DSA-4313-1 linux -- linuxID: oval:org.secpod.oval:def:603541 | Date: (C)2018-10-09 (M)2024-04-17 |
Class: PATCH | Family: unix |
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2018-15471 Felix Wilhelm of Google Project Zero discovered a flaw in the hash handling of the xen-netback Linux kernel module. A malicious or buggy frontend may cause the backend to make out of bounds memory accesses, potentially resulting in privilege escalation, denial of service, or information leaks. https://xenbits.xen.org/xsa/advisory-270.html CVE-2018-18021 It was discovered that the KVM subsystem on the arm64 platform does not properly handle the KVM_SET_ON_REG ioctl. An attacker who can create KVM based virtual machines can take advantage of this flaw for denial of service or privilege escalation .
Product: |
linux-image-4.9 |
linux-headers-4.9 |
hyperv-daemons |
libcpupower-dev |
usbip |
libusbip-dev |
linux-compiler-gcc-6-x86 |
linux-cpupower |
linux-doc-4.9 |
linux-kbuild-4.9 |
linux-libc-dev |
linux-manual-4.9 |
linux-perf-4.9 |
linux-source-4.9 |
linux-support-4.9 |