Integer Overflow

The kernel packages contain the Linux kernel, the core of any Linux operating system. A use-after-free flaw was found in the way the Linux kernel's key management subsystem handled keyring object reference counting in certain error path of the joinsessionkeyring function. A local, unprivileged us...

Important kernel security update: CVE-2018-10675 and other issues; new kernel 2.6.32-042stab131.1 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0

This update provides a new kernel 2.6.32-042stab131.1 for Virtuozzo Containers for Linux 4.7 and Server Bare Metal 5.0 that is a rebase to the Red Hat Enterprise Linux 6.10 kernel 2.6.32-754.el6. The new kernel introduces security and stability fixes. Vulnerability id: CVE-2018-10675 The...

Ubuntu: Security Advisory (USN-3507-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-3507-2: Linux kernel (GCP) vulnerabilities

Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink subsystem XFRM in the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-16939 It was discovered that the Linux kernel did not...

Ubuntu: Security Advisory (USN-3507-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 16.04 LTS : Linux kernel (GCP) vulnerabilities (USN-3507-2)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3507-2 advisory. Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink subsystem XFRM in the Linux kernel. A local attacker could use this...

USN-3507-1: Linux kernel vulnerabilities

Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink subsystem XFRM in the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-16939 It was discovered that the Linux kernel did not...

EulerOS 2.0 SP1 : kernel (EulerOS-SA-2017-1291)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in the key management subsystem of the Linux kernel. An update on an uninstantiated key could cause a kernel panic,...

Ubuntu: Security Advisory (USN-3485-3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS : Linux kernel (AWS) vulnerabilities (USN-3485-3)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3485-3 advisory. It was discovered that a race condition existed in the ALSA subsystem of the Linux kernel when creating and deleting a port via ioctl. A local attacker...

USN-3485-3: Linux kernel (AWS) vulnerabilities

It was discovered that a race condition existed in the ALSA subsystem of the Linux kernel when creating and deleting a port via ioctl. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-15265 Eric Biggers discovered that the key...

USN-3485-1: Linux kernel vulnerabilities

It was discovered that a race condition existed in the ALSA subsystem of the Linux kernel when creating and deleting a port via ioctl. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-15265 Eric Biggers discovered that the key...

Ubuntu 14.04 LTS : Linux kernel (Xenial HWE) vulnerabilities (USN-3485-2)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3485-2 advisory. USN-3485-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enableme...

Ubuntu 14.04 LTS : Linux kernel (Xenial HWE) vulnerabilities (USN-3469-2)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3469-2 advisory. USN-3469-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enableme...

Virtuozzo 7 : kernel / kernel-abi-whitelists / kernel-debug / etc (VZLSA-2017-0933)

An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

kernel: Null pointer dereference via keyctl

A flaw was found in the Linux kernel key management subsystem in which a local attacker could crash the kernel or corrupt the stack and additional memory denial of service by supplying a specially crafted RSA key. This flaw panics the machine during the verification of the RSA key...