kernel: x86/fpu: Fix copy_xstate_to_uabi() to copy init states correctly

In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Fix copyxstatetouabi to copy init states correctly When an extended state component is not present in fpstate, but in init state, the function copies from initfpstate via copyfeature. But, dynamic states are not present ...

GSD-2021-1002469 proc/vmcore: fix clearing user buffer by properly using clear_user()

proc/vmcore: fix clearing user buffer by properly using clearuser This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.83 by commit...

GSD-2021-1002409 proc/vmcore: fix clearing user buffer by properly using clear_user()

proc/vmcore: fix clearing user buffer by properly using clearuser This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.219 by commit...

GSD-2021-1002387 proc/vmcore: fix clearing user buffer by properly using clear_user()

proc/vmcore: fix clearing user buffer by properly using clearuser This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.257 by commit...

GSD-2021-1002370 proc/vmcore: fix clearing user buffer by properly using clear_user()

proc/vmcore: fix clearing user buffer by properly using clearuser This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.292 by commit...

Input validation

Improper validation of kernel buffer address while copying information back to user buffer can lead to kernel memory information exposure to user space in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdrag...

UVI-2021-1001083 x86/fpu: Invalidate FPU state after a failed XRSTOR from a user buffer

x86/fpu: Invalidate FPU state after a failed XRSTOR from a user buffer This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.13 by commit...

MGASA-2021-0175 Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on upstream 5.10.27 and fixes at least the following security issues: The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This initialization went too far and may under certain...

Memory corruption

In Dekart Private Disk 2.15, invalid use of the Type3 user buffer for IOCTL codes using METHODNEITHER results in arbitrary memory dereferencing...

CVE-2021-27203

CVE-2021-27203 affects Dekart Private Disk 2.15, where invalid use of the Type3 user buffer for IOCTL codes using METHOD_NEITHER leads to arbitrary memory dereferencing. The description notes a memory corruption type vulnerability with local impact (attack vector likely local). The Connected docu...

kernel: v4l2: disabled memory access protection mechanism allowing privilege escalation

A bug in the 32-bit compatibility layer of the ioctl handling code of the v4l2 video driver in the Linux kernel has been found. A memory protection mechanism ensuring that user-provided buffers always point to a userspace memory were disabled, allowing destination address to be in a kernel space...

[SECURITY] [DSA 197-1] New sqwebmail packages fix local information exposure

-------------------------------------------------------------------------- Debian Security Advisory DSA 197-1 [email protected] http://www.debian.org/security/ Martin Schulze November 15th, 2002 http://www.debian.org/security/faq -...