1904 matches found
OracleVM 3.4 : Unbreakable / etc (OVMSA-2019-0018) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
The remote OracleVM system is missing necessary patches to address critical security updates : - x86/mds: Add empty commit for CVE-2019-11091 Konrad Rzeszutek Wilk Orabug: 29721935 CVE-2019-11091 - x86/microcode: Add loader version file in debugfs Boris Ostrovsky Orabug: 29754165 - x86/microcode:...
openSUSE Security Update : udisks2 (openSUSE-2019-834)
This update for udisks2 fixes the following issues : Following security issues was fixed : - CVE-2018-17336: A format string vulnerability in udiskslog bsc1109406 Following non-security issues were fixed : - strip trailing newline from sysfs raid level information bsc1091274 - Fix watcher error f...
PT-2019-5663 · Linux +4 · Linux Kernel +4
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.0.1 Description: The issue is related to a memory leak error in the register queue kobjects function, located in net/core/net-sysfs.c, which can cause a denial of service. This can be exploited by a remote...
Fedora 28 : 2:docker-latest (2019-723711c645)
Resolves: 1666565, 1667625 - CVE-2018-20699 - Resolves: 1663068, 1667626 - umount all procfs and sysfs with --no-pivot - built docker @projectatomic/docker-1.13.1 commit 1185cfd - built docker-runc @projectatomic/docker-1.13.1 commit e4ffe43 ---- Resolves: 1598581, 1598582 - CVE-2018-10892 Note...
Fedora 29 : 2:docker-latest (2019-f5b57646b7)
Resolves: 1666565, 1667625 - CVE-2018-20699 - Resolves: 1663068, 1667626 - umount all procfs and sysfs with --no-pivot - built docker @projectatomic/docker-1.13.1 commit 1185cfd - built docker-runc @projectatomic/docker-1.13.1 commit e4ffe43 Note that Tenable Network Security has extracted the...
Fedora 28 : 2:docker (2019-901feba171)
Resolves: 1666565, 1666566 - CVE-2018-20699 - Resolves: 1663068, 1667622 - umount all procfs and sysfs with --no-pivot - built docker @projectatomic/docker-1.13.1 commit 1185cfd - built docker-runc @projectatomic/docker-1.13.1 commit e4ffe43 Note that Tenable Network Security has extracted the...
Unbreakable Enterprise kernel security update
2.6.39-400.305.1 - ipv6: tcp: add rcu locking in tcpv6sendsynack Eric Dumazet Orabug: 25059185 CVE-2016-3841 - ipv6: add complete rcu protection around np-opt Eric Dumazet Orabug: 25059185 CVE-2016-3841 - scsi: qla2xxx: Fix an integer overflow in sysfs code Dan Carpenter Orabug: 28220492...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.29.1 - Copy secureboot flag in boot params across kexec reboot Dave Young Orabug: 22066352 CVE-2015-7837 - ipv6: tcp: add rcu locking in tcpv6sendsynack Eric Dumazet Orabug: 25059183 CVE-2016-3841 - ipv6: add complete rcu protection around np-opt Eric Dumazet Orabug: 2505918...
Unbreakable Enterprise kernel security update
4.14.35-1818.4.5 - x86/intel/spectrev2: Remove unnecessary retpcompiler test Boris Ostrovsky Orabug: 28814574 - x86/intel/spectrev4: Deprecate specstorebypassdisable=userspace Boris Ostrovsky Orabug: 28814574 - x86/speculation: x86specctrlset needs to be called unconditionally Boris Ostrovsky...
kernel: Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c
Memory leak in the sassmpgetphyevents function in drivers/scsi/libsas/sasexpander.c in the Linux kernel allows local users to cause a denial of service kernel memory exhaustion via multiple read accesses to files in the /sys/class/sasphy directory...
Security update for udisks2 (moderate)
This update for udisks2 fixes the following issues: Following security issues was fixed: - CVE-2018-17336: A format string vulnerability in udiskslog bsc1109406 Following non-security issues were fixed: - strip trailing newline from sysfs raid level information bsc1091274 - Fix watcher error for...
SUSE-SU-2018:3278-1 Security update for udisks2
This update for udisks2 fixes the following issues: Following security issues was fixed: - CVE-2018-17336: A format string vulnerability in udiskslog bsc1109406 Following non-security issues were fixed: - strip trailing newline from sysfs raid level information bsc1091274 - Fix watcher error for...
CVE-2018-5841
dcccurrlist is initialized with a default invalid value that is expected to be programmed by the user through a sysfs node which could lead to an invalid access in all Android releases from CAF Android for MSM, Firefox OS for MSM, QRD Android using the Linux Kernel...
CVE-2017-13307
A elevation of privilege vulnerability in the Upstream kernel pci sysfs. Product: Android. Versions: Android kernel. Android ID: A-69128924...
CVE-2017-13307
A elevation of privilege vulnerability in the Upstream kernel pci sysfs. Product: Android. Versions: Android kernel. Android ID: A-69128924...
Privilege escalation
A elevation of privilege vulnerability in the Upstream kernel pci sysfs. Product: Android. Versions: Android kernel. Android ID: A-69128924...
UBUNTU-CVE-2017-13307
A elevation of privilege vulnerability in the Upstream kernel pci sysfs. Product: Android. Versions: Android kernel. Android ID: A-69128924...
CVE-2017-13307
CVE-2017-13307 is an elevation of privilege in the Upstream kernel PCI sysfs exposed on Android devices. Affected: Android kernel components implementing pci sysfs. Root cause: unspecified in the provided details, described as a privilege-escalation vulnerability. Impact: elevation of privileges ...
CVE-2017-13307
A elevation of privilege vulnerability in the Upstream kernel pci sysfs. Product: Android. Versions: Android kernel. Android ID: A-69128924...
Race condition
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, due to a race condition in a firmware loading routine, a buffer overflow could potentially occur if multiple user space threads try to update the WLAN firmware file through sysfs...