SUSE SLED12 / SLES12 Security Update : dracut (SUSE-SU-2017:0951-1)

This update for dracut fixes the following issues: Security issues fixed : - CVE-2016-8637: When the early microcode loading was enabled during initrd creation, the initrd would be read-only available for all users, allowing local users to retrieve secrets stored in the initial ramdisk. bsc100834...

Multiple vulnerabilities in Linux kernels through 4.6.3

Of multiple vulnerabilities released affecting Linux kernels through 4.6.3, FortiOS was found vulnerable to the following two:...

Kernel security update: Virtuozzo ReadyKernel patch 17.0 for kernels 3.10.0-327.18.2.vz7.15.2 (Virtuozzo 7.0.0), 3.10.0-327.36.1.vz7.18.7 (Virtuozzo 7.0.1), and 3.10.0-327.36.1.vz7.20.18 (Virtuozzo 7.0.3)

The cumulative Virtuozzo ReadyKernel patch updated with a security fix. The patch applies to Virtuozzo versions 7.0.0, 7.0.1, and 7.0.3. Vulnerability id: CVE-2017-7308 The packetsetring function in net/packet/afpacket.c in the Linux kernel through 4.10.6 does not properly validate certain...

CVE-2017-5206

Firejail before 0.9.44.4, when running on a Linux kernel before 4.8, allows context-dependent attackers to bypass a seccomp-based sandbox protection mechanism via the --allow-debuggers argument...

CVE-2017-0521

An elevation of privilege vulnerability in the Qualcomm camera driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions:...

CVE-2017-0516

An elevation of privilege vulnerability in the Qualcomm input hardware driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions:...

Linux kernel elevation of privilege vulnerability

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A security vulnerability exists in the dccprcvstateprocess function in the net/dccp/input.c file in Linux kernel version 4.9.11 and earlier, due to the program failing to...

CVE-2017-0437

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions:...

CVE-2017-0443

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions:...

[SECURITY] Fedora 25 Update: dracut-044-78.fc25

dracut contains tools to create a bootable initramfs for 2.6 Linux kernels. Unlike existing implementations, dracut does hard-code as little as possible into the initramfs. dracut contains various modules which are driven by the event-based udev. Having root on MD, DM, LVM2, LUKS is supported as...

CVE-2016-7917

The nfnetlinkrcvbatch function in net/netfilter/nfnetlink.c in the Linux kernel before 4.5 does not check whether a batch message's length field is large enough, which allows local users to obtain sensitive information from kernel memory or cause a denial of service infinite loop or out-of-bounds...

DEBIAN-CVE-2016-5195

Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write COW feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."...

[SECURITY] Fedora 24 Update: dracut-044-21.fc24

dracut contains tools to create a bootable initramfs for 2.6 Linux kernels. Unlike existing implementations, dracut does hard-code as little as possible into the initramfs. dracut contains various modules which are driven by the event-based udev. Having root on MD, DM, LVM2, LUKS is supported as...

Google Releases Supplemental Patch for Dirty Cow Vulnerability

Google’s November Android Security Bulletin, released Monday, patched 15 critical vulnerabilities and addressed 85 CVEs overall. But conspicuously absent is a fix for the Linux race condition vulnerability known as Dirty Cow Copy-on-Write that also impacts Android. While Google didn’t issue an...

SUSE-SU-2016:2553-1 Security update for kdump

This update for kdump provides several fixes and enhancements: - Refresh kdumprd if /etc/hosts or /etc/nsswitch.conf is changed. bsc943214 - Add a separate systemd service to rebuild kdumprd at boot. bsc943214 - Improve network setup in the kdump environment by reading configuration from wicked b...

cedarrapids.kernels.milb.com XSS vulnerability

Vulnerable URL: http://cedarrapids.kernels.milb.com/index.jsp?sid=t492%22/%3E%3Cscript%3Ealert%27OPENBUGBOUNTY%27%3C/script%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknow...

CVE-2016-6162

net/core/skbuff.c in the Linux kernel 4.7-rc6 allows local users to cause a denial of service panic or possibly have unspecified other impact via certain IPv6 socket operations...

CVE-2014-9867

drivers/media/platform/msm/camerav2/isp/msmispaxiutil.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 2013 devices does not validate the number of streams, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28749629 and Qualcom...

CVE-2016-5400

Memory leak in the airspyprobe function in drivers/media/usb/airspy/airspy.c in the airspy USB driver in the Linux kernel before 4.7 allows local users to cause a denial of service memory consumption via a crafted USB device that emulates many VFLTYPESDR or VFLTYPESUBDEV devices and performs many...

Fast Browser Vulnerability

KChrome, derived from Google's open source project Chromium and compatible with IE, is a browser with dual kernels of Webkit and IE. Thanks to the high performance of Webkit, you will be faster when browsing the web in normal times. A design vulnerability exists in Crypto Browser that allows...