[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

DSA-4266-1 linux -- linux

ID: oval:org.secpod.oval:def:603479Date: (C)2018-08-07   (M)2024-01-29
Class: PATCHFamily: unix




Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation or denial of service. CVE-2018-5390 Juha-Matti Tilli discovered that a remote attacker can trigger the worst case code paths for TCP stream reassembly with low rates of specially crafted packets leading to remote denial of service. CVE-2018-13405 Jann Horn discovered that the inode_init_owner function in fs/inode.c in the Linux kernel allows local users to create files with an unintended group ownership allowing attackers to escalate privileges by making a plain file executable and SGID.

Platform:
Debian 9.x
Product:
linux-image-4.9
linux-headers-4.9
hyperv-daemons
libcpupower-dev
usbip
libusbip-dev
linux-compiler-gcc-6-x86
linux-cpupower
linux-doc-4.9
linux-kbuild-4.9
linux-libc-dev
linux-manual-4.9
linux-perf-4.9
linux-source-4.9
linux-support-4.9
Reference:
DSA-4266-1
CVE-2018-5390
CVE-2018-13405
CVE    2
CVE-2018-5390
CVE-2018-13405
CPE    2
cpe:/a:linux:linux_image:4.9
cpe:/o:debian:debian_linux:9.x

© SecPod Technologies