4585 matches found
CVE-2018-5824
In CVE-2018-5824, Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android on CAF-based Linux kernels prior to the 2018-04-05 patch level are vulnerable to a buffer overflow when processing HTT_T2H_MSG_TYPE_RX_FLUSH or HTT_T2H_MSG_TYPE_RX_PN_IND messages if the firmware tid value is out of r...
Important kernel security update: CVE-2018-1068; Virtuozzo ReadyKernel patch 47.0 for Virtuozzo 7.0.1 to 7.0.6 HF3
The cumulative Virtuozzo ReadyKernel patch was updated with a security fix. The patch applies to all supported Virtuozzo 7.0 kernels except 3.10.0-693.17.1.vz7.43.10 7.0.7. Vulnerability id: CVE-2018-1068 It was discovered that the implementation of ebtables in the kernel did not properly validat...
Important kernel security update: CVE-2018-1068; Virtuozzo ReadyKernel patch 47.0 for Virtuozzo 7.0.7
The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to the Virtuozzo 7.0 kernel 3.10.0-693.17.1.vz7.43.10 7.0.7. Vulnerability id: CVE-2018-1068 It was discovered that the implementation of ebtables in the kernel did not properly validate th...
kernel security and bug fix update
2.6.32-696.23.1.OL6 - Update genkey bug 25599697 2.6.32-696.23.1 - scsi avoid a permanent stop of the scsi device's request queue Ewan Milne 1519857 1513455 - x86 retpoline/hyperv: Convert assembler indirect jumps Waiman Long 1543022 1535645 - x86 specctrl: Upgrade GCC retpoline warning to an err...
SUSE-SU-2018:0591-1 Security update for the Linux Kernel (Live Patch 15 for SLE 12 SP2)
This update for the Linux Kernel 4.4.90-9250 fixes several issues. The following security issue was fixed: - CVE-2017-18075: crypto/pcrypt.c in the Linux kernel mishandled freeing instances, allowing a local user able to access the AFALG-based AEAD interface CONFIGCRYPTOUSERAPIAEAD and pcrypt...
SUSE-SU-2018:0592-1 Security update for the Linux Kernel (Live Patch 4 for SLE 12 SP3)
This update for the Linux Kernel 4.4.90-612 fixes several issues. The following security issue was fixed: - CVE-2017-18075: crypto/pcrypt.c in the Linux kernel mishandled freeing instances, allowing a local user able to access the AFALG-based AEAD interface CONFIGCRYPTOUSERAPIAEAD and pcrypt...
SUSE-SU-2018:0596-1 Security update for the Linux Kernel (Live Patch 5 for SLE 12 SP3)
This update for the Linux Kernel 4.4.92-630 fixes several issues. The following security issue was fixed: - CVE-2017-18075: crypto/pcrypt.c in the Linux kernel mishandled freeing instances, allowing a local user able to access the AFALG-based AEAD interface CONFIGCRYPTOUSERAPIAEAD and pcrypt...
SUSE-SU-2018:0568-1 Security update for the Linux Kernel (Live Patch 5 for SLE 12 SP2)
This update for the Linux Kernel 4.4.49-9211 fixes one issue. The following security issue was fixed: - CVE-2017-18075: crypto/pcrypt.c in the Linux kernel mishandled freeing instances, allowing a local user able to access the AFALG-based AEAD interface CONFIGCRYPTOUSERAPIAEAD and pcrypt...
CVE-2017-18208
CVE-2017-18208 affects the Linux kernel prior to 4.14.4. The vulnerability lies in the MADVISE_WILLNEED handling in mm/madvise.c, where triggering MADVISE_WILLNEED for a DAX mapping allows a local attacker to cause a denial of service via an infinite loop. The issue is local in scope and is tied ...
CVE-2018-7273
In the Linux kernel through 4.15.4, the floppy driver reveals the addresses of kernel functions and global variables using printk calls within the function showfloppy in drivers/block/floppy.c. An attacker can read this information from dmesg and use the addresses to find the locations of kernel...
CVE-2018-7273
In the Linux kernel through 4.15.4, the floppy driver reveals the addresses of kernel functions and global variables using printk calls within the function showfloppy in drivers/block/floppy.c. An attacker can read this information from dmesg and use the addresses to find the locations of kernel...
CVE-2018-7169
An issue was discovered in shadow 4.5. newgidmap in shadow-utils is setuid and allows an unprivileged user to be placed in a user namespace where setgroups2 is permitted. This allows an attacker to remove themselves from a supplementary group, which may allow access to certain filesystem paths if...
SUSE-SU-2018:0345-1 Security update for the Linux Kernel (Live Patch 4 for SLE 12 SP3)
This update for the Linux Kernel 4.4.90-612 fixes several issues. The following security issues were fixed: - CVE-2017-17712: The rawsendmsg function had a race condition that lead to uninitialized stack pointer usage. This allowed a local user to execute code and gain privileges bsc1073230. -...
SUSE-SU-2018:0297-1 Security update for the Linux Kernel (Live Patch 5 for SLE 12 SP2)
This update for the Linux Kernel 4.4.49-9211 fixes several issues. The following security issues were fixed: - CVE-2017-17712: The rawsendmsg function had a race condition that lead to uninitialized stack pointer usage. This allowed a local user to execute code and gain privileges bsc1073230. -...
SUSE-SU-2018:0301-1 Security update for the Linux Kernel (Live Patch 17 for SLE 12 SP2)
This update for the Linux Kernel 4.4.103-9256 fixes one issue. The following security issue was fixed: - CVE-2017-17712: The rawsendmsg function had a race condition that lead to uninitialized stack pointer usage. This allowed a local user to execute code and gain privileges bsc1073230...
SUSE-SU-2018:0281-1 Security update for the Linux Kernel (Live Patch 14 for SLE 12 SP2)
This update for the Linux Kernel 4.4.90-9245 fixes several issues. The following security issues were fixed: - CVE-2017-17712: The rawsendmsg function had a race condition that lead to uninitialized stack pointer usage. This allowed a local user to execute code and gain privileges bsc1073230. -...
SUSE-SU-2018:0269-1 Security update for the Linux Kernel (Live Patch 8 for SLE 12 SP2)
This update for the Linux Kernel 4.4.59-9220 fixes several issues. The following security issues were fixed: - CVE-2017-17712: The rawsendmsg function had a race condition that lead to uninitialized stack pointer usage. This allowed a local user to execute code and gain privileges bsc1073230. -...
SUSE-SU-2018:0268-1 Security update for the Linux Kernel (Live Patch 18 for SLE 12 SP1)
This update for the Linux Kernel 3.12.74-606451 fixes several issues. The following security issues were fixed: - CVE-2017-15868: The bnepaddconnection function in net/bluetooth/bnep/core.c in did not ensure that an l2cap socket is available, which allowed local users to gain privileges via a...
SUSE-SU-2018:0275-1 Security update for the Linux Kernel (Live Patch 14 for SLE 12 SP1)
This update for the Linux Kernel 3.12.69-606435 fixes several issues. The following security issues were fixed: - CVE-2017-15868: The bnepaddconnection function in net/bluetooth/bnep/core.c in did not ensure that an l2cap socket is available, which allowed local users to gain privileges via a...
SUSE-SU-2018:0238-1 Security update for the Linux Kernel (Live Patch 16 for SLE 12 SP1)
This update for the Linux Kernel 3.12.74-606445 fixes several issues. The following security issues were fixed: - CVE-2017-15868: The bnepaddconnection function in net/bluetooth/bnep/core.c in did not ensure that an l2cap socket is available, which allowed local users to gain privileges via a...