EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1511)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A null pointer dereference in dccpwritexmit function in net/dccp/output.c in the Linux kernel allows a local user to cause a deni...

EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1475)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The skbflowdissect function in net/core/flowdissector.c in the Linux kernel through 3.12 allows remote attackers to cause a denia...

EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1497)

According to the version of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - A race condition in the storeintwithrestart function in arch/x86/kernel/cpu/mcheck/mce.c in the Linux kernel allows local...

CentOS 6 : kernel (CESA-2019:0717)

An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

openSUSE Security Update : the Linux Kernel (openSUSE-2019-769)

The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2018-14633: A security flaw was found in the chapservercomputemd5 function in the ISCSI target code in a way an authentication request from an ISCSI initiator is...

Panic after hackers take control of emergency tornado alarms in Texas

By Waqas On March 12th, at around 2:30 a.m., residents of two Texas towns panicked after hearing tornado alarm that went off until 4:00 a.m. They were disturbed because the alarms repeatedly went on and off for about one and a half hours, thanks to hackers - Finally, related authorities were able...

Stack overflow

An issue was discovered in sd-bus in systemd 239. busprocessobject in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An unprivileged local user can exploit this by sending a specially crafted message to...

CVE-2019-6454

An issue was discovered in sd-bus in systemd 239. busprocessobject in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An unprivileged local user can exploit this by sending a specially crafted message to...

Low: Red Hat Security Advisory: docker security and bug fix update

An update for docker is now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

Virtuozzo 7 : OVMF / anaconda / anaconda-core / anaconda-dracut / etc (VZA-2019-013)

According to the versions of the OVMF / anaconda / anaconda-core / anaconda-dracut / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - An integer overflow flaw was found in createelftables. An unprivileged local user with access...

Ubuntu 16.04 LTS / 18.04 LTS : systemd vulnerability (USN-3891-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3891-1 advisory. It was discovered that systemd incorrectly handled certain D-Bus messages. A local unprivileged attacker could exploit this in order to crash the init...

UBUNTU-CVE-2019-6454

An issue was discovered in sd-bus in systemd 239. busprocessobject in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An unprivileged local user can exploit this by sending a specially crafted message to...

openSUSE Security Update : the Linux Kernel (openSUSE-2019-203)

The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2019-3459,CVE-2019-3460: Two information leaks in the bluetooth stack were fixed. bnc1120758. - CVE-2019-7221: A use-after-free in the KVM nVMX hrtimer was fixed...

USN-3891-1: systemd vulnerability

It was discovered that systemd incorrectly handled certain D-Bus messages. A local unprivileged attacker could exploit this in order to crash the init process, resulting in a system denial-of-service kernel panic...

USN-3891-1 systemd vulnerability

It was discovered that systemd incorrectly handled certain D-Bus messages. A local unprivileged attacker could exploit this in order to crash the init process, resulting in a system denial-of-service kernel panic...

Important: systemd

Issue Overview: It was found that busprocessobject in bus-objects.c allocates a buffer on the stack large enough to temporarily store the object path specified in the incoming message. A malicious unprivileged local user to send a message which results in the stack pointer moving outside of the...

SUSE-SU-2019:0298-1 Security update for the Linux Kernel (Live Patch 0 for SLE 12 SP4)

This update for the Linux Kernel 4.12.14-9441 fixes one issue. The following security issue was fixed: - CVE-2018-16884: A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time could make bcsvcprocess use wrong back-channel I...

SUSE-SU-2019:0236-1 Security update for the Linux Kernel (Live Patch 0 for SLE 15)

This update for the Linux Kernel 4.12.14-23 fixes one issue. The following security issue was fixed: - CVE-2018-16884: A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time could make bcsvcprocess use wrong back-channel IDs...

CVE-2018-16880

A flaw was found in the Linux kernel's handlerx function in the vhostnet driver. A malicious virtual guest, under specific conditions, can trigger an out-of-bounds write in a kmalloc-8 slab on a virtual host which may lead to a kernel memory corruption and a system panic. Due to the nature of the...

Design/Logic Flaw

A flaw was found in the Linux kernel's handlerx function in the vhostnet driver. A malicious virtual guest, under specific conditions, can trigger an out-of-bounds write in a kmalloc-8 slab on a virtual host which may lead to a kernel memory corruption and a system panic. Due to the nature of the...