SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2016:3208-1)

This update for xen fixes the following issues : - A Mishandling of SYSCALL singlestep during emulation which could have lead to privilege escalation. XSA-204, bsc1016340, CVE-2016-10013 - CMPXCHG8B emulation failed to ignore operand size override which could have lead to information disclosure...

CVE-2016-10025

VMFUNC emulation in Xen 4.6.x through 4.8.x on x86 systems using AMD virtualization extensions aka SVM allows local HVM guest OS users to cause a denial of service hypervisor crash by leveraging a missing NULL pointer check...

x86: missing NULL pointer check in VMFUNC emulation

ISSUE DESCRIPTION When support for the Intel VMX VMFUNC leaf 0 was added, a new optional function pointer hvmemulvmfunc was added to the hvmemulateops table. As is intended, that new function pointer is NULL on non-VMX hardware, including AMD SVM hardware. However at a call site, the necessary NU...

CVE-2016-5689

The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of NULL pointer checks...

SUSE-SU-2016:2506-1 Security update for freerdp

This update for freerdp fixes the following issues: - CVE-2013-4118: Added a NULL pointer check to fix a server crash bsc829013. - CVE-2014-0791: Integer overflow in the licensereadscopelist function in libfreerdp/core/license.c in FreeRDP allowed remote RDP servers to cause a denial of service...

Mageia: Security Advisory (MGASA-2016-0032)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2016-0033 Updated kernel packages fix security vulnerability

Perception Point Research Team found a reference leak in keyring in joinsessionkeyring that can be exploited to successfully escalate privileges from a local user to root CVE-2016-0728. Other fixes in this kernel update: - netfilter: nfnatredirect: add missing NULL pointer check...

RHEL 6 : kernel (RHSA-2015:0782)

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6.5 Extended Update Support. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which gi...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6.5 Extended Update Support. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which gi...

Oracle Linux 5 : gnutls (ELSA-2014-0594)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-0594 advisory. 1.4.1-16 - added missing check for null pointer 1102355 1.4.1-15 - fix session ID length check and null pointer dereference 1102355 - fix minitasn1...

Oracle Linux 5 : cups (ELSA-2009-1513)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2009-1513 advisory. - Include NULL pointer check in ObjectStream::getObject. Part of the fix for CVE-2009-3608 bug 526637. Tenable has extracted the preceding description...

SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 6437)

This patch updates the SUSE Linux Enterprise 10 SP2 kernel to fix various bugs and some security issues. The following security issues were fixed: CVE-2009-2692: A missing NULL pointer check in the socket sendpage function can be used by local attackers to gain root privileges. No cve yet A...

SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 6439)

This patch updates the SUSE Linux Enterprise 10 SP2 kernel to fix various bugs and some security issues. The following security issues were fixed: CVE-2009-2692: A missing NULL pointer check in the socket sendpage function can be used by local attackers to gain root privileges. No cve yet A...

CVE-2007-4197

icat in Brian Carrier The Sleuth Kit TSK before 2.09 omits NULL pointer checks in certain code paths, which allows user-assisted remote attackers to cause a denial of service NULL dereference and application crash and prevent examination of certain NTFS files via a malformed NTFS image...