4287 matches found
SUSE SLED15 / SLES15 Security Update : qemu (SUSE-SU-2019:2246-1)
This update for qemu fixes the following issues : Security issues fixed : CVE-2019-14378: Security fix for heap overflow in ipreass on big packet input bsc1143794. CVE-2019-12155: Security fix for NULL pointer dereference while releasing spice resources bsc1135902. CVE-2019-13164: Security fix fo...
CVE-2019-14763
In the Linux kernel before 4.16.4, a double-locking error in drivers/usb/dwc3/gadget.c may potentially cause a deadlock with fhid...
CVE-2019-14763
In the Linux kernel before 4.16.4, a double-locking error in drivers/usb/dwc3/gadget.c may potentially cause a deadlock with fhid...
DEBIAN-CVE-2019-14763
In the Linux kernel before 4.16.4, a double-locking error in drivers/usb/dwc3/gadget.c may potentially cause a deadlock with fhid...
Double free
In the Linux kernel before 4.16.4, a double-locking error in drivers/usb/dwc3/gadget.c may potentially cause a deadlock with fhid...
CVE-2019-14763
CVE-2019-14763 affects the Linux kernel prior to 4.16.4, where a double-locking error in drivers/usb/dwc3/gadget.c may deadlock with f_hid. Exploitation context from connected Nessus advisories links CVE-2019-14763 to kernel fixes (4.16.4) and security advisories (e.g., USN/EulerOS entries). The ...
kernel: fix race condition between mmget_not_zero()/get_task_mm() and core dumping
A flaw was found in the Linux kernel where the coredump implementation does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs. This allows local users to obtain sensitive information, cause a denial of service DoS, or possibly have unspecified other impa...
CVE-2019-14763
In the Linux kernel before 4.16.4, a double-locking error in drivers/usb/dwc3/gadget.c may potentially cause a deadlock with fhid...
UBUNTU-CVE-2019-14763
In the Linux kernel before 4.16.4, a double-locking error in drivers/usb/dwc3/gadget.c may potentially cause a deadlock with fhid...
kernel: fix race condition between mmget_not_zero()/get_task_mm() and core dumping
A flaw was found in the Linux kernel where the coredump implementation does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs. This allows local users to obtain sensitive information, cause a denial of service DoS, or possibly have unspecified other impa...
Important: kernel
Issue Overview: An infinite loop issue was found in the vhostnet kernel module while handling incoming packets in handlerx. The infinite loop could occur if one end sends packets faster than the other end can process them. A guest user, maybe a remote one, could use this flaw to stall the vhostne...
CVE-2019-1010316
pyxtrlock 0.3 and earlier is affected by: Incorrect Access Control. The impact is: False locking impression when run in a non-X11 session. The fixed version is: 0.4...
CVE-2019-1010316
CVE-2019-1010316 affects pyxtrlock versions ≤ 0.3 and earlier. The issue is an Incorrect Access Control that yields a false locking impression when run in a non-X11 session. The fix is in version 0.4 . No exploitation details are provided in the connected documents.
CVE-2019-1010316
pyxtrlock 0.3 and earlier is affected by: Incorrect Access Control. The impact is: False locking impression when run in a non-X11 session. The fixed version is: 0.4...
libvirt security update
5.0.0-9.el7 - qemu: remove cpuhostmask and cpuguestmask from virCaps structure Wim ten Have Orabug: 29956508 5.0.0-8.el7 - api: disallow virDomainSaveImageGetXMLDesc on read-only connections Jan Tomko Orabug: 29955742 CVE-2019-10161 - domain: Define explicit flags for saved image xml Eric Blake...
CVE-2019-2119
In multiple functions of keystoreservice.cpp, there is a possible Information Disclosure due to improper locking. This could lead to local information disclosure of protected data with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android...
Information disclosure
In multiple functions of keystoreservice.cpp, there is a possible Information Disclosure due to improper locking. This could lead to local information disclosure of protected data with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android...
CVE-2019-2119
CVE-2019-2119 affects Android: multiple functions in key_store_service.cpp allow local information disclosure due to improper locking. Impact is disclosure of protected data with no extra privileges and no user interaction required. Affected versions (from discussed entries): Android 8.0, 8.1, an...
CVE-2019-2119
In multiple functions of keystoreservice.cpp, there is a possible Information Disclosure due to improper locking. This could lead to local information disclosure of protected data with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android...
CVE-2019-4234
IBM PureApplication System 2.2.3.0 through 2.2.5.3 weakness in the implementation of locking feature in pattern editor. An attacker by intercepting the subsequent requests can bypass business logic to modify the pattern to unlocked state. IBM X-Force ID: 159416...