1072 matches found
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3640)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3640 advisory. - selinux: fix off-by-one in setprocattr Stephen Smalley Orabug: 27001717 CVE-2017-2618 CVE-2017-2618 CVE-2017-2618 - sysctl: Drop reference added ...
Unbreakable Enterprise kernel security update
4.1.12-103.9.4 - thp: run vmaadjusttranshuge outside immaprwsem Kirill A. Shutemov Orabug: 27026180 4.1.12-103.9.3 - selinux: fix off-by-one in setprocattr Stephen Smalley Orabug: 27001717 CVE-2017-2618 CVE-2017-2618 CVE-2017-2618 - sysctl: Drop reference added by grabheader in procsysreaddir Zho...
CVE-2016-10089
A vulnerability was found in Nagios 4.2.4, and earlier, which allows local users to gain root privileges via a hard link attack on the Nagios init script file, related to CVE-2016-8641. Mitigation This flaw, and others like it, are mitigated by enabling hardlink and symlink protections. These...
Ubuntu: Security Advisory (USN-3422-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-3422-1)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3422-1 advisory. It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux kernel when handling L2CAP configuration responses. A physically...
USN-3422-2: Linux kernel (Trusty HWE) vulnerabilities
USN-3422-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux...
USN-3422-1: Linux kernel vulnerabilities
It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux kernel when handling L2CAP configuration responses. A physically proximate attacker could use this to cause a denial of service system crash. CVE-2017-1000251 It was discovered that the asynchronous I/O aio...
USN-3422-1 linux vulnerabilities
It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux kernel when handling L2CAP configuration responses. A physically proximate attacker could use this to cause a denial of service system crash. CVE-2017-1000251 It was discovered that the asynchronous I/O aio...
openstack-neutron: iptables not active after update
A race-condition flaw was discovered in openstack-neutron where, following a minor overcloud update, neutron security groups were disabled. Specifically, the following were reset to 0: net.bridge.bridge-nf-call-ip6tables and net.bridge.bridge-nf-call-iptables. The race was only triggered by an...
USN-3361-1: Linux kernel (HWE) vulnerabilities
USN-3358-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.04. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 17.04 for Ubuntu 16.04 LTS. Please note that this update changes the Linux HWE kernel to the 4.10 based kernel from Ubuntu...
USN-3361-1 linux-hwe vulnerabilities
USN-3358-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.04. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 17.04 for Ubuntu 16.04 LTS. Please note that this update changes the Linux HWE kernel to the 4.10 based kernel from Ubuntu...
openSUSE Security Update : lynis (openSUSE-2017-705)
This update for lynis fixes the following issues : Lynis 2.5.1 : - Improved detection of SSL certificate files - Minor changes to improve logging and results - Firewall tests: Determine if CSF is in testing mode The Update also includes changes from Lynis 2.5.0 : - CVE-2017-8108: symlink attack m...
PT-2022-5917 · Linux +10 · Linux Kernel +10
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a stack overflow flaw in the Linux kernel's SYSCTL subsystem, which occurs when a user changes certain kernel parameters and variables. This flaw can be exploit...
openSUSE Security Update : qemu (openSUSE-2017-349)
This update for qemu fixes several issues. These security issues were fixed : - CVE-2017-5898: The CCID Card device emulator support was vulnerable to an integer overflow flaw allowing a privileged user to crash the Qemu process on the host resulting in DoS bsc1023907. - CVE-2017-5857: The Virtio...
Null pointer dereference
OpenBSD 5.8 and 5.9 allows local users to cause a denial of service NULL pointer dereference and panic via a sysctl call with a path starting with 10,9...
CVE-2016-6350
OpenBSD 5.8 and 5.9 allows local users to cause a denial of service NULL pointer dereference and panic via a sysctl call with a path starting with 10,9...
CVE-2016-6350
OpenBSD 5.8 and 5.9 allows local users to cause a denial of service NULL pointer dereference and panic via a sysctl call with a path starting with 10,9...
CVE-2016-6350
OpenBSD 5.8 and 5.9 allows local users to cause a denial of service NULL pointer dereference and panic via a sysctl call with a path starting with 10,9...
USN-3208-2 linux-lts-xenial vulnerabilities
USN-3208-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that the generic SCSI block layer in the Linux kernel did not proper...
USN-3208-1 linux, linux-snapdragon vulnerabilities
It was discovered that the generic SCSI block layer in the Linux kernel did not properly restrict write operations in certain situations. A local attacker could use this to cause a denial of service system crash or possibly gain administrative privileges. CVE-2016-10088 CAI Qian discovered that t...