Red Hat Security Advisory 2019-0641-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include denial of service and use-after-free vulnerabilities.
9059cdcb369bd96cb1c0d25c239372e2e539ff777183cd9b073e46245df44d40Red Hat Security Advisory 2018-3083-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, denial of service, information leakage, null pointer, and use-after-free vulnerabilities.
51bb55b468c741de6d34c15b15988a77197b07fcb781827141ad9999e1700fdcRed Hat Security Advisory 2018-3096-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow, denial of service, information leakage, null pointer, and use-after-free vulnerabilities.
7f59a96ea0227aec7452145ed2d1a67c0ed1e187e5b7fdd0814bef1fa260bd64Ubuntu Security Notice 3698-2 - USN-3698-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. It was discovered that the nested KVM implementation in the Linux kernel in some situations did not properly prevent second level guests from reading and writing the hardware CR8 register. A local attacker in a guest could use this to cause a denial of service. Various other issues were also addressed.
3a1e12e3782c7d4798f3d9810f6fccc5915c7ad2dec33af797f2a9aa81fb5037Ubuntu Security Notice 3697-2 - It was discovered that a null pointer dereference vulnerability existed in the DCCP protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service. Jann Horn discovered that the 32 bit adjtimex syscall implementation for 64 bit Linux kernels did not properly initialize memory returned to user space in some situations. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
c9a9b6f9415eee0a015beb8e44d16a31b4242d4134fa1daff8f7c2ac1adc0f9dUbuntu Security Notice 3697-1 - It was discovered that a null pointer dereference vulnerability existed in the DCCP protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service. Jann Horn discovered that the 32 bit adjtimex syscall implementation for 64 bit Linux kernels did not properly initialize memory returned to user space in some situations. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
55c8f38eb3a5a5b9ca0719a8cf82aed6fd3c1159902999681470b031b1f5489bUbuntu Security Notice 3698-1 - It was discovered that the nested KVM implementation in the Linux kernel in some situations did not properly prevent second level guests from reading and writing the hardware CR8 register. A local attacker in a guest could use this to cause a denial of service. Fan Wu, Haoran Qiu, and Shixiong Zhao discovered that the associative array implementation in the Linux kernel sometimes did not properly handle adding a new entry. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
7da0a1087ba0d19f5b16753982535d7adcdc67fada9d245a7c967312fca4844cRed Hat Security Advisory 2018-1854-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass, denial of service, and null pointer vulnerabilities.
faa3521cba5ea132c14cf1c7356833641996e0d6d030838eba24714f4f797c11Ubuntu Security Notice 3654-2 - USN-3654-1 fixed vulnerabilities and added mitigations in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Jann Horn and Ken Johnson discovered that microprocessors utilizing speculative execution of a memory read may allow unauthorized memory reads via a sidechannel attack. This flaw is known as Spectre Variant 4. A local attacker could use this to expose sensitive information, including kernel memory. Various other issues were also addressed.
de22c970ed2387a5b65d9f771bda19a47f769cd6937f436e2540fe3278eafdccUbuntu Security Notice 3654-1 - Jann Horn and Ken Johnson discovered that microprocessors utilizing speculative execution of a memory read may allow unauthorized memory reads via a sidechannel attack. This flaw is known as Spectre Variant 4. A local attacker could use this to expose sensitive information, including kernel memory. Tuba Yavuz discovered that a double-free error existed in the USBTV007 driver of the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
5f261dbe5831c41c0bd4f2b983165daf32e4b78c0ecc0db3052a95ea2f5075e3Ubuntu Security Notice 3656-1 - Tuba Yavuz discovered that a double-free error existed in the USBTV007 driver of the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the F2FS implementation in the Linux kernel. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
a9f3839c7a8545a6f6e3bf93c8de2afcce4efda346b3187919d8f91346066750Debian Linux Security Advisory 4188-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
c04940bd4f6e00821a6373ebaafc1e5cd084607d9b3667203e468f8e5190068aDebian Linux Security Advisory 4187-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
e47605adb85ececbd4ae2974c9376652991663a139c1e597e8d245b3700d48a9Secunia Research has discovered a vulnerability in Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service). An error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash. The vulnerability is confirmed in versions 4.15.0-r7 and 4.15.0. Other versions may also be affected.
f0fc9c0b15f4d208f5ddbd8f5c527f7918efef3e0855ee3238bb91aeec7edb50
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed