SUSE SLES15 Security Update : kernel (SUSE-SU-2021:0108-1)

The SUSE Linux Enterprise 15 SP2 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2020-36158: Fixed a potential remote code execution in the Marvell mwifiex driver bsc1180559. CVE-2020-27825: Fixed a race in the traceopen and buffer resi...

ASB-A-150693166

In auditfreelsmfield of auditfilter.c, there is a possible bad kfree due to a logic error in auditdatatoentry. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2020-10841

An issue was discovered on Samsung mobile devices with P9.0 and Q10.0 Exynos 9610 chipsets software. There is an arbitrary kfree in the vipx and vertex drivers. The Samsung ID is SVE-2019-16294 February 2020...

CVE-2020-10841

An issue was discovered on Samsung mobile devices with P9.0 and Q10.0 Exynos 9610 chipsets software. There is an arbitrary kfree in the vipx and vertex drivers. The Samsung ID is SVE-2019-16294 February 2020...

CVE-2020-10841

An issue was discovered on Samsung mobile devices with P9.0 and Q10.0 Exynos 9610 chipsets software. There is an arbitrary kfree in the vipx and vertex drivers. The Samsung ID is SVE-2019-16294 February 2020...

Null pointer dereference

The Goodix GT9xx touchscreen driver for custom Linux kernels on Xiaomi daisy-o-oss and daisy-p-oss as used in Mi A2 Lite and RedMi6 pro devices through 2018-08-27 has a NULL pointer dereference in kfree after a kmalloc failure in gtpreadColor in drivers/input/touchscreen/gt917d/gt9xx.c...

CVE-2018-19939

The Goodix GT9xx touchscreen driver for custom Linux kernels on Xiaomi daisy-o-oss and daisy-p-oss as used in Mi A2 Lite and RedMi6 pro devices through 2018-08-27 has a NULL pointer dereference in kfree after a kmalloc failure in gtpreadColor in drivers/input/touchscreen/gt917d/gt9xx.c...

CVE-2018-19939

The CVE-2018-19939 entry concerns the Goodix GT9xx touchscreen driver used in Xiaomi Mi A2 Lite and RedMi6 pro on custom Linux kernels up to 2018-08-27. Root cause: NULL pointer dereference in kfree following a kmalloc failure in gtp_read_Color within drivers/input/touchscreen/gt917d/gt9xx.c. Imp...

Unbreakable Enterprise kernel security and bugfix update

kernel-uek 3.8.13-118.13.2 - HID: hiddev: validate numvalues for HIDIOCGUSAGES, HIDIOCSUSAGES commands Scott Bauer Orabug: 24798695 CVE-2016-5829 3.8.13-118.13.1 - Revert 'rds: skip rx/tx work when destroying connection' Brian Maly Orabug: 24790116 3.8.13-118.12.1 - scsisysfs: protect against...

CVE-2014-3182

Array index error in the logidjrawevent function in drivers/hid/hid-logitech-dj.c in the Linux kernel before 3.16.2 allows physically proximate attackers to execute arbitrary code or cause a denial of service invalid kfree via a crafted device that provides a malformed REPORTTYPENOTIFDEVICEUNPAIR...

CVE-2014-1737

The rawcmdcopyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device...

CVE-2014-1737

CVE-2014-1737 affects the Linux kernel (through 3.14.3) and its floppy driver (drivers/block/floppy.c). The flaw is in raw_cmd_copyin not handling error conditions during processing of an FDRAWCMD ioctl, enabling local users with write access to /dev/fd to trigger kfree and potentially gain privi...

CVE-2014-1737

The rawcmdcopyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device...

Oracle Linux 5 : kernel (ELSA-2009-0264)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2009-0264 advisory. - security introduce missing kfree Jiri Pirko 480597 480598 CVE-2009-0031 - net sctp: overflow with bad stream ID in FWD-TSN chunk Eugene Teo 478804...

kernel: local denial of service in keyctl_join_session_keyring

Memory leak in the keyctljoinsessionkeyring function security/keys/keyctl.c in Linux kernel 2.6.29-rc2 and earlier allows local users to cause a denial of service kernel memory consumption via unknown vectors related to a "missing kfree."...

kernel security and bug fix update

2.6.9-78.0.17.0.1.EL - fix entropy flag in bnx2 driver to generate entropy pool John Sobecki orabug 5931647 - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug 6845794 - fix enomem due to larger mtu size page alloc Zach Brown orabug 5486128 - fix percpu api bugon wit...

kernel security update

2.6.18-128.1.1.0.1.el5 - NET Add entropy support to e1000 and bnx2 John Sobecki,Guru Anbalagane orabug 6045759 - MM shrink zone patch John Sobecki,Chris Mason orabug 6086839 - NET Add xen pv/bonding netconsole support Tina yang orabug 6993043 bz 7258 - nfs convert ENETUNREACH to ENOTCONN Guru...

kernel: local denial of service in keyctl_join_session_keyring

Memory leak in the keyctljoinsessionkeyring function security/keys/keyctl.c in Linux kernel 2.6.29-rc2 and earlier allows local users to cause a denial of service kernel memory consumption via unknown vectors related to a "missing kfree."...

CVE-2009-0031

Memory leak in the keyctljoinsessionkeyring function security/keys/keyctl.c in Linux kernel 2.6.29-rc2 and earlier allows local users to cause a denial of service kernel memory consumption via unknown vectors related to a "missing kfree."...