Red Hat Security Advisory 2018-3656-01 - The kernel-alt packages provide the Linux kernel version 4.x. Issues addressed include an use-after-free vulnerability.
138d3b2eb90b7429ef67ed1169a8e658e887b799fbbaab3eeed73288fade789cUbuntu Security Notice 3777-3 - USN-3777-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 %LTS. This update provides the corresponding updates for the Linux kernel for Azure Cloud systems. Jann Horn discovered that the vmacache subsystem did not properly handle sequence number overflows, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code. Various other issues were also addressed.
769cc3a35204cab453698f34a6b0570d79e3ff0a88450698a2577c0e6fc6a664It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault (L1TF). A local attacker could use this to expose sensitive information (memory from the kernel or other processes). It was discovered that the paravirtualization implementation in the Linux kernel did not properly handle some indirect calls, reducing the effectiveness of Spectre v2 mitigations for paravirtual guests. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
1ae6dc1bc4438da330374ea7c963d1a59dd4454020d117a4fef1a28f4474b821Ubuntu Security Notice 3777-2 - USN-3777-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. Jann Horn discovered that the vmacache subsystem did not properly handle sequence number overflows, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code. Various other issues were also addressed.
19e56ea426f696a74aa692607d87804e67eeaa6dfd9e083466313919a494c760Ubuntu Security Notice 3777-1 - Jann Horn discovered that the vmacache subsystem did not properly handle sequence number overflows, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the paravirtualization implementation in the Linux kernel did not properly handle some indirect calls, reducing the effectiveness of Spectre v2 mitigations for paravirtual guests. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
5db6c7887e9651017faced7ba733531733f1515003351691c185c6a854134435Ubuntu Security Notice 3776-2 - USN-3776-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Jann Horn discovered that the vmacache subsystem did not properly handle sequence number overflows, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code. Various other issues were also addressed.
3a7694cf511ebdcdcfdc1bb423fdbbd2d78e78e72dc14abdc3a315a6c014c11aUbuntu Security Notice 3776-1 - Jann Horn discovered that the vmacache subsystem did not properly handle sequence number overflows, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the paravirtualization implementation in the Linux kernel did not properly handle some indirect calls, reducing the effectiveness of Spectre v2 mitigations for paravirtual guests. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
85a539d4dc80cce6215faa6eb351b7170e2643d3239efab5fc20f75531b26f35Debian Linux Security Advisory 4308-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
a9488a1ec49d402caeb675f06f2c3bfc5c6485d76c3af54ee57d369cf63de403Linux suffers from a VMA use-after-free vulnerability via a buggy vmacache_flush_all() fastpath.
e61f826cfebf3e7bf6eb9726e31779f1707a0644cc3e2a4e3c0865759d272aceSlackware Security Advisory - New kernel packages are available for Slackware 14.2 to fix a security issue.
0358a67eba3ff69597d603dc152ed4afd6341c0a1cf6ab40e7a173d0a3ec19e2
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed