Red Hat Security Advisory 2019-1190-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include CPU related, buffer overflow, information leakage, and use-after-free vulnerabilities.
2f160c5d9f6098b9b18068774d06fe7e3f1c96faf5b19e736ec61ec5c3d26519
Red Hat Security Advisory 2019-1170-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include CPU related, buffer overflow, denial of service, information leakage, and use-after-free vulnerabilities.
51432bd6eb5ada1ac551a25bba574f308ab431b3d8fe6a0e4720220f0f42d17c
Apple Security Advisory 2018-10-30-14 - macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan address buffer overflow, code execution, denial of service, information leakage, and null pointer vulnerabilities.
996555da303016be0beb91eec3d479423a2125bf6788c7b59011cb29ba6e0413
Apple Security Advisory 2018-7-23-1 - Security Update 2018-004 El Capitan addresses information leakage vulnerabilities.
8d5d4a0cf1bafff8ea22afa6dccb87b30ebb52e9ca81c76f5d2098f4f3efd6fc
Red Hat Security Advisory 2018-2164-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass, denial of service, information leakage, and use-after-free vulnerabilities.
7852e925dd5f5153564fcf9e4a0d1cb0d3d29a3dcb3a7fdea59716c122549f34
Red Hat Security Advisory 2018-2165-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include an information leakage vulnerability.
f561e982de06c9f064253679af839189ef3eca723bb0ec720497d5ecb72fa450
Apple Security Advisory 2018-7-9-4 - macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, and Security Update 2018-004 El Capitan are now available and address information leakage vulnerabilities.
49ac8c28e452226cd454f927987f600bfbb0a024762057d3093a15b9219c1db2
Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly handle corrupted meta data in some situations. An attacker could use this to specially craft an ext4 file system that caused a denial of service (system crash) when mounted. It was discovered that an information leak vulnerability existed in the floppy driver in the Linux kernel. A local attacker could use this to expose sensitive information (kernel memory). Various other issues were also addressed.
d714af351ebe0661ff777dd209b5eddccb3e9cea04d0ba77486507fcb340f6d4
Ubuntu Security Notice 3698-2 - USN-3698-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. It was discovered that the nested KVM implementation in the Linux kernel in some situations did not properly prevent second level guests from reading and writing the hardware CR8 register. A local attacker in a guest could use this to cause a denial of service. Various other issues were also addressed.
3a1e12e3782c7d4798f3d9810f6fccc5915c7ad2dec33af797f2a9aa81fb5037
Ubuntu Security Notice 3696-2 - USN-3696-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that an integer overflow existed in the perf subsystem of the Linux kernel. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
c590b91b523cf11805ff800ce0110af67ef149ddc9b9fa08c47b5de15cde5da4
Ubuntu Security Notice 3698-1 - It was discovered that the nested KVM implementation in the Linux kernel in some situations did not properly prevent second level guests from reading and writing the hardware CR8 register. A local attacker in a guest could use this to cause a denial of service. Fan Wu, Haoran Qiu, and Shixiong Zhao discovered that the associative array implementation in the Linux kernel sometimes did not properly handle adding a new entry. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
7da0a1087ba0d19f5b16753982535d7adcdc67fada9d245a7c967312fca4844c
Ubuntu Security Notice 3696-1 - It was discovered that an integer overflow existed in the perf subsystem of the Linux kernel. A local attacker could use this to cause a denial of service. Wei Fang discovered an integer overflow in the F2FS filesystem implementation in the Linux kernel. A local attacker could use this to cause a denial of service. It was discovered that an information leak existed in the generic SCSI driver in the Linux kernel. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
8512d94bba9cbe7f7683bbee28a609dffc96c7e19622258f64608dca591ae0ec
FreeBSD Security Advisory - A subset of Intel processors can allow a local thread to infer data from another thread through a speculative execution side channel when Lazy FPU state restore is used. Any local thread can potentially read FPU state information from other threads running on the host. This could include cryptographic keys when the AES-NI CPU feature is present.
bbc335e62d9fb843edc9e54c223a5d3d9662b7778c54fc3d4e4e9662fe4d3afa
Debian Linux Security Advisory 4232-1 - This update provides mitigations for the "lazy FPU" vulnerability affecting a range of Intel CPUs, which could result in leaking CPU register states belonging to another vCPU previously scheduled on the same CPU.
ecd7deca21d0686873a63c4503fef255e8192dbf5a7c7f582012727ce32d5451
Red Hat Security Advisory 2018-1944-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include an information leakage vulnerability.
e4ecf0a030b8d4d1387834b1eedbccf78135f5aa4c8e1b9220099f7243d2b69a
Red Hat Security Advisory 2018-1852-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an information leakage vulnerability.
19ab2687ceb485d0479ff41218a79b7bd4a249b760c23a13683264c202621293