CVE-2026-46182

A flaw was found in the Linux kernel, specifically within the pseries/papr-hvpipe module. This vulnerability could allow a local user to gain access to uninitialized kernel stack memory. The issue arises because certain padding bytes in a data structure are not cleared before being sent to...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google Inc. in the United States. Google Android suffers from a security vulnerability that stems from allowing uninitialized kernel memory to be returned to user space...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2020-5962)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5962 advisory. - drm/vmwgfx: Make sure backuphandle is always valid Sinclair Yeh Orabug: 31352076 CVE-2017-9605 - random32: move the pseudo-random 32-bit...

CVE-2019-19535

A flaw was found in the Linux kernel’s implementation of the Peak CANBUS USB device driver. An information leak caused by the device could allow a local attacker to possibly gain private information from uninitialized kernel memory...

CVE-2017-16994

The walkhugetlbrange function in 'mm/pagewalk.c' file in the Linux kernel from v4.0-rc1 through v4.15-rc1 mishandles holes in hugetlb ranges. This allows local users to obtain sensitive information from uninitialized kernel memory via crafted use of the mincore system call...

CVE-2017-16994

The walkhugetlbrange function in mm/pagewalk.c in the Linux kernel before 4.14.2 mishandles holes in hugetlb ranges, which allows local users to obtain sensitive information from uninitialized kernel memory via crafted use of the mincore system call...

CVE-2017-16994

The walkhugetlbrange function in mm/pagewalk.c in the Linux kernel before 4.14.2 mishandles holes in hugetlb ranges, which allows local users to obtain sensitive information from uninitialized kernel memory via crafted use of the mincore system call...

CVE-2017-9605

The vmwgbsurfacedefineioctl function accessible via DRMIOCTLVMWGBSURFACECREATE in drivers/gpu/drm/vmwgfx/vmwgfxsurface.c in the Linux kernel through 4.11.4 defines a backuphandle variable but does not give it an initial value. If one attempts to create a GB surface, with a previously allocated DM...

Buffer overflow

The vmwgbsurfacedefineioctl function accessible via DRMIOCTLVMWGBSURFACECREATE in drivers/gpu/drm/vmwgfx/vmwgfxsurface.c in the Linux kernel through 4.11.4 defines a backuphandle variable but does not give it an initial value. If one attempts to create a GB surface, with a previously allocated DM...

CVE-2017-9605

CVE-2017-9605 affects the Linux kernel (up to and including 4.11.4) via the vmw_gb_surface_define_ioctl path (DRM_IOCTL_VMW_GB_SURFACE_CREATE) in vmwgfx_surface.c. The defect is that backup_handle is defined but not initialized, so when creating a GB surface with a previously allocated DMA buffer...

CVE-2017-9605

The vmwgbsurfacedefineioctl function accessible via DRMIOCTLVMWGBSURFACECREATE in drivers/gpu/drm/vmwgfx/vmwgfxsurface.c in the Linux kernel through 4.11.4 defines a backuphandle variable but does not give it an initial value. If one attempts to create a GB surface, with a previously allocated DM...

OracleVM 2.2 : kernel (OVMSA-2009-0033)

The remote OracleVM system is missing necessary patches to address critical security updates : - security require root for mmapminaddr Eric Paris 518142 518143 CVE-2009-2695 - md prevent crash when accessing suspend sysfs attr Danny Feng 518135 518136 CVE-2009-2849 - nfs knfsd: fix NFSv4 OEXCL...

kernel security and bug fix update

2.6.9-89.0.15.0.1.EL - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug 6845794 - fix enomem due to larger mtu size page alloc Zach Brown orabug 5486128 - backout patch sysrq-b that queues upto keventd thread Guru Anbalagane orabug 6125546 - netrx/netpoll race...

DSA-1630-1 fai-kernels linux-2.6 user-mode-linux - several vulnerabilities

Bulletin has no description...