USN-2445-1: Linux kernel (Trusty HWE) vulnerabilities

Andy Lutomirski discovered that the Linux kernel does not properly handle faults associated with the Stack Segment SS register in the x86 architecture. A local attacker could exploit this flaw to gain administrative privileges. CVE-2014-9322 An information leak in the Linux kernel was discovered...

USN-2444-1: Linux kernel (OMAP4) vulnerabilities

Rabin Vincent, Robert Swiecki, Russell King discovered that the ftrace subsystem of the Linux kernel does not properly handle private syscall numbers. A local user could exploit this flaw to cause a denial of service OOPS. CVE-2014-7826 Rabin Vincent, Robert Swiecki, Russell Kinglaw discovered a...

OracleVM 2.1 : kernel (OVMSA-2009-0009)

The remote OracleVM system is missing necessary patches to address critical security updates : CVE-2008-4307 Race condition in the dosetlk function in fs/nfs/file.c in the Linux kernel before 2.6.26 allows local users to cause a denial of service crash via vectors resulting in an interrupted RPC...

USN-2420-1: Linux kernel vulnerabilities

A flaw was discovered in how the Linux kernel's KVM Kernel Virtual Machine subsystem handles the CR4 control register at VM entry on Intel processors. A local host OS user can exploit this to cause a denial of service kill arbitrary processes, or system disruption by leveraging /dev/kvm access...

USN-2419-1: Linux kernel (Trusty HWE) vulnerabilities

A flaw was discovered in how the Linux kernel's KVM Kernel Virtual Machine subsystem handles the CR4 control register at VM entry on Intel processors. A local host OS user can exploit this to cause a denial of service kill arbitrary processes, or system disruption by leveraging /dev/kvm access...

USN-2416-1: Linux kernel (EC2) vulnerabilities

Don Bailey discovered a flaw in the LZO decompress algorithm used by the Linux kernel. An attacker could exploit this flaw to cause a denial of service memory corruption or OOPS. CVE-2014-4608 Andy Lutomirski discovered that the Linux kernel was not checking the CAPSYSADMIN when remounting...

USN-2415-1: Linux kernel vulnerability

Don Bailey discovered a flaw in the LZO decompress algorithm used by the Linux kernel. An attacker could exploit this flaw to cause a denial of service memory corruption or OOPS. CVE-2014-4608 Andy Lutomirski discovered that the Linux kernel was not checking the CAPSYSADMIN when remounting...

Ubuntu 14.10 : linux vulnerabilities (USN-2421-1)

A flaw was discovered in how the Linux kernel's KVM Kernel Virtual Machine subsystem handles the CR4 control register at VM entry on Intel processors. A local host OS user can exploit this to cause a denial of service kill arbitrary processes, or system disruption by leveraging /dev/kvm access...

Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2419-1)

A flaw was discovered in how the Linux kernel's KVM Kernel Virtual Machine subsystem handles the CR4 control register at VM entry on Intel processors. A local host OS user can exploit this to cause a denial of service kill arbitrary processes, or system disruption by leveraging /dev/kvm access...

Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-2420-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2420-1 advisory. A flaw was discovered in how the Linux kernel's KVM Kernel Virtual Machine subsystem handles the CR4 control register at VM entry on Intel processors. A...

Ubuntu 12.04 LTS : linux vulnerabilities (USN-2417-1)

Nadav Amit reported that the KVM Kernel Virtual Machine mishandles noncanonical addresses when emulating instructions that change the rip Instruction Pointer. A guest user with access to I/O or the MMIO can use this flaw to cause a denial of service system crash of the guest. CVE-2014-3647 A flaw...

Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-2416-1)

Don Bailey discovered a flaw in the LZO decompress algorithm used by the Linux kernel. An attacker could exploit this flaw to cause a denial of service memory corruption or OOPS. CVE-2014-4608 Andy Lutomirski discovered that the Linux kernel was not checking the CAPSYSADMIN when remounting...

Oracle Linux 6 : kernel (ELSA-2014-1392)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-1392 advisory. - kernel futex: Fix errors in nested key ref-counting Denys Vlasenko 1094458 CVE-2014-0205 Tenable has extracted the preceding description block direct...

CVE-2014-7283

The xfsda3fixhashpath function in fs/xfs/xfsdabtree.c in the xfs implementation in the Linux kernel before 3.14.2 does not properly compare btree hash values, which allows local users to cause a denial of service filesystem corruption, and OOPS or panic via operations on directories that have has...

CVE-2014-7283

The xfsda3fixhashpath function in fs/xfs/xfsdabtree.c in the xfs implementation in the Linux kernel before 3.14.2 does not properly compare btree hash values, which allows local users to cause a denial of service filesystem corruption, and OOPS or panic via operations on directories that have has...

USN-2359-1: Linux kernel vulnerabilities

Jack Morgenstein reported a flaw in the page handling of the KVM Kerenl Virtual Machine subsystem in the Linux kernel. A guest OS user could exploit this flaw to cause a denial of service host OS memory corruption or possibly have other unspecified impact on the host OS. CVE-2014-3601 Jason...

RHEL 5 : kernel (RHSA-2014:1143)

Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

RedHat Update for kernel RHSA-2014:1143-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-2333-1)

A bug was discovered in the handling of pathname components when used with an autofs direct mount. A local user could exploit this flaw to cause a denial of service system crash via an open system call. CVE-2014-0203 Toralf Forster reported an error in the Linux kernels syscall auditing on 32 bit...

USN-2333-1: Linux kernel (EC2) vulnerabilities

A bug was discovered in the handling of pathname components when used with an autofs direct mount. A local user could exploit this flaw to cause a denial of service system crash via an open system call. CVE-2014-0203 Toralf Förster reported an error in the Linux kernels syscall auditing on 32 bit...