SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2016:2912-1)

The SUSE Linux Enterprise 12 kernel was updated to 3.12.67 to receive various security and bugfixes. The following security bugs were fixed : - CVE-2016-7042: The prockeysshow function in security/keys/proc.c in the Linux kernel used an incorrect buffer size for certain timeout data, which allowe...

RedHat Update for kernel RHSA-2016:2766-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 7.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

NVIDIA Driver - Missing Bounds Check in Escape 0x70000d5 Exploit

Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=944 The DxgkDdiEscape handler for 0x70000d5 lacks bounds checks: ... if gsavedsize escape-size = gsavedsize; if unsigned intgsavedsize 0 do v5 = v2++; escape-datav5 = globalarrayv5...

CVE-2016-7910

Use-after-free vulnerability in the diskseqfstop function in block/genhd.c in the Linux kernel before 4.7.1 allows local users to gain privileges by leveraging the execution of a certain stop operation even if the corresponding start operation had failed...

NVIDIA Driver - No Bounds Checking in Escape 0x7000170 Exploit

Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=936 The DxgkDdiEscape handler for 0x7000170 lacks proper bounds checks for the variable size input escape data, and relies on a user provided size as the upper bound for writing...

NVIDIA Driver - Missing Bounds Check in Escape 0x70000d5

NVIDIA Driver - Missing Bounds Check in Escape 0x70000d5 Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=944 The DxgkDdiEscape handler for 0x70000d5 lacks bounds checks: ... if gsavedsize escape-size = gsavedsize; if unsigned intgsavedsize 0 do v5 = v2++; escape-datav5 =...

NVIDIA Driver - No Bounds Checking in Escape 0x7000170

NVIDIA Driver - No Bounds Checking in Escape 0x7000170 Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=936 The DxgkDdiEscape handler for 0x7000170 lacks proper bounds checks for the variable size input escape data, and relies on a user provided size as the upper bound for writin...

NVIDIA Driver - No Bounds Checking in Escape 0x7000170

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=936 The DxgkDdiEscape handler for 0x7000170 lacks proper bounds checks for the variable size input escape data, and relies on a user provided size as the upper bound for writing output. Crashing context with PoC Win 10 x64 with...

NVIDIA Driver - Missing Bounds Check in Escape 0x70000d5

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=944 The DxgkDdiEscape handler for 0x70000d5 lacks bounds checks: ... if gsavedsize escape-size = gsavedsize; if unsigned intgsavedsize 0 do v5 = v2++; escape-datav5 = globalarrayv5 + 77; while v2 size 0 do ii = i++; globalarrayii +...

SUSE-SU-2016:2637-1 Security update for Linux Kernel Live Patch 6 for SLE 12 SP1

This update for the Linux Kernel 3.12.59-6045 fixes several issues. The following security bugs were fixed: - CVE-2016-5195: A local privilege escalation using MAPPRIVATE was fixed, which is reportedly exploited in the wild bsc1004419. - CVE-2016-8666: The IP stack in the Linux kernel allowed...

SUSE-SU-2016:2634-1 Security update for Linux Kernel Live Patch 3 for SLE 12 SP1

This update for the Linux Kernel 3.12.53-6030 fixes several issues. The following security bugs were fixed: - CVE-2016-5195: A local privilege escalation using MAPPRIVATE was fixed, which is reportedly exploited in the wild bsc1004419. - CVE-2016-8666: The IP stack in the Linux kernel allowed...

SUSE-SU-2016:2631-1 Security update for Linux Kernel Live Patch 0 for SLE 12 SP1

This update for the Linux Kernel 3.12.49-11 fixes several issues. The following security bugs were fixed: - CVE-2016-5195: A local privilege escalation using MAPPRIVATE was fixed, which is reportedly exploited in the wild bsc1004419. - CVE-2016-8666: The IP stack in the Linux kernel allowed remot...

About the security content of tvOS 10.0.1

About the security content of tvOS 10.0.1 This document describes the security content of tvOS 10.0.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

Unbreakable Enterprise kernel security update

kernel-uek 3.8.13-118.13.3 - mm, gup: close FOLL MAPPRIVATE race Linus Torvalds Orabug: 24928591 CVE-2016-5195...

Unbreakable Enterprise kernel security update

kernel-uek 4.1.12-61.1.14 - net: add recursion limit to GRO Sabrina Dubroca Orabug: 24829133 CVE-2016-7039...

Unbreakable Enterprise kernel security and bugfix update

2.6.39-400.286.2 - HID: hiddev: validate numvalues for HIDIOCGUSAGES, HIDIOCSUSAGES commands Scott Bauer Orabug: 24798694 CVE-2016-5829 2.6.39-400.286.1 - Revert 'rds: skip rx/tx work when destroying connection' Brian Maly Orabug: 24790158 2.6.39-400.285.1 - netfilter: xtables: speed up jump targ...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

kernel security, bug fix, and enhancement update

3.10.0-327.36.1.OL7 - Oracle Linux certificates Alexey Petrenko 3.10.0-327.36.1 - x86 Use ptenone to test for empty PTE Larry Woodman 1363860 1347159 - x86 Disallow running with 32-bit PTEs to work around erratum Larry Woodman 1363860 1347159 - x86 Ignore A/D bits in pte/pmd/pudnone Alexander...

SUSE SLES12 Security Update : kernel (SUSE-SU-2016:1998-1)

This update for the Linux Kernel 3.12.60-5254 fixes several issues. The following security bugs were fixed : - CVE-2016-4470: The keyrejectandlink function in security/keys/key.c in the Linux kernel did not ensure that a certain data structure is initialized, which allowed local users to cause a...