Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel regression (USN-4660-2)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-4660-2 advisory. USN-4660-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a regression in the software raid10 driver when used with...

The vulnerability of the sysctl hugetlbl utility in the Linux operating system allows a hacker to cause a service failure or increase privileges.

The vulnerability of the sysctl hugetlbl utility in the Linux operating system is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause service failures or elevate privileges...

SUSE SLES15 Security Update : kernel (SUSE-SU-2020:3513-1)

The SUSE Linux Enterprise 15 SP1 RT kernel was updated to receive various security and bug fixes. The following security bugs were fixed : CVE-2020-25705: A flaw in the way reply ICMP packets are limited in was found that allowed to quickly scan open UDP ports. This flaw allowed an off-path remot...

USN-4660-1 linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities

It was discovered that a race condition existed in the perf subsystem of the Linux kernel, leading to a use-after-free vulnerability. An attacker with access to the perf subsystem could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-14351 It was...

Linux: sysctl kernel.shmall

This parameter sets the total amount of shared memory pages that can be used system wide. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Linux: sysctl kernel.shmmax

This parameter defines the maximum size in bytes of a single shared memory segment that a Linux process can allocate in its virtual address space. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...

kernel: Null pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c

A flaw was found in the Linux kernel’s implementation of dropping sysctl entries. A local attacker who has access to load modules on the system can trigger a condition during module load failure and panic the system...

kernel: possibility of memory disclosure when reading the file /proc/sys/kernel/rh_features

A flaw memory disclosure flaw was found in the Linux kernel’s sysctl subsystem in reading the /proc/sys/kernel/rhfeatures file. This flaw allows a local user to read uninitialized values from the kernel memory. The highest threat from this vulnerability is to confidentiality...

kernel: Null pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c

A flaw was found in the Linux kernel’s implementation of dropping sysctl entries. A local attacker who has access to load modules on the system can trigger a condition during module load failure and panic the system...

Important: kernel

Issue Overview: An issue in the HID driver in the Linux kernel may lead to invalid memory access. CVE-2022-20565 In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in...

Remote Code Execution (RCE)

linux kernel is vulnerable to remote code execution RCE. The vulnerability exists through a race condition between hugetlb sysctl handlers in mm/hugetlb.c...

USN-4579-1: Linux kernel vulnerabilities

Hadar Manor discovered that the DCCP protocol implementation in the Linux kernel improperly handled socket reuse, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-16119 Wen Xu discover...

USN-4576-1: Linux kernel vulnerabilities

Hadar Manor discovered that the DCCP protocol implementation in the Linux kernel improperly handled socket reuse, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-16119 Jay Shin...

Ubuntu: Security Advisory (USN-4579-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-4579-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4579-1 advisory. Hadar Manor discovered that the DCCP protocol implementation in the Linux kernel improperly handled socket reuse, leading to a use-after-free...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2020-2176)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : kernel (EulerOS-SA-2020-2176)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the...

Unbreakable Enterprise kernel security update

4.1.12-124.43.4 - kvm: fix kvmioctlcreatedevice reference counting CVE-2019-6974 Jann Horn Orabug: 29434845 CVE-2019-6974 - KVM: nVMX: unconditionally cancel preemption timer in freenested CVE-2019-7221 Peter Shier Orabug: 29434898 CVE-2019-7221 - KVM: x86: work around leak of uninitialized stack...

Amazon Linux 2 : kernel (ALAS-2020-1495)

The version of kernel installed on the remote host is prior to 4.14.198-152.320. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1495 advisory. In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and...

A race condition between hugetlb sysctl handlers in mm/hugetlb.c in the Linux kernel before 5.8.8 could be used by local attackers to corrupt memory cause a NULL pointer dereference or possibly have unspecified other impact aka CID-17743798d812.

...