IBM API Connect V5 is impacted by a denial of service vulnerability in Linux kernel (CVE-2019-11477)

Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2019-11477 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by an integer overflow when processing TCP Selective Acknowledgement SACK capabilities. By sending specially-crafte...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1533)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2018-1085)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

FreeBSD -- Insufficient cryptodev MAC key length check

Problem Description: Requests to create cryptography sessions using a MAC did not validate the user-supplied MAC key length. The cryptodev module allocates a buffer whose size is this user-suppled length. Impact: An unprivileged process can trigger a kernel panic...

macOS 10.14.6 (18G87) - Kernel Use-After-Free due to Race Condition in wait_for_namespace_event()

macOS 10.14.6 18G87 - Kernel Use-After-Free due to Race Condition in waitfornamespaceevent The XNU function waitfornamespaceevent in bsd/vfs/vfssyscalls.c releases a file descriptor for use by userspace but may then subsequently destroy that file descriptor using fpfree, which unconditionally fre...

macOS 10.14.6 (18G87) - Kernel Use-After-Free due to Race Condition in wait_for_namespace_event()

The XNU function waitfornamespaceevent in bsd/vfs/vfssyscalls.c releases a file descriptor for use by userspace but may then subsequently destroy that file descriptor using fpfree, which unconditionally frees the fileproc and fileglob. This opens up a race window during which the process could...

CVE-2019-18680

A flaw was found in the Linux kernel's implementation of RDS over TCP. A system that has the rdstcp kernel module that is loaded through an autoload via a local process running listen, or manual loading, could possibly cause a kernel panic. Mitigation While this is a network protocol being...

CVE-2018-1092

The Linux kernel is vulnerable to a NULL pointer dereference in the ext4/mballoc.c:ext4processfreeddata function. An attacker could trick a legitimate user or a privileged attacker could exploit this by mounting a crafted ext4 image to cause a kernel panic...

CVE-2019-15098

A flaw was found in the Linux kernel's implementation of the ath6kl wireless network driver implementation, which could allow an attacker with physical access with custom USB hardware to plug into a rogue USB device that can create a condition where the kernel will panic. Mitigation No mitigation...

FreeBSD : FreeBSD -- IPv6 remote Denial-of-Service (4d3d4f64-f680-11e9-a87f-a4badb2f4699)

Due do a missing check in the code of mpulldown9 data returned may not be contiguous as requested by the caller. Impact : Extra checks in the IPv6 code catch the error condition and trigger a kernel panic leading to a remote DoS denial-of-service attack with certain Ethernet interfaces. At this...

FreeBSD -- Improper checking in SCTP-AUTH shared key update

Problem Description: The SCTP layer does improper checking when an application tries to update a shared key. Therefore an unprivileged local user can trigger a use-after- free situation, for example by specific sequences of updating shared keys and closing the SCTP association. Impact: Triggering...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

CVE-2019-5608

In FreeBSD 12.0-STABLE before r350648, 12.0-RELEASE before 12.0-RELEASE-p9, 11.3-STABLE before r350650, 11.3-RELEASE before 11.3-RELEASE-p2, and 11.2-RELEASE before 11.2-RELEASE-p13, the ICMPv6 input path incorrectly handles cases where an MLDv2 listener query packet is internally fragmented acro...

CVE-2019-5611

In FreeBSD 12.0-STABLE before r350828, 12.0-RELEASE before 12.0-RELEASE-p10, 11.3-STABLE before r350829, 11.3-RELEASE before 11.3-RELEASE-p3, and 11.2-RELEASE before 11.2-RELEASE-p14, a missing check in the function to arrange data in a chain of mbufs could cause data returned not to be contiguou...