CVE-2019-20054

A flaw was found in the Linux kernel’s implementation of dropping sysctl entries. A local attacker who has access to load modules on the system can trigger a condition during module load failure and panic the system...

CVE-2018-5333

In the Linux kernel through 4.14.13, the rdscmsgatomic function in 'net/rds/rdma.c' mishandles cases where page pinning fails or an invalid address is supplied by a user. This can lead to a NULL pointer dereference in rdsatomicfreeop and thus to a system panic...

Security Advisory - Integer Overflow Vulnerability in the Linux Kernel (SACK Panic)

An integer overflow vulnerability was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment SACK segments. A remote attacker could use this to cause a denial of service. Vulnerability ID: HWPSIRT-2019-06130 This vulnerability has been assigned a Common...

Security Bulletin: Multiple vulenerabilities CVE-2019-0205, CVE-2019-0210 in thrift package

Summary Multiple vulenerabilities CVE-2019-0205, CVE-2019-0210 in thrift package Vulnerability Details CVEID: CVE-2019-0205 DESCRIPTION: In Apache Thrift all versions up to and including 0.12.0, a server or client may run into an endless loop when feed with specific input data. Because the issue...

RancherOS < 1.5.3 Multiple Vulnerabilities (SACK Panic)

The remote host is running a version of RancherOS prior to v1.5.3, hence is exposed to multiple vulnerabilities: - Linux Kernel is prone to a remote integer-overflow vulnerability. An attacker can exploit this issue to cause denial-of-service conditions. CVE-2019-11477 - RancherOS is vulnerable t...

macOS 10.14.6 (18G87) - Kernel Use-After-Free due to Race Condition in wait_for_namespace_event()

macOS 10.14.6 18G87 - Kernel Use-After-Free due to Race Condition in waitfornamespaceevent The XNU function waitfornamespaceevent in bsd/vfs/vfssyscalls.c releases a file descriptor for use by userspace but may then subsequently destroy that file descriptor using fpfree, which unconditionally fre...

macOS 10.14.6 (18G87) - Kernel Use-After-Free due to Race Condition in wait_for_namespace_event()

The XNU function waitfornamespaceevent in bsd/vfs/vfssyscalls.c releases a file descriptor for use by userspace but may then subsequently destroy that file descriptor using fpfree, which unconditionally frees the fileproc and fileglob. This opens up a race window during which the process could...

Scientific Linux Security Update : kernel on SL7.x x86_64 (20191205)

Security Fixes : - Kernel: KVM: OOB memory access via mmio ring buffer CVE-2019-14821 - kernel: local attacker can trigger multiple use-after-free conditions results in privilege escalation CVE-2019-15239 Bug Fixes : - On SL 7.7 kernel SCSI VPD information for NVMe drives is missing breaks...

EulerOS 2.0 SP5 : golang (EulerOS-SA-2019-2529)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling.CVE-2019-16276 - Go before 1.12.11 and 1.3.x before 1.13.2 can panic upo...

Elastic Stack 7.5.0 security update

Metricbeat and Filebeat DSA public key panic ESA-2019-15 A denial of service flaw when parsing malformed DSA public keys was discovered in Go, the language used to implement Beats. If Metricbeat or Filebeat are configured to accept incoming TLS connections with client authentication enabled, a...

openSUSE Security Update : go1.12 (openSUSE-2019-2521)

This update for go1.12 fixes the following issues : Security issues fixed : - CVE-2019-16276: Fixed the handling of invalid HTTP headers, which had allowed request smuggling bsc1152082. - CVE-2019-17596: Fixed a panic in dsa.Verify caused by invalid public keys bsc1154402. Non-security issue fixe...

Security update for go1.12 (moderate)

openSUSE Security Update: Security update for go1.12 Announcement ID: openSUSE-SU-2019:2522-1 Rating: moderate References: 1141689 1152082 1154402 Cross-References: CVE-2019-16276 CVE-2019-17596 Affected Products: openSUSE Leap 15.1 An update that solves two vulnerabilities and has one errata is...

Security update for go1.12 (moderate)

openSUSE Security Update: Security update for go1.12 Announcement ID: openSUSE-SU-2019:2521-1 Rating: moderate References: 1141689 1152082 1154402 Cross-References: CVE-2019-16276 CVE-2019-17596 Affected Products: openSUSE Leap 15.0 An update that solves two vulnerabilities and has one errata is...

OPENSUSE-SU-2019:2522-1 Security update for go1.12

This update for go1.12 fixes the following issues: Security issues fixed: - CVE-2019-16276: Fixed the handling of invalid HTTP headers, which had allowed request smuggling bsc1152082. - CVE-2019-17596: Fixed a panic in dsa.Verify caused by invalid public keys bsc1154402. Non-security issue fixed:...

CVE-2019-18680

A flaw was found in the Linux kernel's implementation of RDS over TCP. A system that has the rdstcp kernel module that is loaded through an autoload via a local process running listen, or manual loading, could possibly cause a kernel panic. Mitigation While this is a network protocol being...

SUSE SLES12 Security Update : kernel (SUSE-SU-2019:2950-1) (SACK Panic)

The SUSE Linux Enterprise 12 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a race condition in the Instruction Fetch Unit of the Intel CPU to cause a Machine Exceptio...

SUSE-SU-2019:2940-1 Security update for go1.12

This update for go1.12 fixes the following issues: Security issues fixed: - CVE-2019-16276: Fixed the handling of invalid HTTP headers, which had allowed request smuggling bsc1152082. - CVE-2019-17596: Fixed a panic in dsa.Verify caused by invalid public keys bsc1154402. Non-security issue fixed:...

CVE-2018-1092

The Linux kernel is vulnerable to a NULL pointer dereference in the ext4/mballoc.c:ext4processfreeddata function. An attacker could trick a legitimate user or a privileged attacker could exploit this by mounting a crafted ext4 image to cause a kernel panic...

kernel: denial of service in arch/powerpc/kernel/signal_32.c and arch/powerpc/kernel/signal_64.c via sigreturn() system call

A flaw was found in the PowerPc platform, where the kernel will panic if the transactional memory is disabled. An attacker could use this flaw to panic the system by constructing a signal context through the transactional memory MSR bits set...

kernel: nfs: use-after-free in svc_process_common()

A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bcsvcprocess use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and ...