kernel: userfaultfd bypasses tmpfs file permissions

A flaw was found in the Linux kernel with files on tmpfs and hugetlbfs. An attacker is able to bypass file permissions on filesystems mounted with tmpfs/hugetlbs to modify a file and possibly disrupt normal system behavior. At this time there is an understanding there is no crash or privilege...

Moderate: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Kernel security update: Virtuozzo ReadyKernel patch 71.0 for Virtuozzo 7.0.6 to 7.0.8 HF1 and Virtuozzo Infrastructure Platform 2.5

The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to Virtuozzo kernels 3.10.0-693.1.1.vz7.37.30 Virtuozzo 7.0.6 to 3.10.0-862.11.6.vz7.64.7 Virtuozzo 7.0.8 HF1 and 3.10.0-862.20.2.vz7.73.24 Virtuozzo Infrastructure Platform 2.5...

OracleVM 3.4 : Unbreakable / etc (OVMSA-2019-0002)

The remote OracleVM system is missing necessary patches to address critical security updates : - rds: congestion updates can be missed when kernel low on memory Mukesh Kacker Orabug: 28425811 - net/rds: ib: Fix endless RNR Retries caused by memory allocation failures Venkat Venkatsubra Orabug:...

SUSE SLES12 Security Update : kernel (SUSE-SU-2019:0222-1) (Spectre)

The SUSE Linux Enterprise 12 SP4 kernel for Azure was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2018-19407: The vcpuscanioapic function in arch/x86/kvm/x86.c allowed local users to cause a denial of service NULL pointer dereference and BUG via...

bpftool, kernel, perf, python security update

CentOS Errata and Security Advisory CESA-2019:0163 An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Unbreakable Enterprise kernel security update

4.1.12-124.24.5 - rds: congestion updates can be missed when kernel low on memory Mukesh Kacker Orabug: 28425811 - net/rds: ib: Fix endless RNR Retries caused by memory allocation failures Venkat Venkatsubra Orabug: 28127993 - net: rds: fix excess initialization of the recv SGEs Zhu Yanjun Orabug...

RHEL 7 : kernel (RHSA-2019:0202)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:0202 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: userfaultfd bypasses tmpfs file...

RHEL 7 : kernel (RHSA-2019:0163)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:0163 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Use-after-free due to race...

Scientific Linux Security Update : kernel on SL7.x x86_64 (20190129)

Security Fixes : - kernel: Use-after-free due to race condition in AFPACKET implementation CVE-2018-18559 - kernel: userfaultfd bypasses tmpfs file permissions CVE-2018-18397 Bug Fixes : See the descriptions in the related Knowledge Article : C Tenable Network Security, Inc. The descriptive text ...

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

kernel: userfaultfd bypasses tmpfs file permissions

A flaw was found in the Linux kernel with files on tmpfs and hugetlbfs. An attacker is able to bypass file permissions on filesystems mounted with tmpfs/hugetlbs to modify a file and possibly disrupt normal system behavior. At this time there is an understanding there is no crash or privilege...

kernel security, bug fix, and enhancement update

3.10.0-957.5.1.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-957.5.1 - fs revert 'fs sunrpc: Ensure we always close the socket after a...

openSUSE Security Update : the Linux Kernel (openSUSE-2019-65)

The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2018-19407: The vcpuscanioapic function in arch/x86/kvm/x86.c allowed local users to cause a denial of service NULL pointer dereference and BUG via crafted system cal...

Security update for the Linux Kernel (important)

openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2019:0065-1 Rating: important References: 1024718 1046299 1050242 1050244 1051510 1055121 1055186 1058115 1060463 1065729 1078248 1079935 1082387 1083647 1086282 1086283 1086423 1087978 1088386 1090888...

Updated kernel packages fix security vulnerabilities

This kernel update is based on the upstream 4.14.89 and fixes at least the following security issues: Cross-hyperthread Spectre v2 mitigation is now provided by the Single Thread Indirect Branch Predictors STIBP support. Note that STIBP also requires the functionality be supported by the Intel...

Linux kernel userfaultfd tmpfs file permission bypass vulnerability

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A security vulnerability exists in the implementation of userfaultfd in versions of Linux kernel prior to 4.19.7, which stems from a program's failure to properly hand...

Linux - userfaultfd Bypasses tmpfs File Permissions

Linux - userfaultfd Bypasses tmpfs File Permissions Using the userfaultfd API, it is possible to first register a userfaultfd region for any VMA that fulfills vmacanuserfault: It must be an anonymous VMA -vmops==NULL, a hugetlb VMA VMHUGETLB, or a shmem VMA -vmops==shmemvmops. This means that it...

Linux - userfaultfd Bypasses tmpfs File Permissions Exploit

Using the userfaultfd API, it is possible to first register a userfaultfd region for any VMA that fulfills vmacanuserfault: It must be an anonymous VMA -vmops==NULL, a hugetlb VMA VMHUGETLB, or a shmem VMA -vmops==shmemvmops. This means that it is, for example, possible to register userfaulfd...

Linux - 'userfaultfd' Bypasses tmpfs File Permissions

Using the userfaultfd API, it is possible to first register a userfaultfd region for any VMA that fulfills vmacanuserfault: It must be an anonymous VMA -vmops==NULL, a hugetlb VMA VMHUGETLB, or a shmem VMA -vmops==shmemvmops. This means that it is, for example, possible to register userfaulfd...