UBUNTU-CVE-2017-5551

The simplesetacl function in fs/posixacl.c in the Linux kernel before 4.9.6 preserves the setgid bit during a setxattr call involving a tmpfs filesystem, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions. NOT...

CVE-2017-5551

A vulnerability was found in the Linux kernel in 'tmpfs' file system. When file permissions are modified via 'chmod' and the user is not in the owning group or capable of CAPFSETID, the setgid bit is cleared in inodechangeok. Setting a POSIX ACL via 'setxattr' sets the file permissions as well as...

[SECURITY] Fedora 23 Update: xguest-1.0.10-33.fc23

Installing this package sets up the xguest user to be used as a temporary account to switch to or as a kiosk user account. The account is disabled un less SELinux is in enforcing mode. The user is only allowed to log in via graphi cal login program. The home and temporary directories of the user...

Oracle: Security Advisory (ELSA-2008-0885)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 6 : MRG (RHSA-2013:0829)

Updated kernel-rt packages that fix several security issues and multiple bugs are now available for Red Hat Enterprise MRG 2.3. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

openSUSE Security Update : inn (openSUSE-SU-2012:1171-1)

fix starttls command injection issue CVE-2012-3523, bnc776967 - handle /var/run on tmpfs. bnc778439 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-600. The text description of...

openSUSE Security Update : kernel (openSUSE-SU-2013:0824-1)

Linux kernel was updated to kernel 3.4.42 fixing various bugs and security issues. - Refresh patches.suse/SUSE-bootsplash. Fix bootsplash breakage due to stable fix bnc813963 - Linux 3.4.39. - kABI: protect struct tracer. - Linux 3.4.38 bnc808829,CVE-2013-0913. -...

openSUSE Security Update : kernel (openSUSE-SU-2013:0847-1)

The openSUSE 12.1 kernel was updated to fix a severe secrutiy issue and various bugs. Security issues fixed: CVE-2013-2094: The perfsweventinit function in kernel/events/core.c in the Linux kernel used an incorrect integer data type, which allowed local users to gain privileges via a crafted...

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2013-2523)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2013-2523 advisory. - block: default SCSI command filter does not accomodate commands overlap across device classes Jamie Iles Orabug: 16387137 CVE-2012-4542 - KVM: x86: Conver...

kernel: security and bugfix update (important)

The openSUSE 12.1 kernel was updated to fix a severe secrutiy issue and various bugs. Security issues fixed: CVE-2013-2094: The perfsweventinit function in kernel/events/core.c in the Linux kernel used an incorrect integer data type, which allowed local users to gain privileges via a crafted...

RHEL 6 : kernel (RHSA-2013:0882)

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6.2 Extended Update Support. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores...

Kernel: tmpfs: fix use-after-free of mempolicy object

Use-after-free vulnerability in the shmemremountfs function in mm/shmem.c in the Linux kernel before 3.7.10 allows local users to gain privileges or cause a denial of service system crash by remounting a tmpfs filesystem without specifying a required mpol aka mempolicy mount option...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6.2 Extended Update Support. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores...

Kernel: tmpfs: fix use-after-free of mempolicy object

Use-after-free vulnerability in the shmemremountfs function in mm/shmem.c in the Linux kernel before 3.7.10 allows local users to gain privileges or cause a denial of service system crash by remounting a tmpfs filesystem without specifying a required mpol aka mempolicy mount option...

Unbreakable Enterprise kernel security and bugfix update

2.6.39-400.23.1 - Parallel mtrr init between cpus Zhenzhong Duan Orabug: 16777774 - Merge tag 'v2.6.39-400.21.1.16748891' of git://ca-git.us.oracle.com/linux-uek-2.6.39-ofed into uek-2.6.39-400 Maxim Uvarov Orabug: 16748891 - xen-blkfront: use a different scatterlist for each request Roger Pau...

CentOS 6 : kernel (CESA-2013:0744)

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

kernel, perf, python security update

CentOS Errata and Security Advisory CESA-2013:0744 Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scorin...

Unbreakable Enterprise kernel Security update

2.6.39-400.21.2 - KVM: x86: Convert MSRKVMSYSTEMTIME to use gfntohvacache functions CVE-2013-1797 Andy Honig Orabug: 16711660 CVE-2013-1797 - Bluetooth: Fix incorrect strncpy in hidpsetuphid Anderson Lizardo Orabug: 16711065 CVE-2013-0349 - USB: ioti: Fix NULL dereference in chaseport Wolfgang...

RHEL 6 : kernel (RHSA-2013:0744)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2013:0744 advisory. Security: An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the Intel i915 driver in the Linux kernel...

Kernel: tmpfs: fix use-after-free of mempolicy object

Use-after-free vulnerability in the shmemremountfs function in mm/shmem.c in the Linux kernel before 3.7.10 allows local users to gain privileges or cause a denial of service system crash by remounting a tmpfs filesystem without specifying a required mpol aka mempolicy mount option...