Red Hat Security Advisory 2017-2801-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable, the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID PIE binary could use this flaw to escalate their privileges on the system.
ba1c030ec21e814f6a1cd612c57efcdf9cf2e048e865ea5156413a3da7884c5f
Red Hat Security Advisory 2017-2796-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable, the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID PIE binary could use this flaw to escalate their privileges on the system.
866324fca23747f69de4e8ef9551dad894b102df8aa49be3b5d059c922eb20dd
Red Hat Security Advisory 2017-2793-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable, the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID PIE binary could use this flaw to escalate their privileges on the system.
c9fff4891a8921a1d680380df8587c02a6e20f76f5ee7eea18c9a1ddbd6e67be
Red Hat Security Advisory 2017-2794-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable, the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID PIE binary could use this flaw to escalate their privileges on the system.
68ea50ab00f02a7b3ff4323f4ecd7472a907b5657bfbe53369a53538c4b95c33
Red Hat Security Advisory 2017-2797-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable, the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID PIE binary could use this flaw to escalate their privileges on the system.
f02373e421ca9abcaa1761c1507fde90dcd1950ddf0498eae02ed610189b206f
Red Hat Security Advisory 2017-2798-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable, the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID PIE binary could use this flaw to escalate their privileges on the system.
40f9f08efc1c1976c5e55dfb0092643a2f5f1f194edeff4cc6addf135da1cbdd
Gentoo Linux Security Advisory 201709-27 - Multiple vulnerabilities have been found in LibTIFF, the worst of which could result in the execution of arbitrary code. Versions less than 4.0.8 are affected.
063099c971a240f228a2cccdc7a688d44d95300bcfd47b1fddd1ac9b8d180bdd
This Microsoft bulletin summary lists a CVE that has undergone a major revision increment.
e281f889a7a07b745c1b41488515c3f3c2cd6505cb30f5abdb08ebf86166cbf7
Red Hat Security Advisory 2017-2810-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.0.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.7, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.
188d12c115cdf70acf53a8c6c015857d0f7f729f6e285cf3d06172bf9b1241d9
Red Hat Security Advisory 2017-2800-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable, the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID PIE binary could use this flaw to escalate their privileges on the system.
d8a9d0afd413fd3cff47b4b91f265b4ff434e1f1031486cfd195ab8aa5e4cf4d
Gentoo Linux Security Advisory 201709-26 - A vulnerability in libsoup might allow remote attackers to execute arbitrary code. Versions less than 2.56.1 are affected.
90b31b9d9cea9f8cbe8007c69e4741b088a4bd68896e32121610f754014b02ca
Red Hat Security Advisory 2017-2799-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable, the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID PIE binary could use this flaw to escalate their privileges on the system.
6e410605a90e5ae5dac226f1c1596223ce521c47926efe91a44e62dae507a90f
HPE Security Bulletin HPESBGN03773 1 - A potential security vulnerability has been identified in Application Performance Management (BSM) Platform. The vulnerability could be remotely exploited to allow code execution. Revision 1 of this advisory.
e9c0d18cf651d50a4dee299bf48dc290afb61e9ac7f068fd772a3553a46b4e76
Broadcom suffers from multiple overflow vulnerabilities when handling 802.11r (FT) Reassociation Response.
4e4363e0afff7c0a8c3e6b53d804a1172c36d104c17e2a3b7c6eebe8edf51451
Broadcom suffers from a heap overflow vulnerability when handling 802.11v WNM Sleep Mode Response.
bfafe6c08335222f164c3154a1ec33d8b038b473faa28bc94fc7946a6d0e9bba
Software updates for Solarwinds products are packaged and delivered insecurely, leading to root compromise of Solarwinds devices.
2a9df79c742962870c74939e16e4499331d3b9dcdf53b4c3fe83b8d82173b94e
Gentoo Linux Security Advisory 201709-25 - Multiple vulnerabilities have been found in Chromium, the worst of which could result in the execution of arbitrary code. Versions less than 61.0.3163.100 are affected.
53805f9167f0c643f42e6afeb6fb2c162ec0afd65af2eb44aab53857b00d9850
Gentoo Linux Security Advisory 201709-24 - Multiple vulnerabilities have been found in RAR and UnRAR, the worst of which may allow attackers to execute arbitrary code. Versions less than 5.5.0_p20170811 are affected.
838c44591a418642b96ecdd7a7d93fbc404538ebd0b5118d3d43df16535dc7bf
Ubuntu Security Notice 3429-1 - Wang Junjie discovered that Libplist incorrectly handled certain files. If a user were tricked into opening a crafted file, an attacker could possibly use this to cause a crash or denial or service.
e978097067972b300931520c84fb8a640606b0f7cc6c7744c52e61cf5f0fea8d
Gentoo Linux Security Advisory 201709-23 - Multiple vulnerabilities have been found in Tcpdump, the worst of which may allow execution of arbitrary code. Versions less than 4.9.2 are affected.
715558f6adb4faa8fec7d45efdb67a8b78c48d5649546e1643df6920765b7bbc
Red Hat Security Advisory 2017-2792-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 61.0.3163.100. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim.
1919d3e29966912af824db60c14cc0bb9de0ad18873d80f32ef317ade8ca8e41
Gentoo Linux Security Advisory 201709-22 - Multiple vulnerabilities have been found in Oracle's JRE and JDK software suites, and IcedTea, the worst of which may allow execution of arbitrary code. Versions less than 1.8.0.141 are affected.
277201977343e8ff9db604c8d0aa89235047a6c676dc1d8fc08485df7f6b2ebb
Gentoo Linux Security Advisory 201709-21 - Multiple vulnerabilities have been found in PHP, the worst of which could result in the execution of arbitrary code. Versions less than 5.6.31:5.6 are affected.
d141275b179501f4e8a5e6b7a0eafc716393e9b83ec4859f38d82d4b37729b7c
Gentoo Linux Security Advisory 201709-20 - A vulnerability in Postfix may allow local users to gain root privileges. Versions less than 3.1.6 are affected.
b600c1a5f95a2227e066f6351a63b9daa56e68a6202706f7df5318020198cbc7
Gentoo Linux Security Advisory 201709-19 - A vulnerability in Exim may allow local users to gain root privileges. Versions less than 4.89-r1 are affected.
e4e8753acd88314f65a96fcfa803a6925a200130dc25cc90535c49d136149011