Ubuntu 14.04 LTS : Linux kernel (Wily HWE) vulnerability (USN-3035-3)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-3035-3 advisory. USN-3035-1 fixed vulnerabilities in the Linux kernel for Ubuntu 15.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel...

USN-3037-1 linux-lts-vivid vulnerability

Jan Stancek discovered that the Linux kernel's memory manager did not properly handle moving pages mapped by the asynchronous I/O AIO ring buffer to the other nodes. A local attacker could use this to cause a denial of service system crash...

USN-3036-1 linux-lts-utopic vulnerability

Jan Stancek discovered that the Linux kernel's memory manager did not properly handle moving pages mapped by the asynchronous I/O AIO ring buffer to the other nodes. A local attacker could use this to cause a denial of service system crash...

USN-3036-1: Linux kernel (Utopic HWE) vulnerability

Jan Stancek discovered that the Linux kernel's memory manager did not properly handle moving pages mapped by the asynchronous I/O AIO ring buffer to the other nodes. A local attacker could use this to cause a denial of service system crash...

USN-3035-3 linux-lts-wily vulnerability

USN-3035-1 fixed vulnerabilities in the Linux kernel for Ubuntu 15.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 15.10 for Ubuntu 14.04 LTS. Jan Stancek discovered that the Linux kernel's memory manager did not properly handle moving...

USN-3035-3: Linux kernel (Wily HWE) vulnerability

USN-3035-1 fixed vulnerabilities in the Linux kernel for Ubuntu 15.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 15.10 for Ubuntu 14.04 LTS. Jan Stancek discovered that the Linux kernel's memory manager did not properly handle moving...

USN-3035-2: Linux kernel (Raspberry Pi 2) vulnerability

Jan Stancek discovered that the Linux kernel's memory manager did not properly handle moving pages mapped by the asynchronous I/O AIO ring buffer to the other nodes. A local attacker could use this to cause a denial of service system crash...

CVE-2016-2841

The ne2000receive function in the NE2000 NIC emulation support hw/net/ne2000.c in QEMU before 2.5.1 allows local guest OS administrators to cause a denial of service infinite loop and QEMU process crash via crafted values for the PSTART and PSTOP registers, involving ring buffer control...

PT-2016-3144 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.6.1 Description: The issue is related to the ring buffer resize function in the kernel's profiling subsystem, which mishandles certain integer calculations. This can be exploited by local users to gain...

UBUNTU-CVE-2016-2841

The ne2000receive function in the NE2000 NIC emulation support hw/net/ne2000.c in QEMU before 2.5.1 allows local guest OS administrators to cause a denial of service infinite loop and QEMU process crash via crafted values for the PSTART and PSTOP registers, involving ring buffer control...

Fedora 23 : xen-4.5.1-9.fc23 (2015-28cfce6702)

ui/vnc: limit clientcuttext msg payload size CVE-2015-5239 1259504, e1000: Avoid infinite loop in processing transmit descriptor CVE-2015-6815 1260224, net: add checks to validate ring buffer pointers CVE-2015-5279 1263278, net: avoid infinite loop when receiving packets CVE-2015-5278 1263281, qe...

openSUSE Security Update : the Linux Kernel (openSUSE-2015-301)

The Linux kernel was updated to fix various bugs and security issues. Following security issues were fixed : - CVE-2014-8173: A NULL pointer dereference flaw was found in the way the Linux kernels madvise MADVWILLNEED functionality handled page table locking. A local, unprivileged user could have...

Security update for the Linux Kernel (important)

The Linux kernel was updated to fix various bugs and security issues. Following security issues were fixed: - CVE-2014-8173: A NULL pointer dereference flaw was found in the way the Linux kernels madvise MADVWILLNEED functionality handled page table locking. A local, unprivileged user could have...

CVE-2011-4080

The sysrqsysctlhandler function in kernel/sysctl.c in the Linux kernel before 2.6.39 does not require the CAPSYSADMIN capability to modify the dmesgrestrict value, which allows local users to bypass intended access restrictions and read the kernel ring buffer by leveraging root privileges, as...

kernel: sysctl: restrict write access to dmesg_restrict

The sysrqsysctlhandler function in kernel/sysctl.c in the Linux kernel before 2.6.39 does not require the CAPSYSADMIN capability to modify the dmesgrestrict value, which allows local users to bypass intended access restrictions and read the kernel ring buffer by leveraging root privileges, as...

PT-2012-1800 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.39 Description: The issue allows local users to bypass intended access restrictions and read the kernel ring buffer by leveraging root privileges. This can be demonstrated by a root user in a Linux Container...