CVE-2018-1782

IBM GPFS IBM Spectrum Scale 5.0.1.0 and 5.0.1.1 allows a local, unprivileged user to cause a kernel panic on a node running GPFS by accessing a file that is stored on a GPFS file system with mmap, or by executing a crafted file stored on a GPFS file system. IBM X-Force ID: 148805...

Design/Logic Flaw

IBM GPFS IBM Spectrum Scale 5.0.1.0 and 5.0.1.1 allows a local, unprivileged user to cause a kernel panic on a node running GPFS by accessing a file that is stored on a GPFS file system with mmap, or by executing a crafted file stored on a GPFS file system. IBM X-Force ID: 148805...

CVE-2018-1782

CVE-2018-1782 affects IBM Spectrum Scale (GPFS) 5.0.1.0 and 5.0.1.1. A local, unprivileged user can trigger a kernel panic on a node running GPFS by either mmap-ing a file stored on a GPFS file system or by executing a crafted file stored on GPFS. IBM’s notices confirm the vulnerability is limite...

CVE-2018-1782

IBM GPFS IBM Spectrum Scale 5.0.1.0 and 5.0.1.1 allows a local, unprivileged user to cause a kernel panic on a node running GPFS by accessing a file that is stored on a GPFS file system with mmap, or by executing a crafted file stored on a GPFS file system. IBM X-Force ID: 148805...

CVE-2018-11299

In all android releases Android for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, when WLAN FW has not filled the vdev id correctly in stats events then WLAN host driver tries to access interface array without proper bound check which can lead to invalid memory access and ...

CVE-2018-11299

CVE-2018-11299 affects CAF WLAN host driver in Android/Linux kernel: when WLAN firmware does not fill the vdev id correctly in stats events, the driver may access an interface array without proper bounds checking, causing invalid memory access and potentially kernel panic or page fault. Connected...

EulerOS Virtualization 2.5.0 : kernel (EulerOS-SA-2018-1234)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function...

Security Bulletin: A vulnerability has been identified in IBM Spectrum Scale that could allow a local, unprivileged user to cause a kernel panic (CVE-2018-1782)

Summary IBM Spectrum Scale could allow a local, unprivileged user to cause a kernel panic on a node running GPFS by accessing a file that is stored on a GPFS file system with mmap, or by executing a crafted file stored on a GPFS file system. Vulnerability Details CVEID: CVE-2018-1782 DESCRIPTION:...

CVE-2018-17143

The html package aka x/net/html through 2018-09-17 in Go mishandles , leading to a "panic: runtime error" in inBodyIM in parse.go during an html.Parse call...

CVE-2018-17142

The html package aka x/net/html through 2018-09-17 in Go mishandles , leading to a "panic: runtime error" in parseCurrentToken in parse.go during an html.Parse call...

CVE-2018-17142

The html package aka x/net/html through 2018-09-17 in Go mishandles , leading to a "panic: runtime error" in parseCurrentToken in parse.go during an html.Parse call...

Watch Out! This New Web Exploit Can Crash and Restart Your iPhone

It's 2018, and just a few lines of code can crash and restart any iPhone or iPad and can cause a Mac computer to freeze. Sabri Haddouche, a security researcher at encrypted instant messaging app Wire, revealed a proof-of-concept PoC web page containing an exploit that uses only a few lines of...

PT-2018-13923 · Google · X/Net/Html

Name of the Vulnerable Software and Affected Versions: html package aka x/net/html through 2018-09-17 Description: The issue arises from the mishandling of specific HTML tags, such as , which can lead to a "panic: runtime error" in the inBodyIM function within parse.go during an html.Parse call...

PT-2018-13922 · Google · X/Net/Html

Name of the Vulnerable Software and Affected Versions: html package aka x/net/html through 2018-09-17 Description: The issue arises from the mishandling of specific HTML tags, such as , which can cause a "panic: runtime error" in the parseCurrentToken function within parse.go during an html.Parse...

CVE-2018-17075

The html package aka x/net/html before 2018-07-13 in Go mishandles "in frameset" insertion mode, leading to a "panic: runtime error" for html.Parse of , , or . This is related to HTMLTreeBuilder.cpp in WebKit...

CVE-2018-17075

The html package aka x/net/html before 2018-07-13 in Go mishandles "in frameset" insertion mode, leading to a "panic: runtime error" for html.Parse of , , or . This is related to HTMLTreeBuilder.cpp in WebKit...

SUSE SLES12 Security Update : kernel (SUSE-SU-2018:2358-1) (Foreshadow)

This update for the Linux Kernel 3.12.74-606496 fixes several issues. The following security issues were fixed : - CVE-2018-3646: Local attackers in virtualized guest systems could use speculative code patterns on hyperthreaded processors to read data present in the L1 Datacache used by other...

Security Bulletin: Vulnerabilities in IPv6 and MQ affect the IBM FlashSystem model V840

Summary There are vulnerabilities in the IPv6 and MQ components which affect the IBM FlashSystem™ V840. An exploit of these vulnerabilities CVE-2016-10142 and CVE-2017-11176 could make the system susceptible to attacks which could allow an attacker to trigger a kernel panic or denial of service...

Amazon Linux 2 : kernel (ALAS-2018-1051)

An issue was discovered in the XFS filesystem in fs/xfs/libxfs/xfsattrleaf.c in the Linux kernel. A NULL pointer dereference may occur for a corrupted xfs image after xfsdashrinkinode is called with a NULL bp. This can lead to a system crash and a denial of service.CVE-2018-13094 An issue was...

Amazon Linux AMI : kernel (ALAS-2018-1048)

An issue was discovered in the XFS filesystem in fs/xfs/libxfs/xfsattrleaf.c in the Linux kernel. A NULL pointer dereference may occur for a corrupted xfs image after xfsdashrinkinode is called with a NULL bp. This can lead to a system crash and a denial of service.CVE-2018-13094 An issue was...