Gentoo Linux Security Advisory 201904-6 - Multiple vulnerabilities have been found in GlusterFS, the worst of which could result in the execution of arbitrary code. Versions less than 4.1.8 are affected.
043fd8e80fc0cf57260f877078d16e4c53b33b4af150e6f0c8c6dc52016164d4
Red Hat Security Advisory 2018-3816-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include memory disclosure and client-side security problems.
5babb9742f0b837b18016ae6e3fd236587c37fab6420f152508b801587269e6c
Red Hat Security Advisory 2018-3470-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include buffer overflow, denial of service, deserialization, and format string vulnerabilities.
9e8155ff0d32478283821315ef01b373ffb94a7f3e9c04679d7c9bfd1ff773d5
Gentoo Linux Security Advisory 201810-8 - Multiple vulnerabilities have been found in PostgreSQL, the worst which could lead to privilege escalation. Versions less than 10.5 are affected.
debe17bd797552196004c1bd035d68c747b8acf9c1fd29e8fcd59615fb655e2c
Red Hat Security Advisory 2018-2948-01 - The kernel-alt packages provide the Linux kernel version 4.x. Issues addressed include buffer overflow, bypass, denial of service, information leakage, null pointer, and use-after-free vulnerabilities.
b5ac1428b03d1ab918a3b26b7b8a361284bcfa618164f1b2afd1b27d505a0549
Red Hat Security Advisory 2018-3083-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, denial of service, information leakage, null pointer, and use-after-free vulnerabilities.
51bb55b468c741de6d34c15b15988a77197b07fcb781827141ad9999e1700fdc
Red Hat Security Advisory 2018-3096-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow, denial of service, information leakage, null pointer, and use-after-free vulnerabilities.
7f59a96ea0227aec7452145ed2d1a67c0ed1e187e5b7fdd0814bef1fa260bd64
Red Hat Security Advisory 2018-2607-01 - GlusterFS is a key building block of Red Hat Gluster Storage. It is based on a stackable user-space design and can deliver exceptional performance for diverse workloads. GlusterFS aggregates various storage servers over network interconnections into one large, parallel network file system. Issues addressed include buffer overflow, denial of service, deserialization, local file inclusion, and remote file inclusion vulnerabilities.
1869d3dbb0d19201b396114a7ac010439cd91183d33b11fbfc38ece6f506392a
Red Hat Security Advisory 2018-2608-01 - GlusterFS is a key building block of Red Hat Gluster Storage. It is based on a stackable user-space design and can deliver exceptional performance for diverse workloads. GlusterFS aggregates various storage servers over network interconnections into one large, parallel network file system. Issues addressed include buffer overflow, denial of service, and deserialization vulnerabilities.
dbc1eee9743f4815426c0555b3ae9015f27350b74fb56d7d1bb32c22f9a3a6ae
Red Hat Security Advisory 2018-2566-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include a client-side security defense vulnerability.
649f115a5ba63c8d907307cbe47bfc473e9c62f89295c50c0d2cf506f40c295d
Red Hat Security Advisory 2018-2565-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include client-side defense vulnerabilities.
465541ea0c3b67ecdb7640e1849255b472b52b1d12a055c7a628fbee5ef23dc5
Red Hat Security Advisory 2018-2511-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include a memory disclosure vulnerability.
4ca4c3db9cbd55205ea2c05acb3d63b066329838d8eabd3c12d93281db527f5f
Ubuntu Security Notice 3744-1 - Andrew Krasichkov discovered that the PostgreSQL client library incorrectly reset its internal state between connections. A remote attacker could possibly use this issue to bypass certain client-side connection security features. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that PostgreSQL incorrectly checked authorization on certain statements. A remote attacker could possibly use this issue to read arbitrary server memory or alter certain data. Various other issues were also addressed.
10c7a46516045ae2ad89d98e1e273b9ca69727a9da14ccba89173432684540ae
Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly handle corrupted meta data in some situations. An attacker could use this to specially craft an ext4 file system that caused a denial of service (system crash) when mounted. It was discovered that an information leak vulnerability existed in the floppy driver in the Linux kernel. A local attacker could use this to expose sensitive information (kernel memory). Various other issues were also addressed.
d714af351ebe0661ff777dd209b5eddccb3e9cea04d0ba77486507fcb340f6d4
Ubuntu Security Notice 3678-4 - Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly handle corrupted meta data in some situations. An attacker could use this to specially craft an ext4 file system that caused a denial of service when mounted. It was discovered that the 802.11 software simulator implementation in the Linux kernel contained a memory leak when handling certain error conditions. A local attacker could possibly use this to cause a denial of service. Various other issues were also addressed.
70613b1dd8bebafbf47b8ff616c76fc30f6a92857dbf198e9f0fbe3db6e8e22f
Ubuntu Security Notice 3678-3 - Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly handle corrupted meta data in some situations. An attacker could use this to specially craft an ext4 file system that caused a denial of service when mounted. It was discovered that the 802.11 software simulator implementation in the Linux kernel contained a memory leak when handling certain error conditions. A local attacker could possibly use this to cause a denial of service. Various other issues were also addressed.
cd986165b71b4e1378a506b88fdc3586bf913dc90d9ee4980df28a9ccdd51d32
Ubuntu Security Notice 3678-2 - Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly handle corrupted meta data in some situations. An attacker could use this to specially craft an ext4 file system that caused a denial of service when mounted. It was discovered that the 802.11 software simulator implementation in the Linux kernel contained a memory leak when handling certain error conditions. A local attacker could possibly use this to cause a denial of service. Various other issues were also addressed.
a861ba565ba75730506975483096a29474b6446046659bf6e8bc9e3df22fa857
Ubuntu Security Notice 3678-1 - Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly handle corrupted meta data in some situations. An attacker could use this to specially craft an ext4 file system that caused a denial of service when mounted. It was discovered that the 802.11 software simulator implementation in the Linux kernel contained a memory leak when handling certain error conditions. A local attacker could possibly use this to cause a denial of service. Various other issues were also addressed.
e57ad84d6b9ea0b9108c4cf7c2d832048db4d2b4aed6a99107c3c23eb19672ed
Ubuntu Security Notice 3677-2 - USN-3677-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS. It was discovered that the netfilter subsystem of the Linux kernel did not properly validate ebtables offsets. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
c1953b1b76f2fb20d0c04031dff7e5d9392ec2f294f04ffe2f9f4493d60089fc
Ubuntu Security Notice 3677-1 - It was discovered that the netfilter subsystem of the Linux kernel did not properly validate ebtables offsets. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly handle corrupted meta data in some situations. An attacker could use this to specially craft an ext4 file system that caused a denial of service when mounted. Various other issues were also addressed.
b9917730793499eb901655a084ddb9a923d7d0df94773d6f89265ffa68e26866
Ubuntu Security Notice 3676-2 - USN-3676-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly handle corrupted meta data in some situations. An attacker could use this to specially craft an ext4 file system that caused a denial of service when mounted. Various other issues were also addressed.
b4830110117fbba4ebcb3aed886d7a8ee5e4bde656c36861c7100ec0c951e607
Ubuntu Security Notice 3676-1 - Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly handle corrupted meta data in some situations. An attacker could use this to specially craft an ext4 file system that caused a denial of service when mounted. It was discovered that the cdrom driver in the Linux kernel contained an incorrect bounds check. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
9eb8e7aa9a0d4aa6ddced7f3c8e17089dc358de41a491f619dde8e9fa99a51e9
Alexei Starovoitov discovered that the Berkeley Packet Filter (BPF) implementation in the Linux kernel contained a branch-pruning logic issue around unreachable code. A local attacker could use this to cause a denial of service. The ext4_iget function in fs/ext4/inode.c in the Linux kernel through 4.15.15 mishandles the case of a root directory with a zero i_links_count, which allows attackers to cause a denial of service (ext4_process_freed_data NULL pointer dereference and OOPS) via a crafted ext4 image. Various other issues were also addressed.
0e3788ff5b92bdb81c16b39e96e620f55d7e00317265a10546173540afa06d71
Slackware Security Advisory - New kernel packages are available for Slackware 14.2 to fix a regression in the getsockopt() function and to fix two denial-of-service security issues.
1256fc37bd7798ca0038f9ea2c63351eac1f24df934e86d4c82697a7436ab1e3
Debian Linux Security Advisory 4188-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
c04940bd4f6e00821a6373ebaafc1e5cd084607d9b3667203e468f8e5190068a