SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2017:2041-1)

The SUSE Linux Enterprise 12 SP2 kernel was updated to 4.4.74 to receive the following security update : - CVE-2017-7533: Bug in inotify code allowed privilege escalation bnc1049483. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security...

Unbreakable Enterprise kernel security update

2.6.39-400.297.5 - selinux: quiet the filesystem labeling behavior message Paul Moore Orabug: 25721485 - RDS/IB: active bonding port state fix for intfs added late Mukesh Kacker Orabug: 25875426 - HID: hid-cypress: validate length of report Greg Kroah-Hartman Orabug: 25891914 CVE-2017-7273 - udf:...

Kernel security update: CVE-2017-11176 and other; Virtuozzo ReadyKernel patch 26.1 for Virtuozzo 7.0.x

The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to Virtuozzo kernels 3.10.0-327.18.2.vz7.15.2 Virtuozzo 7.0.0, 3.10.0-327.36.1.vz7.18.7 Virtuozzo 7.0.1, 3.10.0-327.36.1.vz7.20.18 Virtuozzo 7.0.3, 3.10.0-514.16.1.vz7.30.10 Virtuozzo 7.0.4...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

kernel security and bug fix update

3.10.0-514.26.1.0.1.el7.OL7 - ipc ipc/sem.c: bugfix for semctl,,GETZCNT Manfred Spraul orabug 22552377 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676...

kernel security and bug fix update

3.10.0-514.26.1.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-514.26.1 - mm enlarge stack guard gap Larry Woodman 1452732 1452733...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 6.6 Advanced Update Support and Red Hat Enterprise Linux 6.6 Telco Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base...

Analysis of the Shadow Brokers release and mitigation with Windows 10 virtualization-based security

On April 14, a group calling themselves the Shadow Brokers caught the attention of the security community by releasing a set of weaponized exploits. Shortly thereafter, one of these exploits was used to create wormable malware that we now know as WannaCrypt, which targeted a large number of...

Code injection

In all Android releases from CAF using the Linux kernel, there was an issue related to RPMB processing...

Important kernel security update: CVE-2017-7645 and other; Virtuozzo ReadyKernel patch 22.0 for Virtuozzo 7.0.0

The cumulative Virtuozzo ReadyKernel patch updated with security fixes. The patch applies to Virtuozzo kernel 3.10.0-327.18.2.vz7.15.2 Virtuozzo 7.0.0. Vulnerability id: CVE-2017-7645 The NFS2/3 RPC client could send long arguments to nfsd server. These encoded arguments are stored in an array of...

Kernel security update: CVE-2017-9077 and other; Virtuozzo ReadyKernel patch 22.0 for Virtuozzo 7.0.4

The cumulative Virtuozzo ReadyKernel patch updated with security fixes and a bug fix. The patch applies to Virtuozzo kernel 3.10.0-514.16.1.vz7.30.10 Virtuozzo 7.0.4. Vulnerability id: CVE-2017-9077 The tcpv6synrecvsock function in net/ipv6/tcpipv6.c in the Linux kernel mishandles inheritance,...

The vulnerability of the Qualcomm Wi-Fi driver for the Android operating system allows a hacker to execute arbitrary code.

The vulnerability of Qualcomm Wi-Fi driver in the Android operating system is related to deficiencies in access control. Exploiting this vulnerability allows a remote attacker to execute arbitrary malicious code within the kernel context. This issue is considered “high” because it requires...

Important kernel security update: CVE-2017-7645 and other; Virtuozzo ReadyKernel patch 21.0 for Virtuozzo 7.0.x

The cumulative Virtuozzo ReadyKernel patch updated with security fixes. The patch applies to Virtuozzo kernels 3.10.0-327.36.1.vz7.18.7 Virtuozzo 7.0.1, 3.10.0-327.36.1.vz7.20.18 Virtuozzo 7.0.3, and 3.10.0-514.16.1.vz7.30.10 Virtuozzo 7.0.4. Vulnerability id: CVE-2017-7645 The NFS2/3 RPC client...

SUSE-SU-2017:1284-1 Security update for Linux Kernel Live Patch 7 for SLE 12 SP1

This update for the Linux Kernel 3.12.62-6062 fixes several issues. The following security bugs were fixed: - CVE-2017-7308: The packetsetring function in net/packet/afpacket.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of...

SUSE-SU-2017:1289-1 Security update for Linux Kernel Live Patch 10 for SLE 12 SP1

This update for the Linux Kernel 3.12.67-606421 fixes several issues. The following security bugs were fixed: - CVE-2017-7308: The packetsetring function in net/packet/afpacket.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of...

SUSE-SU-2017:1280-1 Security update for Linux Kernel Live Patch 13 for SLE 12 SP1

This update for the Linux Kernel 3.12.69-606432 fixes several issues. The following security bugs were fixed: - CVE-2017-7308: The packetsetring function in net/packet/afpacket.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of...

SUSE-SU-2017:1279-1 Security update for Linux Kernel Live Patch 1 for SLE 12 SP2

This update for the Linux Kernel 4.4.21-81 fixes several issues. The following security bugs were fixed: - CVE-2017-7308: The packetsetring function in net/packet/afpacket.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of servi...

CVE-2017-0604

An elevation of privilege vulnerability in the kernel Qualcomm power driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require...

Kernel security update: CVE-2017-7645 and other; new kernel 2.6.32-042stab123.3 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0

This update provides a new kernel 2.6.32-042stab123.3 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0. The new kernel is based on the Red Hat Enterprise Linux 6.9 kernel 2.6.32-696.el6 and provides security fixes as well as stability bug fixes. Vulnerability id: CVE-2017-7895 The...

NVIDIA Windows GPU Display Driver Local Elevation of Privilege Vulnerability (CNVD-2017-07443)

NVIDIA Windows GPU Display Driver is a set of graphics processor GPU graphics card drivers for Windows from NVIDIA. A local elevation of privilege vulnerability exists in the kernel mode layer nvlddmkm.sys handler for DxgkDdiEscape in the NVIDIA Windows GPU Display Driver, which arises when the...