Red Hat Security Advisory 2020-2770-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a denial of service vulnerability.
ee43c207b471fbcf1805943ca8b4013bUbuntu Security Notice 4404-2 - USN-4404-1 fixed vulnerabilities in the NVIDIA graphics drivers. This update provides the corresponding updates for the NVIDIA Linux DKMS kernel modules. Thomas E. Carroll discovered that the NVIDIA Cuda graphics driver did not properly perform access control when performing IPC. An attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
b5935e1b343dcc6884e352cc5e7dbac4iOS and macOS suffered from a wifi proximity kernel double-free vulnerability in AWDL BSS Steering.
cdd1c47241bd866a69b6c59cc0b23828ASUS Aura Sync version 1.07.71 ene.sys privilege escalation kernel exploit.
dd506cd09fc47f7ec526c55db6959c62Red Hat Security Advisory 2020-2667-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.
619d74296257ddec8183027c38f8430fRed Hat Security Advisory 2020-2669-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.
d5ddc70fed5a1ef28dbebf02d1f6056dRed Hat Security Advisory 2020-2665-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a denial of service vulnerability.
49853faed2a94352fb8dbc5de3961601Red Hat Security Advisory 2020-2664-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a denial of service vulnerability.
0b051e765c4057b4267b6d1e48f46434Red Hat Security Advisory 2020-2567-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.
02bfdd9df261354fac57aba84f1fcb7cThis is a proof of concept exploit that demonstrates the SMBleed remote kernel memory read vulnerability.
158c02865ebd54cc54aad47af76b281dRed Hat Security Advisory 2020-2522-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass, denial of service, double free, integer overflow, memory leak, null pointer, and use-after-free vulnerabilities.
89f1f9cf40446f2816ba9234dd52e3deRed Hat Security Advisory 2020-2519-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include null pointer and use-after-free vulnerabilities.
7a27e5e90084fb32e8c414affd1f5227Ubuntu Security Notice 4385-2 - USN-4385-1 provided updated Intel Processor Microcode. Unfortunately, that update prevented certain processors in the Intel Skylake family from booting successfully. Additionally, on Ubuntu 20.04 LTS, late loading of microcode was enabled, which could lead to system instability. This update reverts the microcode update for the Skylake processor family and disables the late loading option on Ubuntu 20.04 LTS. Please note that the 'dis_ucode_ldr' kernel command line option can be added in the boot menu to disable microcode loading for system recovery. Various other issues were also addressed.
e73d5f6c4c88bce23e85bfb3e434f4f6Red Hat Security Advisory 2020-2472-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. An out-of-bounds heap access issue was addressed.
d7395e603bed2f8f943e9ca4150fa619Ubuntu Security Notice 4392-1 - It was discovered that the Marvell WiFi-Ex Driver in the Linux kernel did not properly validate status lengths in messages received from an access point, leading to a buffer overflow. A physically proximate attacker controlling an access point could use this to construct messages that could possibly result in arbitrary code execution. It was discovered that memory contents previously stored in microarchitectural special registers after RDRAND, RDSEED, and SGX EGETKEY read operations on Intel client and Xeon E3 processors may be briefly exposed to processes on the same or different processor cores. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
2a8d26a4c0fc30acb37659ae44687215Ubuntu Security Notice 4388-1 - It was discovered that the F2FS file system implementation in the Linux kernel did not properly perform bounds checking on xattrs in some situations. A local attacker could possibly use this to expose sensitive information. It was discovered that memory contents previously stored in microarchitectural special registers after RDRAND, RDSEED, and SGX EGETKEY read operations on Intel client and Xeon E3 processors may be briefly exposed to processes on the same or different processor cores. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
3cd7fbe81c4015ba8baf954c820314b8Ubuntu Security Notice 4391-1 - It was discovered that the ext4 file system implementation in the Linux kernel did not properly handle setxattr operations in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that memory contents previously stored in microarchitectural special registers after RDRAND, RDSEED, and SGX EGETKEY read operations on Intel client and Xeon E3 processors may be briefly exposed to processes on the same or different processor cores. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
b9a5c4d0b8f881b21288f5e8a866b693Ubuntu Security Notice 4389-1 - It was discovered that the F2FS file system implementation in the Linux kernel did not properly perform bounds checking on xattrs in some situations. A local attacker could possibly use this to expose sensitive information. It was discovered that memory contents previously stored in microarchitectural special registers after RDRAND, RDSEED, and SGX EGETKEY read operations on Intel client and Xeon E3 processors may be briefly exposed to processes on the same or different processor cores. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
a93cc4b0befc248853b45d9e0467a27fUbuntu Security Notice 4390-1 - It was discovered that the F2FS file system implementation in the Linux kernel did not properly perform bounds checking on xattrs in some situations. A local attacker could possibly use this to expose sensitive information. It was discovered that memory contents previously stored in microarchitectural special registers after RDRAND, RDSEED, and SGX EGETKEY read operations on Intel client and Xeon E3 processors may be briefly exposed to processes on the same or different processor cores. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
f002116a7b317689b84b6b58abae7affUbuntu Security Notice 4393-1 - It was discovered that the Marvell WiFi-Ex Driver in the Linux kernel did not properly validate status lengths in messages received from an access point, leading to a buffer overflow. A physically proximate attacker controlling an access point could use this to construct messages that could possibly result in arbitrary code execution. It was discovered that memory contents previously stored in microarchitectural special registers after RDRAND, RDSEED, and SGX EGETKEY read operations on Intel client and Xeon E3 processors may be briefly exposed to processes on the same or different processor cores. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
1c2083f7dc6855a4a9ae2d20008669a7Ubuntu Security Notice 4387-1 - It was discovered that the F2FS file system implementation in the Linux kernel did not properly perform bounds checking on xattrs in some situations. A local attacker could possibly use this to expose sensitive information. It was discovered that memory contents previously stored in microarchitectural special registers after RDRAND, RDSEED, and SGX EGETKEY read operations on Intel client and Xeon E3 processors may be briefly exposed to processes on the same or different processor cores. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
71371ab954b312b6f8dee337cb7072e8Red Hat Security Advisory 2020-2430-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a null pointer vulnerability.
64fb84325f074ce076c7858518bd4d1eRed Hat Security Advisory 2020-2427-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.
d8858e44e9d450f8ec83e0c08a33b48aRed Hat Security Advisory 2020-2429-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include null pointer, privilege escalation, and use-after-free vulnerabilities.
7c78c0ea2fce01bfef663dda2ee1cba1Red Hat Security Advisory 2020-2428-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a use-after-free vulnerability.
642602ae3637bf3ea48231dbdbd76ac9
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed