DSA-4266-1 linux -- linuxID: oval:org.secpod.oval:def:603479 | Date: (C)2018-08-07 (M)2024-01-29 |
Class: PATCH | Family: unix |
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation or denial of service. CVE-2018-5390 Juha-Matti Tilli discovered that a remote attacker can trigger the worst case code paths for TCP stream reassembly with low rates of specially crafted packets leading to remote denial of service. CVE-2018-13405 Jann Horn discovered that the inode_init_owner function in fs/inode.c in the Linux kernel allows local users to create files with an unintended group ownership allowing attackers to escalate privileges by making a plain file executable and SGID.
Product: |
linux-image-4.9 |
linux-headers-4.9 |
hyperv-daemons |
libcpupower-dev |
usbip |
libusbip-dev |
linux-compiler-gcc-6-x86 |
linux-cpupower |
linux-doc-4.9 |
linux-kbuild-4.9 |
linux-libc-dev |
linux-manual-4.9 |
linux-perf-4.9 |
linux-source-4.9 |
linux-support-4.9 |