Download
| Alert*
oval:org.secpod.oval:def:2000497
In the Linux kernel 4.15.0, a NULL pointer dereference was discovered in hfs_ext_read_extent in hfs.ko. This can occur during a mount of a crafted hfs filesystem. oval:org.secpod.oval:def:2000175 ntfs_attr_find in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service or possibly have unspecified other impact via a crafted ntfs filesystem. oval:org.secpod.oval:def:2000590 ntfs_end_buffer_async_read in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service or possibly have unspecified other impact via a crafted ntfs filesystem. oval:org.secpod.oval:def:52509 linux-lts-utopic: Linux hardware enablement kernel from Utopic Details: The Fix for CVE-2015-1328 introduced a regression into the Linux kernel"s overlayfs file system. The removal of a directory that only exists on the lower layer results in a kernel panic. We apologize for the inconvenience. Origi ... oval:org.secpod.oval:def:52750 linux-lts-utopic: Linux hardware enablement kernel from Utopic for Trusty Details: USN-2948-1 fixed vulnerabilities in the Ubuntu 14.10 Linux kernel backported to Linux Mint 17.x LTS. An incorrect reference counting fix in the radeon driver introduced a regression that could cause a system crash. Th ... oval:org.secpod.oval:def:52477 linux-lts-utopic: Linux hardware enablement kernel from Utopic Details: USN-2599-1 fixed vulnerabilities in the Linux kernel, however an unrelated regression in the auditing of some path names was introduced. Due to the regression the system could crash under certain conditions. This update fixes th ... oval:org.secpod.oval:def:52370 linux-lts-utopic: Linux hardware enablement kernel from Utopic Details: USN-2447-1 fixed vulnerabilities in the Linux kernel. Due to an unrelated regression TCP Throughput drops to zero for several drivers after upgrading. This update fixes the problem. We apologize for the inconvenience. Original a ... oval:org.secpod.oval:def:52715 linux-lts-utopic: Linux hardware enablement kernel from Utopic for Trusty Details: USN-2909-1 fixed vulnerabilities in the Ubuntu 14.10 Linux kernel backported to Linux Mint 17.x LTS. An incorrect locking fix caused a regression that broke graphics displays for Linux Mint 17.x LTS guests running the ... oval:org.secpod.oval:def:2000027 An information disclosure vulnerability in the kernel trace subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kern ... oval:org.secpod.oval:def:2000225 In the Linux kernel through 4.15.4, the floppy driver reveals the addresses of kernel functions and global variables using printk calls within the function show_floppy in drivers/block/floppy.c. An attacker can read this information from dmesg and use the addresses to find the locations of kernel co ... oval:org.secpod.oval:def:23977 linux-image 3.16 series is installed oval:org.secpod.oval:def:52502 linux-lts-utopic: Linux hardware enablement kernel from Utopic The system could be made to run programs as an administrator. oval:org.secpod.oval:def:2001525 In all android releases from CAF using the linux kernel, if there is an unlikely memory alloc failure for the secure pool in boot, it can result in wrong pointer access causing kernel panic. oval:org.secpod.oval:def:2001609 In task_get_unused_fd_flags of binder.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ... oval:org.secpod.oval:def:2000878 ntfs_read_locked_inode in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a use-after-free read and possibly cause a denial of service via a crafted ntfs filesystem. oval:org.secpod.oval:def:2000167 procps-ng, procps is vulnerable to a process hiding through race condition. Since the kernel"s proc_pid_readdir returns PID entries in ascending numeric order, a process occupying a high PID can use inotify events to determine when the process list is being scanned, and fork/exec to obtain a lower P ... oval:org.secpod.oval:def:2001431 The intr function in sound/oss/msnd_pinnacle.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service or possibly have unspecified other impact by changing the value of a message queue head pointer between two kernel reads of that value, aka a "double fetch" vulnerabilit ... oval:org.secpod.oval:def:602952 The security update announced as DSA-3886-1 caused regressions for some applications using Java - including jsvc, LibreOffice and Scilab - due to the fix for CVE-2017-1000364. Updated packages are now available to correct this issue. For reference, the relevant part of the original advisory text fol ... oval:org.secpod.oval:def:702620 linux: Linux kernel Details: The Fix for CVE-2015-1328 introduced a regression into the Linux kernel"s overlayfs file system. The removal of a directory that only exists on the lower layer results in a kernel panic. We apologize for the inconvenience. Original advisory The system could be made to cr ... oval:org.secpod.oval:def:702615 linux-lts-utopic: Linux hardware enablement kernel from Utopic Details: The Fix for CVE-2015-1328 introduced a regression into the Linux kernel"s overlayfs file system. The removal of a directory that only exists on the lower layer results in a kernel panic. We apologize for the inconvenience. Origi ... oval:org.secpod.oval:def:702606 linux-lts-utopic: Linux hardware enablement kernel from Utopic The system could be made to run programs as an administrator. oval:org.secpod.oval:def:702604 linux: Linux kernel The system could be made to run programs as an administrator. oval:org.secpod.oval:def:702553 linux-lts-utopic: Linux hardware enablement kernel from Utopic Details: USN-2599-1 fixed vulnerabilities in the Linux kernel, however an unrelated regression in the auditing of some path names was introduced. Due to the regression the system could crash under certain conditions. This update fixes th ... oval:org.secpod.oval:def:702556 linux: Linux kernel Details: USN-2600-1 fixed vulnerabilities in the Linux kernel, however an unrelated regression in the auditing of some path names was introduced. Due to the regression the system could crash under certain conditions. This update fixes the problem. We apologize for the inconvenien ... oval:org.secpod.oval:def:703044 linux-lts-utopic: Linux hardware enablement kernel from Utopic for Trusty Details: USN-2948-1 fixed vulnerabilities in the Ubuntu 14.10 Linux kernel backported to Ubuntu 14.04 LTS. An incorrect reference counting fix in the radeon driver introduced a regression that could cause a system crash. This ... oval:org.secpod.oval:def:702997 linux-lts-utopic: Linux hardware enablement kernel from Utopic for Trusty Details: USN-2909-1 fixed vulnerabilities in the Ubuntu 14.10 Linux kernel backported to Ubuntu 14.04 LTS. An incorrect locking fix caused a regression that broke graphics displays for Ubuntu 14.04 LTS guests running the Ubunt ... oval:org.secpod.oval:def:38255 A race condition issue leading to a use-after-free flaw was found in the way the raw packet sockets implementation in the Linux kernel networking subsystem handled synchronization while creating the TPACKET_V3 ring buffer. A local user able to open a raw packet socket (requires the CAP_NET_RAW capab ... oval:org.secpod.oval:def:703117 linux-lts-utopic: Linux hardware enablement kernel from Utopic for Trusty The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:702712 linux-lts-utopic: Linux hardware enablement kernel from Utopic The system could be made to crash under certain conditions. oval:org.secpod.oval:def:2001414 The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing attackers to more easily manipulate the stack. Linux Kernel version 4.11.5 is affected. oval:org.secpod.oval:def:52483 linux-lts-utopic: Linux hardware enablement kernel from Utopic Several security issues were fixed in the kernel. oval:org.secpod.oval:def:52597 linux-lts-utopic: Linux hardware enablement kernel from Utopic The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:702562 linux-lts-utopic: Linux hardware enablement kernel from Utopic Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702566 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702783 linux-lts-utopic: Linux hardware enablement kernel from Utopic The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:52551 linux-lts-utopic: Linux hardware enablement kernel from Utopic The system could be made to crash under certain conditions. oval:org.secpod.oval:def:602246 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service, unauthorised information disclosure or unauthorised information modification. CVE-2015-2925 Jann Horn discovered that when a subdirectory of a filesystem was bind-mounted into ... oval:org.secpod.oval:def:703181 linux-lts-utopic: Linux hardware enablement kernel from Utopic for Trusty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:52795 linux-lts-utopic: Linux hardware enablement kernel from Utopic for Trusty The system could be made to crash under certain conditions. oval:org.secpod.oval:def:703205 linux-lts-utopic: Linux hardware enablement kernel from Utopic for Trusty The system could be made to crash under certain conditions. oval:org.secpod.oval:def:52772 linux-lts-utopic: Linux hardware enablement kernel from Utopic for Trusty The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:602604 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or have other impacts. CVE-2016-5696 Yue Cao, Zhiyun Qian, Zhongjie Wang, Tuan Dao, and Srikanth V. Krishnamurthy of the University of California, Riverside; and Lisa M. Marvel ... oval:org.secpod.oval:def:36753 The host is installed with Linux Kernel on Ubuntu 12.04, 14.04 and 16.04 and is prone to a man in the middle attack vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to hijack TCP sessions. oval:org.secpod.oval:def:36752 net/ipv4/tcp_input.c in the Linux kernel through 0:3.16.7-ckt25-2+deb8u3 does not properly determine the rate of challenge ACK segments, which makes it easier for man-in-the-middle attackers to hijack TCP sessions via a blind in-window attack. oval:org.secpod.oval:def:52787 linux-lts-utopic: Linux hardware enablement kernel from Utopic for Trusty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:602648 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2015-8956 It was discovered that missing input sanitising in RFCOMM Bluetooth socket handling may result in denial of service or information leak. CVE ... oval:org.secpod.oval:def:602552 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2014-9904 It was discovered that the snd_compress_check_input function used in the ALSA subsystem does not properly check for an integer overflow, all ... oval:org.secpod.oval:def:2001621 In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow. This affects the Linux kernel 4.9-stable tree, 4.12-stable tree, 3.18-stable tree, and 4.4-stable tree. oval:org.secpod.oval:def:703158 linux-lts-utopic: Linux hardware enablement kernel from Utopic for Trusty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:52781 linux-lts-utopic: Linux hardware enablement kernel from Utopic for Trusty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:2000802 Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis. oval:org.secpod.oval:def:46445 Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis. oval:org.secpod.oval:def:2001023 A flaw was found in the Linux kernel in the function hid_debug_events_read in drivers/hid/hid-debug.c file which may enter an infinite loop with certain parameters passed from a userspace. A local privileged user can cause a system lock up and a denial of service. Versions from v4.18 and newer are ... oval:org.secpod.oval:def:43398 An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant ... oval:org.secpod.oval:def:52624 linux-lts-utopic: Linux hardware enablement kernel from Utopic The system could be made to crash under certain conditions. oval:org.secpod.oval:def:702864 linux-lts-utopic: Linux hardware enablement kernel from Utopic The system could be made to crash under certain conditions. oval:org.secpod.oval:def:52638 linux-lts-utopic: Linux hardware enablement kernel from Utopic The system could be made to crash under certain conditions. oval:org.secpod.oval:def:52518 linux-lts-utopic: Linux hardware enablement kernel from Utopic Several security issues were fixed in the kernel. oval:org.secpod.oval:def:602236 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation or denial of service. CVE-2015-0272 It was discovered that NetworkManager would set IPv6 MTUs based on the values received in IPv6 RAs , without sufficiently validating these values. A remote att ... oval:org.secpod.oval:def:702683 linux-lts-utopic: Linux hardware enablement kernel from Utopic Several security issues were fixed in the kernel. oval:org.secpod.oval:def:52658 linux-lts-utopic: Linux hardware enablement kernel from Utopic Several security issues were fixed in the kernel. oval:org.secpod.oval:def:52538 linux-lts-utopic: Linux hardware enablement kernel from Utopic Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702834 linux-lts-utopic: Linux hardware enablement kernel from Utopic The system could be made to crash under certain conditions. oval:org.secpod.oval:def:702679 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702827 linux-lts-utopic: Linux hardware enablement kernel from Utopic Several security issues were fixed in the kernel. oval:org.secpod.oval:def:52438 linux-lts-utopic: Linux hardware enablement kernel from Utopic Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702897 linux-lts-utopic: Linux hardware enablement kernel from Utopic Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702641 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:602276 Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service. CVE-2015-5307 Ben Serebrin from Google discovered a guest to host denial of service flaw affecting the KVM hypervisor. A malicious guest can trigger an infinite stream of "alignment check" ... oval:org.secpod.oval:def:52606 linux-lts-utopic: Linux hardware enablement kernel from Utopic Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702803 linux-lts-utopic: Linux hardware enablement kernel from Utopic Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702638 linux-lts-utopic: Linux hardware enablement kernel from Utopic Several security issues were fixed in the kernel. oval:org.secpod.oval:def:52619 linux-lts-utopic: Linux hardware enablement kernel from Utopic Several security issues were fixed in the kernel. oval:org.secpod.oval:def:52466 linux-lts-utopic: Linux hardware enablement kernel from Utopic The system could be made to run programs as an administrator. oval:org.secpod.oval:def:602074 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2014-8159 It was found that the Linux kernel"s InfiniBand/RDMA subsystem did not properly sanitize input parameters while registering memory regions f ... oval:org.secpod.oval:def:52499 linux-lts-utopic: Linux hardware enablement kernel from Utopic Several security issues were fixed in the kernel. oval:org.secpod.oval:def:52428 linux-lts-utopic: Linux hardware enablement kernel from Utopic The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:702537 linux: Linux kernel The system could be made to run programs as an administrator. oval:org.secpod.oval:def:702525 linux-lts-utopic: Linux hardware enablement kernel from Utopic The system could be made to run programs as an administrator. oval:org.secpod.oval:def:702595 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702598 linux-lts-utopic: Linux hardware enablement kernel from Utopic Several security issues were fixed in the kernel. oval:org.secpod.oval:def:52468 linux-lts-utopic: Linux hardware enablement kernel from Utopic Several security issues were fixed in the kernel. oval:org.secpod.oval:def:602172 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation or denial of service. CVE-2015-3290 Andy Lutomirski discovered that the Linux kernel does not properly handle nested NMIs. A local, unprivileged user could use this flaw for privilege escalation. ... oval:org.secpod.oval:def:52529 linux-lts-utopic: Linux hardware enablement kernel from Utopic Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702530 linux-lts-utopic: Linux hardware enablement kernel from Utopic Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702657 linux-lts-utopic: Linux hardware enablement kernel from Utopic Several security issues were fixed in the kernel. oval:org.secpod.oval:def:24343 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:2000719 Missing access_ok checks in IOCTL function oval:org.secpod.oval:def:2000635 An issue was discovered in can_can_gw_rcv in net/can/gw.c in the Linux kernel through 4.19.13. The CAN frame modification rules allow bitwise logical operations that can be also applied to the can_dlc field. Because of a missing check, the CAN drivers may write arbitrary content beyond the data regi ... oval:org.secpod.oval:def:2000324 A memory leak in the kernel_read_file function in fs/exec.c in the Linux kernel through 4.20.11 allows attackers to cause a denial of service by triggering vfs_read failures. oval:org.secpod.oval:def:2000292 In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device that is mishandled in usb_audio_probe in sound/usb/card.c. oval:org.secpod.oval:def:50966 In the Linux kernel through 4.20.11, af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr. oval:org.secpod.oval:def:2001012 In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free. oval:org.secpod.oval:def:2000558 KVM: nVMX: use-after-free of the hrtimer for emulation of the preemption timer oval:org.secpod.oval:def:2000173 The mincore implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. Limited remote exploitation may be possible, as demonstrated by la ... oval:org.secpod.oval:def:702508 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702506 linux-lts-utopic: Linux hardware enablement kernel from Utopic Several security issues were fixed in the kernel. oval:org.secpod.oval:def:2000100 KVM: x86: work around leak of uninitialized stack contents oval:org.secpod.oval:def:2000582 An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c. oval:org.secpod.oval:def:2000668 USB: hso: Fix OOB memory access in hso_probe/hso_get_config_data oval:org.secpod.oval:def:43396 An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant ... oval:org.secpod.oval:def:57841 A Spectre gadget was found in the Linux kernel's implementation of system interrupts. An attacker with local access could use this information to reveal private data through a Spectre like side channel. oval:org.secpod.oval:def:2001338 A flaw was found in the Linux kernel"s NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a ... oval:org.secpod.oval:def:2000418 Heap data infoleak in multiple locations including functionl2cap_parse_conf_rsp oval:org.secpod.oval:def:2000354 Heap address infoleak in use of l2cap_get_conf_opt oval:org.secpod.oval:def:52451 linux-lts-utopic: Linux hardware enablement kernel from Utopic Several security issues were fixed in the kernel. oval:org.secpod.oval:def:54760 An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. There is a race condition leading to a use-after-free, related to net namespace cleanup. oval:org.secpod.oval:def:45697 An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load and Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the ... oval:org.secpod.oval:def:43397 An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant ... oval:org.secpod.oval:def:2001105 An issue was discovered in fs/xfs/libxfs/xfs_attr_leaf.c in the Linux kernel through 4.17.3. An OOPS may occur for a corrupted xfs image after xfs_da_shrink_inode is called with a NULL bp. oval:org.secpod.oval:def:2000804 ** DISPUTED ** An issue was discovered in the Linux kernel through 4.17.2. Since the page allocator does not yield CPU resources to the owner of the oom_lock mutex, a local unprivileged user can trivially lock up the system forever by wasting CPU resources from the page allocator when the global OO ... oval:org.secpod.oval:def:2000568 The acpi_ns_evaluate function in drivers/acpi/acpica/nseval.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted ACPI ... oval:org.secpod.oval:def:2001420 The acpi_ns_terminate function in drivers/acpi/acpica/nsutils.c in the Linux kernel before 4.12 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted ACPI t ... oval:org.secpod.oval:def:602945 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2017-0605 A buffer overflow flaw was discovered in the trace subsystem. CVE-2017-7487 Li Qiang reported a reference counter leak in the ipxitf_ioctl f ... oval:org.secpod.oval:def:603111 Several vulnerabilities have been discovered in the Linux kernel that may lead to privilege escalation, denial of service or information leaks. CVE-2017-7518 Andy Lutomirski discovered that KVM is prone to an incorrect debug exception error occurring while emulating a syscall instruction. A process ... oval:org.secpod.oval:def:603232 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2017-5754 Multiple researchers have discovered a vulnerability in Intel processors, enabling an attacker controlling an unprivileged process to read m ... oval:org.secpod.oval:def:2000964 An issue was discovered in fs/xfs/xfs_icache.c in the Linux kernel through 4.17.3. There is a NULL pointer dereference and panic in lookup_slow on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image. This occurs because of a lack of proper validation that cached inodes are f ... oval:org.secpod.oval:def:2000613 The xfs_dinode_verify function in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service via a crafted xfs image. oval:org.secpod.oval:def:2000426 An issue was discovered in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.17.3. A denial of service can occur for a corrupted xfs image upon encountering an inode that is in extent format, but has more extents than fit in the inode fork. oval:org.secpod.oval:def:52415 linux-lts-utopic: Linux hardware enablement kernel from Utopic Several security issues were fixed in the kernel. oval:org.secpod.oval:def:603396 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation or denial of service. CVE-2018-1087 Andy Lutomirski discovered that the KVM implementation did not properly handle #DB exceptions while deferred by MOV SS/POP SS, allowing an unprivileged KVM gue ... oval:org.secpod.oval:def:603061 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2014-9940 A use-after-free flaw in the voltage and current regulator driver could allow a local user to cause a denial of service or potentially escal ... oval:org.secpod.oval:def:2001074 The acpi_ps_complete_final_op function in drivers/acpi/acpica/psobject.c in the Linux kernel through 4.12.9 does not flush the node and node_ext caches and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanis ... oval:org.secpod.oval:def:2001558 The acpi_ds_create_operands function in drivers/acpi/acpica/dsutils.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a craft ... oval:org.secpod.oval:def:2000757 Linux Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that can result in DoS: Network card firmware assertion takes card off-line. This attack appear to be exploitable via An attacker on a must pass ... oval:org.secpod.oval:def:52586 linux-lts-utopic: Linux hardware enablement kernel from Utopic The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:602324 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak. CVE-2015-7513 It was discovered that a local user permitted to use the x86 KVM subsystem could configure the PIT emulation to cause a denial of service . C ... oval:org.secpod.oval:def:703024 linux-lts-utopic: Linux hardware enablement kernel from Utopic for Trusty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:52755 linux-lts-utopic: Linux hardware enablement kernel from Utopic for Trusty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:602192 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak. CVE-2015-1333 Colin Ian King discovered a flaw in the add_key function of the Linux kernel"s keyring subsystem. A local user can exploit this flaw to cause ... oval:org.secpod.oval:def:52648 linux-lts-utopic: Linux hardware enablement kernel from Utopic Several security issues were fixed in the kernel. oval:org.secpod.oval:def:52769 linux-lts-utopic: Linux hardware enablement kernel from Utopic for Trusty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:602340 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation or denial-of-service. CVE-2013-4312 Tetsuo Handa discovered that it is possible for a process to open far more files than the process" limit leading to denial-of-service conditions. CVE-2015-7566 ... oval:org.secpod.oval:def:702950 linux-lts-utopic: Linux hardware enablement kernel from Utopic Several security issues were fixed in the kernel. oval:org.secpod.oval:def:602779 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or have other impacts. CVE-2016-6786 / CVE-2016-6787 It was discovered that the performance events subsystem does not properly manage locks during certain migrations, allowing ... oval:org.secpod.oval:def:602801 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or have other impacts. CVE-2016-9588 Jim Mattson discovered that the KVM implementation for Intel x86 processors does not properly handle #BP and #OF exceptions in an L2 virtu ... oval:org.secpod.oval:def:602404 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service, information leak or data loss. CVE-2013-4312 Tetsuo Handa discovered that users can use pipes queued on local sockets to allocate an unfair share of kernel memory, leading to ... oval:org.secpod.oval:def:52674 linux-lts-utopic: Linux hardware enablement kernel from Utopic The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:52711 linux-lts-utopic: Linux hardware enablement kernel from Utopic Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702931 linux-lts-utopic: Linux hardware enablement kernel from Utopic The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:703104 linux-lts-utopic: Linux hardware enablement kernel from Utopic for Trusty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:602315 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service, information leak or data loss. CVE-2013-7446 Dmitry Vyukov discovered that a particular sequence of valid operations on local sockets can result in a use-after-free. This may ... oval:org.secpod.oval:def:703051 linux-lts-utopic: Linux hardware enablement kernel from Utopic for Trusty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:52685 linux-lts-utopic: Linux hardware enablement kernel from Utopic Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702764 linux-lts-utopic: Linux hardware enablement kernel from Utopic The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:602546 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2015-7515, CVE-2016-2184, CVE-2016-2185, CVE-2016-2186, CVE-2016-2187, CVE-2016-3136, CVE-2016-3137, CVE-2016-3138, CVE-2016-3140 Ralf Spenneberg of O ... oval:org.secpod.oval:def:702991 linux-lts-utopic: Linux hardware enablement kernel from Utopic Several security issues were fixed in the kernel. oval:org.secpod.oval:def:52737 linux-lts-utopic: Linux hardware enablement kernel from Utopic for Trusty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702879 linux-lts-utopic: Linux hardware enablement kernel from Utopic Several security issues were fixed in the kernel. oval:org.secpod.oval:def:52362 linux-lts-utopic: Linux hardware enablement kernel from Utopic Several security issues were fixed in the kernel. oval:org.secpod.oval:def:603383 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2015-9016 Ming Lei reported a race condition in the multiqueue block layer . On a system with a driver using blk-mq , a local user might be able to us ... |