kernel security and bug fix update

4.18.0-147.8.11.OL8 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 4.18.0-147.8.11 - rebuild, due infrastructure issues last kernel build wasn'...

Product update: Virtuozzo 7.0 Update 12 (7.0.12-328)

The Update 12 for Virtuozzo 7.0 provides new features as well as stability and usability bug fixes. It also introduces a new kernel 3.10.0-1062.4.2.vz7.116.6. Vulnerability id: PSBM-96303 Unable to restore LUKS partition from backup if source image format is not specified. Vulnerability id:...

Linux kernel memory leak vulnerability (CNVD-2019-40151)

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A memory leak vulnerability exists in the komedawbconnectoradd function in...

DEBIAN-CVE-2019-18810

A memory leak in the komedawbconnectoradd function in drivers/gpu/drm/arm/display/komeda/komedawbconnector.c in the Linux kernel before 5.3.8 allows attackers to cause a denial of service memory consumption by triggering drmwritebackconnectorinit failures, aka CID-a0ecd6fdbf5d...

PT-2019-3982 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.3.8 Description: The issue is related to a memory leak in the komeda wb connector add function, which can cause a denial of service due to memory consumption. This can be triggered by failures in drm writeback...

kernel security and bug fix update

3.10.0-957.12.1.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-957.12.1 - kernel locking/rwsem: Fix possible missed wakeup Waiman Long 1690323...

Null pointer dereference

When an atomic commit is issued on a writeback panel with a NULL outputlayer parameter in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-06-03, a NULL pointer dereference may potentially occur...

Unbreakable Enterprise kernel security update

kernel-uek 3.8.13-118.20.1 - tty: Fix race in ptywrite leading to NULL deref Todd Vierling Orabug: 25392692 - ocfs2/dlm: ignore cleaning the migration mle that is inuse xuejiufei Orabug: 26479780 - KEYS: fix dereferencing NULL payload with nonzero length Eric Biggers Orabug: 26592025 - oracleasm:...

Microsoft Azure AD Connect Privilege Elevation Vulnerability (4033453)

This host is missing an important security update according to Microsoft Security Advisory 4033453 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

CVE-2017-8613

Azure AD Connect Password writeback, if misconfigured during enablement, allows an attacker to reset passwords and gain unauthorized access to arbitrary on-premises AD privileged user accounts aka "Azure AD Connect Elevation of Privilege Vulnerability."...

CVE-2017-8613

Azure AD Connect Password writeback, if misconfigured during enablement, allows an attacker to reset passwords and gain unauthorized access to arbitrary on-premises AD privileged user accounts aka "Azure AD Connect Elevation of Privilege Vulnerability."...

Privilege escalation

Azure AD Connect Password writeback, if misconfigured during enablement, allows an attacker to reset passwords and gain unauthorized access to arbitrary on-premises AD privileged user accounts aka "Azure AD Connect Elevation of Privilege Vulnerability."...

CVE-2017-8613

Azure AD Connect Password writeback, if misconfigured during enablement, allows an attacker to reset passwords and gain unauthorized access to arbitrary on-premises AD privileged user accounts aka "Azure AD Connect Elevation of Privilege Vulnerability."...

CVE-2017-8613

CVE-2017-8613 concerns Microsoft Azure AD Connect Password writeback. When the password writeback feature is misconfigured during enablement, an attacker could abuse the permission model to reset passwords and gain unauthorized access to arbitrary on‑premises AD privileged user accounts. The vuln...

Microsoft Security Advisory 4033453: Vulnerability in Azure AD Connect Could Allow Elevation of Privilege

The version of Azure Active Directory AD Connect installed on the remote Windows host is prior to 1.1.553.0, and the password writeback setting is enabled. It is, therefore, affected by an elevation of privilege vulnerability due to improper permissions being granted when enabling the password...

Microsoft Issues 'Important' Security Fix for Azure AD Connect

Microsoft is warning customers of a bug in its Azure Active Directory Connect product that could allow an adversary to escalate privileges and reset passwords and gain unauthorized access to user accounts. The advisory 4033453 was issued Tuesday via Microsoft’s TechNet website for the vulnerabili...

kernel: Null pointer dereference in trace_writeback_dirty_page()

A security flaw was found in the Linux kernel that an attempt to move page mapped by AIO ring buffer to the other node triggers NULL pointer dereference at tracewritebackdirtypage, because aiofsbackingdevinfo.dev is 0...

PT-2016-5354 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.4 Description: The issue is related to the trace writeback dirty page implementation in the Linux kernel, which improperly interacts with mm/migrate.c. This can be exploited by local users to cause a denial of...

CentOS 5 : kernel (CESA-2014:1143)

Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

Scientific Linux Security Update : kernel on SL5.x i386/x86_64 (20140903)

An out-of-bounds memory access flaw was found in the Linux kernel's system call auditing implementation. On a system with existing audit rules defined, a local, unprivileged user could use this flaw to leak kernel memory to user space or, potentially, crash the system. CVE-2014-3917, Moderate...