Red Hat Security Advisory 2019-0512-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a null pointer vulnerability.
1451691e0284d55d254470a989d53edadbc75afa9840e9eec35ddffa84fe977bRed Hat Security Advisory 2019-0514-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a memory corruption vulnerability.
3f0f9d35808131f8cb4577f70c6be964e326c354f13872d8e92c28aeb087ca2aUbuntu Security Notice 3847-3 - USN-3847-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux kernel for Microsoft Azure Cloud systems for Ubuntu 14.04 LTS. It was discovered that a race condition existed in the raw MIDI driver for the Linux kernel, leading to a double free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
88ddcb277ba792306a56a051e1a6ea3b2df9a11ba6f4d4f0bb790bd6664c4b64It was discovered that an integer overflow vulnerability existed in the CDRom driver of the Linux kernel. A local attacker could use this to expose sensitive information (kernel memory). It was discovered that a race condition existed in the raw MIDI driver for the Linux kernel, leading to a double free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Various other issues were also addressed.
054a56994c9bd62549cd29e0464ca1a0a7be22a3004cc645c80c0b65070bbdc0Ubuntu Security Notice 3847-2 - USN-3847-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. It was discovered that a race condition existed in the raw MIDI driver for the Linux kernel, leading to a double free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
f686a26622bf753cbbb760351f7a2649c795917011883eab629db03a6b1b546fUbuntu Security Notice 3847-1 - It was discovered that a race condition existed in the raw MIDI driver for the Linux kernel, leading to a double free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that an integer overrun vulnerability existed in the POSIX timers implementation in the Linux kernel. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
ab186e3e3caa72822140697919f42bea4149fc7ebd5e687a8c7c58306f58d45eUbuntu Security Notice 3835-1 - Jann Horn discovered that the procfs file system implementation in the Linux kernel did not properly restrict the ability to inspect the kernel stack of an arbitrary task. A local attacker could use this to expose sensitive information. Jann Horn discovered that the mremap system call in the Linux kernel did not properly flush the TLB when completing, potentially leaving access to a physical page after it has been released to the page allocator. A local attacker could use this to cause a denial of service , expose sensitive information, or possibly execute arbitrary code. Various other issues were also addressed.
0d98e117a7daeada246e248b8dd8991176e44f3691e448cdd5919caf358556aaUbuntu Security Notice 3832-1 - Jann Horn discovered that the procfs file system implementation in the Linux kernel did not properly restrict the ability to inspect the kernel stack of an arbitrary task. A local attacker could use this to expose sensitive information. Jann Horn discovered that the mremap system call in the Linux kernel did not properly flush the TLB when completing, potentially leaving access to a physical page after it has been released to the page allocator. A local attacker could use this to cause a denial of service , expose sensitive information, or possibly execute arbitrary code. Various other issues were also addressed.
b57e39d7a6b2621e28ea09c25523ef6ffe045219afabe19ad27f96586c416cd1The Linux BPF verifier has an issue where 32-bit RSH verification does not truncate input before the ALU op.
bd63997ae2acb84be7a1e8de8677be40bfb12f314579a9e60ee98b321c11a3a0
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed