88 matches found
SUSE CVE-2017-15299
The KEYS subsystem in the Linux kernel through 4.13.7 mishandles use of addkey for a key that already exists but is uninstantiated, which allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other impact via a crafted system call...
SUSE CVE-2017-15951
The KEYS subsystem in the Linux kernel before 4.13.10 does not correctly synchronize the actions of updating versus finding a key in the "negative" state to avoid a race condition, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system...
SUSE CVE-2017-17807
The KEYS subsystem in the Linux kernel before 4.14.6 omitted an access-control check when adding a key to the current task's "default request-key keyring" via the requestkey system call, allowing a local user to use a sequence of crafted system calls to add keys to a keyring with only Search...
NewStart CGSL MAIN 4.06 : kernel Multiple Vulnerabilities (NS-SA-2022-0075)
The remote NewStart CGSL host, running version MAIN 4.06, has kernel packages installed that are affected by multiple vulnerabilities: - The offset2lib patch as used by the Linux Kernel contains a vulnerability, if RLIMITSTACK is set to RLIMINFINITY and 1 Gigabyte of memory is allocated the maxim...
SUSE: Security Advisory (SUSE-SU-2018:0834-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2020-0041)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel packages installed that are affected by multiple vulnerabilities: - In the Linux kernel before 4.1.4, a buffer overflow occurs when checking userspace params in drivers/media/dvb-frontends/cx24116.c. The maximum size...
NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel-rt Multiple Vulnerabilities (NS-SA-2020-0043)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel-rt packages installed that are affected by multiple vulnerabilities: - In the Linux kernel before 4.1.4, a buffer overflow occurs when checking userspace params in drivers/media/dvb-frontends/cx24116.c. The maximum...
SUSE SLES12 Security Update : kernel (SUSE-SU-2019:1289-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
The SUSE Linux Enterprise 12 SP1 LTSS kernel was updated to receive various security and bugfixes. Four new speculative execution information leak issues have been identified in Intel CPUs. bsc1111331 CVE-2018-12126: Microarchitectural Store Buffer Data Sampling MSBDS CVE-2018-12127:...
EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1480)
According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the way the Linux kernel's futex subsystem handled the requeuing of certain Priority Inheritance PI futexes. ...
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4576)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4576 advisory. - alarmtimer: Prevent overflow for relative nanosleep Thomas Gleixner Orabug: 29269167 CVE-2018-13053 - KEYS: Don't permit requestkey to construct ...
Denial Of Service (DoS)
kernel-rt is vulnerable to denial of service DoS attacks. The vulnerability exists as the KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service BUG via crafted keyctl commands that negatively instantiate a key, related to...
Security Bulletin: Vulnerabilities in the Linux Kernel affect PowerKVM
Summary PowerKVM is affected by vulnerabilities in the Linux Kernel. IBM has now addressed these vulnerabilities. Vulnerability Details CVEID: CVE-2018-1066 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a NULL pointer dereference in the...
EulerOS Virtualization 2.5.0 : kernel (EulerOS-SA-2018-1232)
According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local...
Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2018-4110)
The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-4110 advisory. - media: imon: Fix null-ptr-deref in imonprobe Arvind Yadav Orabug: 27208383 CVE-2017-16537 - Input: gtco - fix potential out-of-bound access Dmitr...
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2018-4109)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-4109 advisory. - media: imon: Fix null-ptr-deref in imonprobe Arvind Yadav Orabug: 27208380 CVE-2017-16537 - Input: gtco - fix potential out-of-bound access Dmitr...
Virtuozzo 7 : readykernel-patch (VZA-2018-025)
According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - It was discovered that nfnlcthelperlist structure was accessible to any user with CAPNETADMIN capability in a networ...
Virtuozzo 7 : readykernel-patch (VZA-2018-024)
According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - It was discovered that nfnlcthelperlist structure was accessible to any user with CAPNETADMIN capability in a networ...
Debian DLA-1232-1 : linux security update (Meltdown)
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2017-5754 Multiple researchers have discovered a vulnerability in Intel processors, enabling an attacker controlling an unprivileged process to rea...
[SECURITY] [DLA 1232-1] linux security update
Package : linux Version : 3.2.96-3 CVE ID : CVE-2017-5754 CVE-2017-17558 CVE-2017-17741 CVE-2017-17805 CVE-2017-17806 CVE-2017-17807 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2017-5754...
kernel update provides 4.14 series and fixes security vulnerabilities
This kernel update provides an upgrade to the 4.14 longterm branch, currently based on 4.14.10. It also fixes at least the following security issues: An elevation of privilege vulnerability in the Broadcom wi-fi driver CVE-2017-0786. Use-after-free vulnerability in the sndpcminfo function in the...