Ubuntu Security Notice 4093-1 - It was discovered that a heap buffer overflow existed in the Marvell Wireless LAN device driver for the Linux kernel. An attacker could use this to cause a denial of service or possibly execute arbitrary code. Andrei Vlad Lutas and Dan Lutas discovered that some x86 processors incorrectly handle SWAPGS instructions during speculative execution. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
c0b6be2dc1ffa0bcd5add84b3fac57dfUbuntu Security Notice 4095-1 - Eli Biham and Lior Neumann discovered that the Bluetooth implementation in the Linux kernel did not properly validate elliptic curve parameters during Diffie-Hellman key exchange in some situations. An attacker could use this to expose sensitive information. It was discovered that a heap buffer overflow existed in the Marvell Wireless LAN device driver for the Linux kernel. An attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
ff726cc76288b070879d39966cb18209Ubuntu Security Notice 4094-1 - It was discovered that the alarmtimer implementation in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service. Wen Xu discovered that the XFS filesystem implementation in the Linux kernel did not properly track inode validations. An attacker could use this to construct a malicious XFS image that, when mounted, could cause a denial of service. Various other issues were also addressed.
3b73671d729375d8de90582cb3d31f24Red Hat Security Advisory 2019-2411-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.
db66a27f852a52baa108fabfac35e8d7Red Hat Security Advisory 2019-2405-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
d0c6124bb4ce80f52013703fac6b4127Slackware Security Advisory - New kernel packages are available for Slackware 14.2 to fix security issues.
dcc164dee87e520c21919a34673ad54bDebian Linux Security Advisory 4484-1 - Jann Horn discovered that the ptrace subsystem in the Linux kernel mishandles the management of the credentials of a process that wants to create a ptrace relationship, allowing a local user to obtain root privileges under certain scenarios.
492216f4fa5e3ebcc3b8f8c6ba353108Linux suffers from broken permission and object lifetime handling for PTRACE_TRACEME.
91c78e7e5a824d9c7ed235f47eecb190
© 2019 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed