CVE-2010-2243

A vulnerability exists in kernel/time/clocksource.c in the Linux kernel before 2.6.34 where on non-GENERICTIME systems GENERICTIME=n, accessing /sys/devices/system/clocksource/clocksource0/currentclocksource results in an OOPS...

CVE-2010-2243

CVE-2010-2243 applies to the Linux kernel code path kernel/time/clocksource.c on non-GENERIC_TIME systems; triggering an OOPS when reading /sys/devices/system/clocksource/clocksource0/current_clocksource. The vulnerability is described for kernels before version 2.6.34. Connected sources confirm ...

CVE-2010-3849

The econetsendmsg function in net/econet/afeconet.c in the Linux kernel before 2.6.36.2, when an econet address is configured, allows local users to cause a denial of service NULL pointer dereference and OOPS via a sendmsg call that specifies a NULL value for the remote address field...

CentOS 6 : kernel (CESA-2019:2473)

An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20190813)

Security Fixes : - Kernel: page cache side channel attacks CVE-2019-5489 - kernel: Salsa20 encryption algorithm does not correctly handle zero-length inputs allowing local attackers to cause denial-of-service CVE-2017-17805 - kernel: Unprivileged users able to inspect kernel stacks of arbitrary...

kernel: dereferencing NULL payload with nonzero length

A flaw was found in the implementation of associative arrays where the addkey systemcall and KEYCTLUPDATE operations allowed for a NULL payload with a nonzero length. When accessing the payload within this length parameters value, an unprivileged user could trivially cause a NULL pointer...

kernel: use-after-free and OOPS in drivers/char/ipmi/ipmi_msghandler.c

A use-after-free and OOPs flaw was found in the Linux kernel's drivers/char/ipmi/ipmimsghandler.c code. By arranging certain simultaneous execution of the code accessing IPMI device files, an attacker can cause a denial of service DoS attack...

EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1534)

According to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - The atalkrecvmsg function in net/appletalk/ddp.c in the Linux kernel before 3.12.4 updates a certain length value...

Denial Of Service (DoS)

kernel-rt is vulnerable to denial of service. A local user is able to crash the process in a divide-by-zero error and kernel oops by reading TCP stats...

openSUSE Security Update : the Linux Kernel (openSUSE-2019-769)

The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2018-14633: A security flaw was found in the chapservercomputemd5 function in the ISCSI target code in a way an authentication request from an ISCSI initiator is...

openSUSE Security Update : xen (openSUSE-2019-1046) (Foreshadow)

This update for xen fixes the following issues : Update to Xen 4.10.2 bug fix release bsc1027519. Security vulnerabilities fixed : - CVE-2018-19961, CVE-2018-19962: Fixed an issue related to insufficient TLB flushing with AMD IOMMUs, which potentially allowed a guest to escalate its privileges, m...

Xiaomi perseus-p-oss MIX 3 integer overflow vulnerability

Xiaomi perseus-p-oss MIX 3 is a smartphone from Chinese company Xiaomi Technology Xiaomi. Xiaomi perseus-p-oss MIX 3 An integer overflow vulnerability exists in the sdeevtlogfilterwrite method of the drivers/gpu/drm/msm/sdedbg.c file in the Xiaomi perseus-p-oss MIX 3 on 2018-11-26 and earlier...

CVE-2019-9162

In the Linux kernel before 4.20.12, net/ipv4/netfilter/nfnatsnmpbasicmain.c in the SNMP NAT module has insufficient ASN.1 length checks aka an array index error, making out-of-bounds read and write operations possible, leading to an OOPS or local privilege escalation. This affects snmpversion and...

CVE-2019-9162

In the Linux kernel before 4.20.12, net/ipv4/netfilter/nfnatsnmpbasicmain.c in the SNMP NAT module has insufficient ASN.1 length checks aka an array index error, making out-of-bounds read and write operations possible, leading to an OOPS or local privilege escalation. This affects snmpversion and...

CVE-2019-9162

CVE-2019-9162 concerns the Linux kernel prior to 4.20.12, where the SNMP NAT module's net/ipv4/netfilter/nf_nat_snmp_basic_main.c contains insufficient ASN.1 length checks. This can trigger an out-of-bounds read/write (array index) leading to a kernel oops or local privilege escalation, specifica...

Integer overflow

The msm gpu driver for custom Linux kernels on the Xiaomi perseus-p-oss MIX 3 device through 2018-11-26 has an integer overflow and OOPS because of missing checks of the count argument in sdedebugfsconncmdtxwrite in drivers/gpu/drm/msm/sde/sdeconnector.c. This is exploitable for a device crash vi...

CVE-2018-20787

The ft5x46 touchscreen driver for custom Linux kernels on the Xiaomi perseus-p-oss MIX 3 device through 2018-11-26 has an integer overflow and OOPS because of missing checks of the size argument in tpdbgwrite in drivers/input/touchscreen/ft5x46/ft5x46ts.c. This is exploitable for a device crash v...

CVE-2019-9112

The CVE-2019-9112 vulnerability affects the MSM GPU driver for custom Linux kernels on the Xiaomi perseus-p-oss MIX 3 device (through 2018-11-26). It is caused by an integer overflow due to missing checks of the count argument in _sde_debugfs_conn_cmd_tx_write within drivers/gpu/drm/msm/sde/sde_c...

CVE-2019-9112

The msm gpu driver for custom Linux kernels on the Xiaomi perseus-p-oss MIX 3 device through 2018-11-26 has an integer overflow and OOPS because of missing checks of the count argument in sdedebugfsconncmdtxwrite in drivers/gpu/drm/msm/sde/sdeconnector.c. This is exploitable for a device crash vi...

CVE-2018-20787

Affected software: ft5x46 touchscreen driver used in custom Linux kernels on the Xiaomi perseus-p-oss MIX 3. The issue is an integer overflow in tpdbg_write within drivers/input/touchscreen/ft5x46/ft5x46_ts.c caused by missing checks on the size argument, leading to an OOPS. Impact is a potential...