13 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-10902
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc double free in sndrawmidiinputparams and...
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1539)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
kernel: MIDI driver race condition leads to a double-free
It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc double free in sndrawmidiinputparams and sndrawmidioutputstatus which are part of sndrawmidiioctl handler in rawmidi.c file. A malicious local attacker could possibly use this f...
NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2019-0044)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel packages installed that are affected by multiple vulnerabilities: - A buffer overflow vulnerability due to a lack of input filtering of incoming fragmented datagrams was found in the IP-over-1394 driver firewire-net ...
Oracle Linux 6 : kernel (ELSA-2019-0415)
The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-0415 advisory. 2.6.32-754.11.1.OL6 - Update genkey bug 25599697 2.6.32-754.11.1 - x86 mm/fault: Allow stack access below rsp Waiman Long 1644401 - sound alsa: rawmidi: Change...
USN-3847-1 linux, linux-aws, linux-azure, linux-gcp, linux-kvm, linux-oem, linux-raspi2 vulnerabilities
It was discovered that a race condition existed in the raw MIDI driver for the Linux kernel, leading to a double free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2018-10902 It was discovered that an integer overr...
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2018-4300)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-4300 advisory. - udf: Check component length before reading it Jan Kara Orabug: 21193696 CVE-2014-9728 - udf: Verify isize when loading inode Shan Hai Orabug:...
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2018-4299)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-4299 advisory. - xfs: don't call xfsdashrinkinode with NULL bp Eric Sandeen Orabug: 28898616 CVE-2018-13094 - ALSA: rawmidi: Change resized buffers atomically...
SUSE SLES12 Security Update : kernel (SUSE-SU-2018:2860-1)
This update for the Linux Kernel 4.4.103-9256 fixes several issues. The following security issues were fixed : CVE-2018-5390: Prevent very expensive calls to tcpcollapseofoqueue and tcppruneofoqueue for every incoming TCP packet which can lead to a denial of service bsc1102682. CVE-2018-1000026:...
CVE-2018-10902
It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc double free in sndrawmidiinputparams and sndrawmidioutputstatus which are part of sndrawmidiioctl handler in rawmidi.c file. A malicious local attacker could possibly use this f...
DEBIAN-CVE-2018-10902
It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc double free in sndrawmidiinputparams and sndrawmidioutputstatus which are part of sndrawmidiioctl handler in rawmidi.c file. A malicious local attacker could possibly use this f...
CVE-2018-10902
It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc double free in sndrawmidiinputparams and sndrawmidioutputstatus which are part of sndrawmidiioctl handler in rawmidi.c file. A malicious local attacker could possibly use this f...
UBUNTU-CVE-2018-10902
It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc double free in sndrawmidiinputparams and sndrawmidioutputstatus which are part of sndrawmidiioctl handler in rawmidi.c file. A malicious local attacker could possibly use this f...