SUSE-SU-2018:0241-1 Security update for the Linux Kernel (Live Patch 24 for SLE 12)

This update for the Linux Kernel 3.12.61-5283 fixes one issue. The following security issues were fixed: - CVE-2017-15868: The bnepaddconnection function in net/bluetooth/bnep/core.c did not ensure that an l2cap socket is available, which allowed local users to gain privileges via a crafted...

Unbreakable Enterprise kernel security update

4.1.12-112.14.13 - Revert 'kernel.spec: Require the new microcodectl.' Brian Maly 4.1.12-112.14.12 - xen-blkback: add pendingreq allocation stats Ankur Arora Orabug: 27386890 - xen-blkback: move indirect req allocation out-of-line Ankur Arora Orabug: 27386890 - xen-blkback: pull nseg validation o...

Security update for the Linux Kernel (important)

The openSUSE Leap 42.3 kernel was updated to 4.4.104 to receive various security and bugfixes. This update adds mitigations for various side channel attacks against modern CPUs that could disclose content of otherwise unreadable memory bnc1068032. - CVE-2017-5753 / "SpectreAttack": Local attacker...

Unbreakable Enterprise kernel security update

4.1.12-112.14.5 - x86/ibrs: Remove 'ibrsdump' and remove the prdebug Konrad Rzeszutek Wilk Orabug: 27350825 4.1.12-112.14.4 - kABI: Revert kABI: Make the bootcpudata look normal Konrad Rzeszutek Wilk CVE-2017-5715 4.1.12-112.14.3 - userns: prevent speculative execution Elena Reshetova Orabug:...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 6.5 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 6.4 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

(RHSA-2018:0011) Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions a commonly used performance optimization. There are three...

(RHSA-2018:0007) Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions a commonly used performance optimization. There are three...

SUSE-SU-2017:3323-1 Security update for the Linux Kernel (Live Patch 11 for SLE 12 SP1)

This update for the Linux Kernel 3.12.67-606424 fixes several issues. The following security issues were fixed: - CVE-2017-16939: The XFRM dump policy implementation in net/xfrm/xfrmuser.c allowed local users to gain privileges or cause a denial of service use-after-free via a crafted SORCVBUF...

SUSE-SU-2017:3287-1 Security update for the Linux Kernel (Live Patch 20 for SLE 12)

This update for the Linux Kernel 3.12.61-5269 fixes several issues. The following security issues were fixed: - CVE-2017-16939: The XFRM dump policy implementation in net/xfrm/xfrmuser.c allowed local users to gain privileges or cause a denial of service use-after-free via a crafted SORCVBUF...

SUSE-SU-2017:3308-1 Security update for the Linux Kernel (Live Patch 19 for SLE 12)

This update for the Linux Kernel 3.12.61-5266 fixes several issues. The following security issues were fixed: - CVE-2017-16939: The XFRM dump policy implementation in net/xfrm/xfrmuser.c allowed local users to gain privileges or cause a denial of service use-after-free via a crafted SORCVBUF...

SUSE-SU-2017:3304-1 Security update for the Linux Kernel (Live Patch 18 for SLE 12)

This update for the Linux Kernel 3.12.60-5263 fixes several issues. The following security issues were fixed: - CVE-2017-16939: The XFRM dump policy implementation in net/xfrm/xfrmuser.c allowed local users to gain privileges or cause a denial of service use-after-free via a crafted SORCVBUF...

SUSE-SU-2017:3285-1 Security update for the Linux Kernel (Live Patch 14 for SLE 12 SP2)

This update for the Linux Kernel 4.4.90-9245 fixes several issues. The following security issues were fixed: - CVE-2017-1000405: Problematic use of pmdmkdirty in the touchpmd function allowed users to overwrite read-only huge pages e.g. the zero huge page and sealed shmem files bsc1070307. -...

SUSE-SU-2017:3295-1 Security update for the Linux Kernel (Live Patch 12 for SLE 12 SP2)

This update for the Linux Kernel 4.4.74-9235 fixes several issues. The following security issues were fixed: - CVE-2017-1000405: Problematic use of pmdmkdirty in the touchpmd function allowed users to overwrite read-only huge pages e.g. the zero huge page and sealed shmem files bsc1070307. -...

SUSE-SU-2017:3288-1 Security update for the Linux Kernel (Live Patch 4 for SLE 12 SP2)

This update for the Linux Kernel 4.4.38-93 fixes several issues. The following security issues were fixed: - CVE-2017-16939: The XFRM dump policy implementation in net/xfrm/xfrmuser.c kernel allowed local users to gain privileges or cause a denial of service use-after-free via a crafted SORCVBUF...

Apple XNU Kernel - Memory Corruption due to Integer Overflow in __offsetof Usage in posix_spawn on 3

Exploit for macOS platform in category dos / poc is a pointer to a further arguments descriptor in userspace with the following structure on 32-bit: struct user32posixspawnargsdesc uint32t attrsize; / size of attributes block / uint32t attrp; / pointer to block / uint32t fileactionssize; / size o...

Unbreakable Enterprise kernel security update

kernel-uek 3.8.13-118.20.1 - tty: Fix race in ptywrite leading to NULL deref Todd Vierling Orabug: 25392692 - ocfs2/dlm: ignore cleaning the migration mle that is inuse xuejiufei Orabug: 26479780 - KEYS: fix dereferencing NULL payload with nonzero length Eric Biggers Orabug: 26592025 - oracleasm:...

SUSE-SU-2017:3146-1 Security update for the Linux Kernel (Live Patch 22 for SLE 12)

This update for the Linux Kernel 3.12.61-5277 fixes several issues. The following security issues were fixed: - CVE-2017-15649: net/packet/afpacket.c in the Linux kernel allowed local users to gain privileges via crafted system calls that trigger mishandling of packetfanout data structures, becau...

SUSE-SU-2017:3147-1 Security update for the Linux Kernel (Live Patch 11 for SLE 12 SP1)

This update for the Linux Kernel 3.12.67-606424 fixes several issues. The following security issues were fixed: - CVE-2017-15649: net/packet/afpacket.c in the Linux kernel allowed local users to gain privileges via crafted system calls that trigger mishandling of packetfanout data structures,...

SUSE-SU-2017:3158-1 Security update for the Linux Kernel (Live Patch 21 for SLE 12 SP1)

This update for the Linux Kernel 3.12.74-606460 fixes several issues. The following security issues were fixed: - CVE-2017-15649: net/packet/afpacket.c in the Linux kernel allowed local users to gain privileges via crafted system calls that trigger mishandling of packetfanout data structures,...