Kernel security update: CVE-2017-5970 and other; Virtuozzo ReadyKernel patch 20.0 for Virtuozzo 7.0.x

The cumulative Virtuozzo ReadyKernel patch updated with security fixes. The patch applies to Virtuozzo kernels 3.10.0-327.18.2.vz7.15.2 Virtuozzo 7.0.0, 3.10.0-327.36.1.vz7.18.7 Virtuozzo 7.0.1, and 3.10.0-327.36.1.vz7.20.18 Virtuozzo 7.0.3. Vulnerability id: CVE-2017-5970 A vulnerability was fou...

Kernel security update: CVE-2017-7472; new kernel 2.6.32-042stab123.2, Virtuozzo 6.0 Update 12 Hotfix 8 (6.0.12-3765)

This update provides a new kernel 2.6.32-042stab123.2 for Virtuozzo 6.0. The new kernel is based on the Red Hat Enterprise Linux 6.9 kernel 2.6.32-696.el6 and provides a security fix and stability bug fixes. Vulnerability id: CVE-2017-7472 It was found that keyctlsetreqkeykeyring function leaked...

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

kernel security, bug fix, and enhancement update

3.10.0-514.16.1.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-514.16.1 - tty nhdlc: get rid of racy nhdlc.tbuf 'Herton R. Krzesinski' 1429919...

Kernel security update: Virtuozzo ReadyKernel patch 17.0 for kernels 3.10.0-327.18.2.vz7.15.2 (Virtuozzo 7.0.0), 3.10.0-327.36.1.vz7.18.7 (Virtuozzo 7.0.1), and 3.10.0-327.36.1.vz7.20.18 (Virtuozzo 7.0.3)

The cumulative Virtuozzo ReadyKernel patch updated with a security fix. The patch applies to Virtuozzo versions 7.0.0, 7.0.1, and 7.0.3. Vulnerability id: CVE-2017-7308 The packetsetring function in net/packet/afpacket.c in the Linux kernel through 4.10.6 does not properly validate certain...

Unbreakable Enterprise kernel security update

kernel-uek 3.8.13-118.17.4 - Revert 'fix minor infoleak in getuserex' Brian Maly Orabug: 25790392 CVE-2016-9644 3.8.13-118.17.3 - net: ping: check minimum size on ICMP header length Kees Cook Orabug: 25766911 CVE-2016-8399 3.8.13-118.17.2 - ipv6: stop sending PTB packets for MTU 1280 Hagen Paul...

SUSE-SU-2017:0869-1 Security update for Linux Kernel Live Patch 2 for SLE 12 SP2

This update for the Linux Kernel 4.4.21-84 fixes one issue. The following security bugs were fixed: - CVE-2017-7184: The XFRM processsing in the Linux kernel 16.10 allowed local users to obtain root privileges or cause a denial of service heap-based out-of-bounds access via an integer overflow, a...

Kernel security update: new kernel 2.6.32-042stab123.1 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0

This update provides a new kernel 2.6.32-042stab123.1 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0. The new kernel is based on the Red Hat Enterprise Linux 6.9 kernel 2.6.32-696.el6 and provides security fixes. Vulnerability id: CVE-2017-6214 A flaw was found in the Linux kernel'...

SUSE-SU-2017:0866-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 kernel was updated to fix the following security bugs: - CVE-2017-7184: The Linux kernel allowed local users to obtain root privileges or cause a denial of service heap-based out-of-bounds access via unspecified vectors, as demonstrated during a Pwn2Own competition at...

kernel security, bug fix, and enhancement update

2.6.32-696.OL6 - Update genkey bug 25599697 2.6.32-696 - net dccp: fix freeing skb too early for IPV6RECVPKTINFO Hannes Frederic Sowa 1424628 CVE-2017-6074 2.6.32-695 - block nvme: Dont poll device being removed David Milburn 1422521 2.6.32-694 - fs posixacl: Clear SGID bit when setting file...

Moderate: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

SUSE-SU-2017:0777-1 Security update for Linux Kernel Live Patch 1 for SLE 12 SP2

This update for the Linux Kernel 4.4.21-81 fixes several issues. The following security bug was fixed: - CVE-2017-5970: The ipv4pktinfoprepare function in net/ipv4/ipsockglue.c in the Linux kernel allowed attackers to cause a denial of service system crash via 1 an application that made crafted...

Important kernel security update: Virtuozzo ReadyKernel patch 14.0 for kernels 3.10.0-327.18.2.vz7.15.2 (Virtuozzo 7.0.0), 3.10.0-327.36.1.vz7.18.7 (Virtuozzo 7.0.1), and 3.10.0-327.36.1.vz7.20.18 (Virtuozzo 7.0.3)

The cumulative Virtuozzo ReadyKernel patch updated with security fixes. The patch applies to Virtuozzo versions 7.0.0, 7.0.1, and 7.0.3. Vulnerability id: CVE-2017-6074 A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol DCCP implementation freed SKB...

Android kernel security subsystem privilege vulnerability

Android on Pixel and Pixel XL is an open source Linux-based operating system for the Pixel and Pixel XL smartphones developed by Google and the Open Handset Alliance OHA. kernel security is a subsystem of the kernel security configuration. kernel security is a kernel security configuration...

CVE-2017-0528

An elevation of privilege vulnerability in the kernel security subsystem could enable a local malicious application to to execute code in the context of a privileged process. This issue is rated as High because it is a general bypass for a kernel level defense in depth or exploit mitigation...

CVE-2017-0528

An elevation of privilege vulnerability in the kernel security subsystem could enable a local malicious application to to execute code in the context of a privileged process. This issue is rated as High because it is a general bypass for a kernel level defense in depth or exploit mitigation...

CVE-2017-0457

An elevation of privilege vulnerability in the Qualcomm ADSPRPC driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions:...

Privilege escalation

An elevation of privilege vulnerability in the kernel security subsystem could enable a local malicious application to to execute code in the context of a privileged process. This issue is rated as High because it is a general bypass for a kernel level defense in depth or exploit mitigation...

CVE-2017-0335

CVE-2017-0335 affects the NVIDIA GPU driver on Android (Kernel-3.18) with a local elevation of privilege that could allow a malicious app to execute code in the kernel. Public details in the Android 2017-03-01/03-05 security bulletins indicate this vulnerability is addressed by patches delivered ...

kernel security, bug fix, and enhancement update

3.10.0-514.6.10.0.1.el7 - ipc ipc/sem.c: bugfix for semctl,,GETZCNT Manfred Spraul orabug 22552377 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676...