CVE-2014-4654

The sndctlelemadd function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not check authorization for SNDRVCTLIOCTLELEMREPLACE commands, which allows local users to remove kernel controls and cause a denial of service use-after-free and system...

Important: Red Hat Security Advisory: kernel security update

Updated kernel packages that fix two security issues are now available for Red Hat Enterprise Linux 5.6 Long Life. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

kernel security and bug fix update

2.6.32-431.20.3 - kernel futex: Make lookuppistate more robust Jerome Marchand 1104516 1104517 CVE-2014-3153 - kernel futex: Always cleanup owner tid in unlockpi Jerome Marchand 1104516 1104517 CVE-2014-3153 - kernel futex: Validate atomic acquisition in futexlockpiatomic Jerome Marchand 1104516...

openSUSE Security Update : kernel (openSUSE-SU-2011:0416-1)

The openSUSE 11.4 kernel was updated to 2.6.37.6 fixing lots of bugs and security issues. Following security issues have been fixed: CVE-2011-1493: In the rose networking stack, when parsing the FACNATIONALDIGIS facilities field, it was possible for a remote host to provide more digipeaters than...

Oracle Linux 5 : kernel (ELSA-2014-0740-1)

From Red Hat Security Advisory 2014:0740 : Updated kernel packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CV...

unbreakable enterprise kernel security update

2.6.39-400.215.2 - futex: Make lookuppistate more robust Thomas Gleixner Orabug: 18918614 CVE-2014-3153 - futex: Always cleanup owner tid in unlockpi Thomas Gleixner Orabug: 18918614 CVE-2014-3153 - futex: Validate atomic acquisition in futexlockpiatomic Thomas Gleixner Orabug: 18918614...

kernel security, bug fix, and enhancement update

kernel 2.6.18-371.8.1 - virt HID: memory corruption flaw drivers/usb/input/hid-core.c Jacob Tanenbaum 1032996 1032999 CVE-2013-2888 - virt HID: memory corruption flaw in drivers/hv/hid-core.c Jacob Tanenbaum 1032996 1032999 CVE-2013-2888 - scsi lpfc: Fix task management commands having a fixed...

Oracle Linux 5 : kernel (ELSA-2014-0285)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-0285 advisory. - ipc change refcount to atomict Phillip Lougher 1024866 1024868 CVE-2013-4483 - s390 qeth: buffer overflow in snmp ioctl Jacob Tanenbaum 1034402 10344...

Oracle Linux 5 : kernel (ELSA-2014-0285-1)

From Red Hat Security Advisory 2014:0285 : Updated kernel packages that fix multiple security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Important security impact. Common...

kernel to 3.11.10 (important)

The Linux Kernel was updated to version 3.11.10, fixing security issues and bugs: - floppy: bail out in open if drive is not responding to block0 read bnc773058. - compatsysrecvmmsg X32 fix bnc860993 CVE-2014-0038. - HID: usbhid: fix sis quirk bnc859804. - hwmon: coretemp Fix truncated name of...

Linux kernel 3.4+ Arbitrary write with CONFIG_X86_X32

Exploit for linux platform in category local exploits / Local root exploit for CVE-2014-0038. https://raw.github.com/saelo/cve-2014-0038/master/timeoutpwn.c Bug: The X86X32 recvmmsg syscall does not properly sanitize the timeout pointer passed from userspace. Exploit primitive: Pass a pointer to ...

CVE-2013-7281

The dgramrecvmsg function in net/ieee802154/dgram.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a 1 recvfrom, 2...

unbreakable enterprise kernel security update

kernel-uek 2.6.32-400.33.4uek - kernel/signal.c: stop info leak via the tkill and the tgkill syscalls Emese Revfy Orabug: 17951083 CVE-2013-2141 - ipoutput: do skb ufo init for peeked non ufo skb as well Jiri Pirko Orabug: 17951078 CVE-2013-4470 - KVM: x86: Fix potential divide by 0 in lapic...

kernel security, bug fix, and enhancement update

2.6.32-431.1.2 - x86 kvm: fix cross page vapicaddr access Paolo Bonzini 1032214 1032215 CVE-2013-6368 - x86 kvm: fix division by zero in apicgettmcct Paolo Bonzini 1032212 1032213 CVE-2013-6367 2.6.32-431.1.1 - netdrv mlx4en: Check device state when setting coalescing Amir Vadai 1032395 975908 -...

Unbreakable Enterprise Kernel security update

3.8.13-16.2.2.el6uek - HID: pantherlord: validate output report details Kees Cook Orabug: 17841973 CVE-2013-2892 - HID: zeroplus: validate output report details Kees Cook Orabug: 17841968 CVE-2013-2889 - HID: provide a helper for validating hid reports Kees Cook Orabug: 17841968 CVE-2013-2889 -...

Unbreakable Enterprise Kernel security update

2.6.39-400.211.2 - fs/compatioctl.c: VIDEOSETSPUPALETTE missing error check Kees Cook Orabug: 17842208 CVE-2013-1928 - Bluetooth: RFCOMM - Fix info leak via getsockname Mathias Krause Orabug: 17842129 CVE-2012-6545 - Bluetooth: RFCOMM - Fix info leak in ioctlRFCOMMGETDEVLIST Mathias Krause Orabug...

MGASA-2013-0343 Updated kernel-linus package fixes security vulnerabilites.

This kernel-linus update provides the upstream 3.4.69 kernel and fixes the following security issues: The ext4orphandel function in fs/ext4/namei.c in the Linux kernel before 3.7.3 does not properly handle orphan-list entries for non-journal filesystems, which allows physically proximate attacker...

MGASA-2013-0342 Updated kernel package fixes security vulnerabilites.

This kernel update provides the upstream 3.4.69 kernel and fixes the following security issues: The ext4orphandel function in fs/ext4/namei.c in the Linux kernel before 3.7.3 does not properly handle orphan-list entries for non-journal filesystems, which allows physically proximate attackers to...

Moderate: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

Updated kernel packages that fix two security issues, one bug, and add two enhancements are now available for Red Hat OpenStack 3.0. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detail...

CVE-2013-5174

Integer signedness error in the kernel in Apple Mac OS X before 10.9 allows local users to cause a denial of service system crash via a crafted tty read operation...