CVE-2019-3901

A race condition in perfeventopen allows local attackers to leak sensitive data from setuid programs. As no relevant locks in particular the credguardmutex are held during the ptracemayaccess call, it is possible for the specified target task to perform an execve syscall with setuid execution...

CVE-2019-3901

A race condition in perfeventopen allows local attackers to leak sensitive data from setuid programs. As no relevant locks in particular the credguardmutex are held during the ptracemayaccess call, it is possible for the specified target task to perform an execve syscall with setuid execution...

AZL-6521 CVE-2019-3887 affecting package kernel for versions less than 5.10.78.1-1

A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister MSR access with nested=1 virtualization enabled. In that, L1 guest could access L0's APIC register values via L2 guest, when 'virtualize x2APIC mode' is enabled. A guest could use this flaw to potentially crash t...

Design/Logic Flaw

A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister MSR access with nested=1 virtualization enabled. In that, L1 guest could access L0's APIC register values via L2 guest, when 'virtualize x2APIC mode' is enabled. A guest could use this flaw to potentially crash t...

DEBIAN-CVE-2018-20784

In the Linux kernel before 4.20.2, kernel/sched/fair.c mishandles leaf cfsrq's, which allows attackers to cause a denial of service infinite loop in updateblockedaverages or possibly have unspecified other impact by inducing a high load...

DEBIAN-CVE-2019-3819

A flaw was found in the Linux kernel in the function hiddebugeventsread in drivers/hid/hid-debug.c file which may enter an infinite loop with certain parameters passed from a userspace. A local privileged user "root" can cause a system lock up and a denial of service. Versions from v4.18 and newe...

CVE-2018-16882

A use-after-free issue was found in the way the Linux kernel's KVM hypervisor processed posted interrupts when nested=1 virtualization is enabled. In nestedgetvmcs12pages, in case of an error while processing posted interrupt address, it unmaps the 'pidescpage' without resetting 'pidesc' descript...

CVE-2018-18281

CVE-2018-18281 is a Linux kernel local vulnerability due to a race in mremap() where TLB flushes can occur too late, potentially allowing a process to access memory after it has been freed. The issue stems from moving page tables during mremap(), where stale TLB entries may remain until after the...

kernel: Integer overflow in drivers/gpu/drm/udl/udl_fb.c:udl_fb_mmap() can allow attackers to execute code in kernel space

A an integer overflow vulnerability was discovered in the Linux kernel, from version 3.4 through 4.15, in the drivers/gpu/drm/udl/udlfb.c:udlfbmmap function. An attacker with access to the udldrmfb driver could exploit this to obtain full read and write permissions on kernel physical pages,...

Exploit for Integer Overflow or Wraparound in Linux Linux_Kernel

cve-2018-14634 This is a exploit published for researchers di...

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2018-4234)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2018-4234 advisory. 2.6.39-400.301.2 - exec: Limit arg stack to at most 75% of STKLIM Kees Cook Orabug: 28710024 CVE-2018-14634 Tenable has extracted the preceding description...

CVE-2018-14634

An integer overflow flaw was found in the Linux kernel's createelftables function. An unprivileged local user with access to SUID or otherwise privileged binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable...

CVE-2018-14634

An integer overflow flaw was found in the Linux kernel's createelftables function. An unprivileged local user with access to SUID or otherwise privileged binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable...

UBUNTU-CVE-2018-14634

An integer overflow flaw was found in the Linux kernel's createelftables function. An unprivileged local user with access to SUID or otherwise privileged binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable...

Linux Kernel IP Fragment Reassembly Denial of Service Vulnerability Affecting Cisco Products: August 2018

On August 14, 2018, the Vulnerability Coordination team of the National Cyber Security Centre of Finland NCSC-FI and the CERT Coordination Center CERT/CC disclosed a vulnerability in the IP stack that is used by the Linux Kernel. This vulnerability is publicly known as FragmentSmack. The...

kernel: Race condition in sound system can lead to denial of service

In the Linux kernel versions 4.12, 3.10, 2.6, and possibly earlier, a race condition vulnerability exists in the sound system allowing for a potential deadlock and memory corruption due to use-after-free condition and thus denial of service. Due to the nature of the flaw, privilege escalation...

Linux netback driver OOB access in hash handling

ISSUE DESCRIPTION Linux's netback driver allows frontends to control mapping of requests to request queues. When processing a request to set or change this mapping, some input validation was missing or flawed. IMPACT A malicious or buggy frontend may cause the usually privileged backend to make o...

CVE-2018-2441

Under certain conditions the SAP Change and Transport System ABAP, SAP KERNEL 32 NUC, SAP KERNEL 32 Unicode, SAP KERNEL 64 NUC, SAP KERNEL 64 Unicode 7.21, 7.21EXT, 7.22 and 7.22EXT; SAP KERNEL 7.21, 7.22, 7.45, 7.49, 7.53 and 7.73, allows an attacker to transport information which would otherwis...

Linux kernel information disclosure vulnerability (CNVD-2018-10857)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A security vulnerability exists in the 'compatgettimex' function in the kernel/compat.c file in Linux kernel versions prior to 4.16.9. A local attacker can exploit thi...

SUSE SLES12 Security Update : qemu (SUSE-SU-2018:1363-1) (Spectre)

This update for qemu fixes several issues. This security issue was fixed : - CVE-2018-3639: Spectre v4 vulnerability mitigation support for KVM guests bsc1092885. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all pri...