Professional OVAL Repository
[Eng]
[Rus]
[Sign-In]
OVAL
Search
Categories
RedCheck
About
OVAL Definitions
OVAL Items
FSTEC Data Bank Information Security Threats
NKCKI
EOL (End Of Life)
Linux Security Advisories
Mozilla Foundation Security Advisory
IBM
VMware
Cisco
Check Point Software Technologies
Apache
Solaris
FreeBSD
Development
GitHub Enterprise
Google Chrome Security Advisories
Oracle Security Advisories
Adobe Security Advisories
OpenSSL Security Advisories
Microsoft
CVE
CWE
CPE
Latest Updates
OS ROSA
ALT Linux
Astra Linux
RED OS
DSA (Debian Security Advisory) Patсh Statistics
DSA (Debian Security Advisory) Patсh Feed
DSA (Debian Security Advisory) Vulnerability Feed
DLA (Debian Security Advisory) Patсh Statistics
DLA (Debian Security Advisory) Patсh Feed
DLA (Debian Security Advisory) Vulnerability Feed
ALT Linux (Security Bulletins) Patсh Statistics
ALT Linux (Security Bulletins) Patсh Feed
ALT Linux (Security Bulletins) Vulnerability Feed
RED OS (Security Bulletins) Patсh Statistics
RED OS (Security Bulletins) Patсh Feed
RED OS (Security Bulletins) Vulnerability Feed
USN (Ubuntu Security Notice) Patсh Statistics
USN (Ubuntu Security Notice) Patсh Feed
USN (Ubuntu Security Notice) Vulnerability Feed
RHSA (RedHat Security Advisory) Patсh Statistics
RHSA (RedHat Security Advisory) Patсh Feed
RHSA (RedHat Security Advisory) Vulnerability Feed
ELSA (Oracle Linux Security Advisory) Patсh Statistics
ELSA (Oracle Linux Security Advisory) Patсh Feed
ELSA (Oracle Linux Security Advisory) Vulnerability Feed
SUSE (SUSE Security Advisories) Patсh Statistics
SUSE (SUSE Security Advisories) Patсh Feed
SUSE (SUSE Security Advisories) Vulnerability Feed
openSUSE (openSUSE Security Advisories) Patсh Statistics
openSUSE (openSUSE Security Advisories) Patсh Feed
openSUSE (openSUSE Security Advisories) Vulnerability Feed
Amazon Linux AMI (Security Bulletins) Patсh Statistics
Amazon Linux AMI (Security Bulletins) Patсh Feed
Amazon Linux AMI (Security Bulletins) Vulnerability Feed
Mageia Linux (Security Bulletins) Patсh Statistics
Mageia Linux (Security Bulletins) Patсh Feed
Mageia Linux (Security Bulletins) Vulnerability Feed
OS ROSA SX COBALT 1.0
OS ROSA DX COBALT 1.0
ROSA 7.3 (Security Advisories) Patсh Statistics
ROSA 7.3 (Security Advisories) Patсh Feed
ROSA 7.3 (Security Advisories) Vulnerability Feed
ALT Linux SPT 6.0
ALT Linux SPT 7.0
ALT 8 SP
ALT 9
Astra Linux SE 1.5
Astra Linux SE 1.6
Astra Linux SE 1.7
Astra Linux SE 1.8
RED OS Murom 7.1
RED OS Murom 7.2
IBM DB2
VMware Vulnerabilities Advisory (VMSA)
VMware vCenter Patch Advisories
VMware ESXi Patch Advisories
VMware NSX Patches
VMware NSX Vulnerabilities
VMware Photon OS 1.0 Patches
VMware Photon OS 1.0 Vulnerabilities
VMware Photon OS 2.0 Patches
VMware Photon OS 2.0 Vulnerabilities
Cisco ASA
Cisco IOS/NX-OS Advisory
Cisco NX-OS Vulnerabilities
Check Point Gaia
Apache Tomcat Advisories
Apache Tomcat Server
Apache HTTP Server
Python
Node.js
RubyGems
Qt
Microsoft Security Bulletin
Microsoft Knowledge Base Article
Microsoft SharePoint
Microsoft SharePoint Foundation 2013
Microsoft SharePoint Server 2013
Microsoft SharePoint Server 2016
About OVALdb
User manual
Pricing
Contact us
OVAL Definitions
>
OVAL Definition Details
Id
oval:ru.altx-soft.nix:def:251870
[Eng]
Version
1
Class
patch
ALTXid
482642
Language
Russian
Severity
Medium
Title
PHSA-2016-0007 -- обновление безопасности Photon OS для linux
Description
Updates of linux packages of Photon OS have been released.
Family
unix
Platform
VMware Photon OS 1.0
Product
linux
Reference
VENDOR: PHSA-2016-0007
VENDOR: PHSA-2016-0007
Id:
PHSA-2016-0007
Reference:
https://github.com/vmware/photon/wiki/Security-Update-1.0-7
CVE: CVE-2016-4569
CVE: CVE-2016-4569
Id:
CVE-2016-4569
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4569
Comment
: The snd_timer_user_params function in sound/core/timer.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface.
CVSSv2 Score:
2.1
Access vector:
LOCAL
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
PARTIAL
Integrity impact:
NONE
Availability impact:
NONE
CVSSv2 Vector:
AV:L/AC:L/Au:N/C:P/I:N/A:N
CVSSv3 Score:
5.5
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
NONE
Availability impact:
NONE
CVSSv3 Vector:
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CWE:
200 (Information Exposure)
References:
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cec8f96e49d9be372fdb0c3836dcf31ec71e457e (CONFIRM)
https://github.com/torvalds/linux/commit/cec8f96e49d9be372fdb0c3836dcf31ec71e457e (CONFIRM)
[oss-security] 20160509 Re: CVE Request: kernel information leak vulnerability in Linux sound module (MLIST)
https://bugzilla.redhat.com/show_bug.cgi?id=1334643 (CONFIRM)
USN-3017-2 (UBUNTU)
USN-3018-2 (UBUNTU)
USN-3016-4 (UBUNTU)
USN-3016-1 (UBUNTU)
USN-3016-2 (UBUNTU)
USN-3016-3 (UBUNTU)
USN-3018-1 (UBUNTU)
USN-3019-1 (UBUNTU)
USN-3017-3 (UBUNTU)
USN-3020-1 (UBUNTU)
USN-3017-1 (UBUNTU)
USN-3021-1 (UBUNTU)
USN-3021-2 (UBUNTU)
SUSE-SU-2016:1672 (SUSE)
SUSE-SU-2016:1696 (SUSE)
SUSE-SU-2016:1690 (SUSE)
SUSE-SU-2016:1937 (SUSE)
DSA-3607 (DEBIAN)
SUSE-SU-2016:1985 (SUSE)
openSUSE-SU-2016:1641 (SUSE)
openSUSE-SU-2016:2184 (SUSE)
90347 (BID)
SUSE-SU-2016:2105 (SUSE)
RHSA-2016:2584 (REDHAT)
RHSA-2016:2574 (REDHAT)
CVE: CVE-2017-15102
CVE: CVE-2017-15102
Id:
CVE-2017-15102
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15102
Comment
: The tower_probe function in drivers/usb/misc/legousbtower.c in the Linux kernel before 4.8.1 allows local users (who are physically proximate for inserting a crafted USB device) to gain privileges by leveraging a write-what-where condition that occurs after a race condition and a NULL pointer dereference.
CVSSv2 Score:
6.9
Access vector:
LOCAL
Access complexity:
MEDIUM
Authentication:
NONE
Confidentiality impact:
COMPLETE
Integrity impact:
COMPLETE
Availability impact:
COMPLETE
CVSSv2 Vector:
AV:L/AC:M/Au:N/C:C/I:C/A:C
CVSSv3 Score:
6.3
Attack vector:
PHYSICAL
Attack complexity:
HIGH
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.0/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE:
476 (NULL Pointer Dereference)
References:
https://github.com/torvalds/linux/commit/2fae9e5a7babada041e2e161699ade2447a01989 (CONFIRM)
https://bugzilla.redhat.com/show_bug.cgi?id=1505905 (CONFIRM)
http://seclists.org/oss-sec/2017/q4/238 (CONFIRM)
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2fae9e5a7babada041e2e161699ade2447a01989 (CONFIRM)
101790 (BID)
USN-3583-2 (UBUNTU)
USN-3583-1 (UBUNTU)
CVE: CVE-2015-8839
CVE: CVE-2015-8839
Id:
CVE-2015-8839
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8839
Comment
: Multiple race conditions in the ext4 filesystem implementation in the Linux kernel before 4.5 allow local users to cause a denial of service (disk corruption) by writing to a page that is associated with a different user's file after unsynchronized hole punching and page-fault handling.
CVSSv2 Score:
1.9
Access vector:
LOCAL
Access complexity:
MEDIUM
Authentication:
NONE
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
PARTIAL
CVSSv2 Vector:
AV:L/AC:M/Au:N/C:N/I:N/A:P
CVSSv3 Score:
5.1
Attack vector:
LOCAL
Attack complexity:
HIGH
Privileges required:
NONE
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE:
362 (Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition'))
References:
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ea3d7209ca01da209cda6f0dea8be9cc4b7a933b (CONFIRM)
[oss-security] 20160401 Re: ext4 data corruption due to punch hole races (MLIST)
85798 (BID)
1035455 (SECTRACK)
USN-3005-1 (UBUNTU)
USN-3006-1 (UBUNTU)
USN-3007-1 (UBUNTU)
RHSA-2017:1842 (REDHAT)
RHSA-2017:2077 (REDHAT)
RHSA-2017:2669 (REDHAT)
https://bugzilla.redhat.com/show_bug.cgi?id=1323577 (CONFIRM)
https://github.com/torvalds/linux/commit/ea3d7209ca01da209cda6f0dea8be9cc4b7a933b (CONFIRM)
[debian-lts-announce] 20200609 [SECURITY] [DLA 2241-1] linux security update (MLIST)
[debian-lts-announce] 20200610 [SECURITY] [DLA 2241-2] linux security update (MLIST)
CVE: CVE-2016-6136
CVE: CVE-2016-6136
Id:
CVE-2016-6136
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6136
Comment
: Race condition in the audit_log_single_execve_arg function in kernel/auditsc.c in the Linux kernel through 4.7 allows local users to bypass intended character-set restrictions or disrupt system-call auditing by changing a certain string, aka a "double fetch" vulnerability.
CVSSv2 Score:
1.9
Access vector:
LOCAL
Access complexity:
MEDIUM
Authentication:
NONE
Confidentiality impact:
NONE
Integrity impact:
PARTIAL
Availability impact:
NONE
CVSSv2 Vector:
AV:L/AC:M/Au:N/C:N/I:P/A:N
CVSSv3 Score:
4.7
Attack vector:
LOCAL
Attack complexity:
HIGH
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
NONE
Integrity impact:
HIGH
Availability impact:
NONE
CVSSv3 Vector:
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
CWE:
362 (Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition'))
References:
https://bugzilla.redhat.com/show_bug.cgi?id=1353533 (CONFIRM)
https://github.com/torvalds/linux/commit/43761473c254b45883a64441dd0bc85a42f3645c (CONFIRM)
https://github.com/linux-audit/audit-kernel/issues/18 (CONFIRM)
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=43761473c254b45883a64441dd0bc85a42f3645c (CONFIRM)
20160704 [CVE-2016-6136] Double-Fetch Vulnerability in Linux-4.6/kernel/auditsc.c (BUGTRAQ)
https://bugzilla.kernel.org/show_bug.cgi?id=120681 (CONFIRM)
https://source.android.com/security/bulletin/2016-11-01.html (CONFIRM)
91558 (BID)
RHSA-2017:0307 (REDHAT)
RHSA-2016:2584 (REDHAT)
RHSA-2016:2574 (REDHAT)
CVE: CVE-2016-4578
CVE: CVE-2016-4578
Id:
CVE-2016-4578
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4578
Comment
: sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_timer_user_ccallback and (2) snd_timer_user_tinterrupt functions.
CVSSv2 Score:
2.1
Access vector:
LOCAL
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
PARTIAL
Integrity impact:
NONE
Availability impact:
NONE
CVSSv2 Vector:
AV:L/AC:L/Au:N/C:P/I:N/A:N
CVSSv3 Score:
5.5
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
NONE
Availability impact:
NONE
CVSSv3 Vector:
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CWE:
200 (Information Exposure)
References:
https://github.com/torvalds/linux/commit/9a47e9cff994f37f7f0dbd9ae23740d0f64f9fe6 (CONFIRM)
https://github.com/torvalds/linux/commit/e4ec8cc8039a7063e24204299b462bd1383184a5 (CONFIRM)
https://bugzilla.redhat.com/show_bug.cgi?id=1335215 (CONFIRM)
[oss-security] 20160511 Re: CVE Request: alsa: kernel information leak vulnerability in Linux sound/core/timer (MLIST)
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e4ec8cc8039a7063e24204299b462bd1383184a5 (CONFIRM)
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9a47e9cff994f37f7f0dbd9ae23740d0f64f9fe6 (CONFIRM)
USN-3017-2 (UBUNTU)
USN-3018-2 (UBUNTU)
USN-3016-4 (UBUNTU)
USN-3016-1 (UBUNTU)
USN-3016-2 (UBUNTU)
USN-3016-3 (UBUNTU)
USN-3018-1 (UBUNTU)
USN-3019-1 (UBUNTU)
USN-3017-3 (UBUNTU)
USN-3020-1 (UBUNTU)
USN-3017-1 (UBUNTU)
USN-3021-1 (UBUNTU)
USN-3021-2 (UBUNTU)
SUSE-SU-2016:1672 (SUSE)
SUSE-SU-2016:1690 (SUSE)
SUSE-SU-2016:1937 (SUSE)
DSA-3607 (DEBIAN)
SUSE-SU-2016:1985 (SUSE)
openSUSE-SU-2016:1641 (SUSE)
openSUSE-SU-2016:2184 (SUSE)
SUSE-SU-2016:2105 (SUSE)
90535 (BID)
RHSA-2016:2584 (REDHAT)
RHSA-2016:2574 (REDHAT)
46529 (EXPLOIT-DB)
CVE: CVE-2016-5243
CVE: CVE-2016-5243
Id:
CVE-2016-5243
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5243
Comment
: The tipc_nl_compat_link_dump function in net/tipc/netlink_compat.c in the Linux kernel through 4.6.3 does not properly copy a certain string, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message.
CVSSv2 Score:
2.1
Access vector:
LOCAL
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
PARTIAL
Integrity impact:
NONE
Availability impact:
NONE
CVSSv2 Vector:
AV:L/AC:L/Au:N/C:P/I:N/A:N
CVSSv3 Score:
5.5
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
NONE
Availability impact:
NONE
CVSSv3 Vector:
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CWE:
200 (Information Exposure)
References:
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5d2be1422e02ccd697ccfcd45c85b4a26e6178e2 (CONFIRM)
https://patchwork.ozlabs.org/patch/629100/ (CONFIRM)
[oss-security] 20160603 Re: CVE Request: tipc: an infoleak in tipc_nl_compat_link_dump (MLIST)
https://github.com/torvalds/linux/commit/5d2be1422e02ccd697ccfcd45c85b4a26e6178e2 (CONFIRM)
https://bugzilla.redhat.com/show_bug.cgi?id=1343335 (CONFIRM)
USN-3052-1 (UBUNTU)
91334 (BID)
USN-3056-1 (UBUNTU)
USN-3055-1 (UBUNTU)
DSA-3607 (DEBIAN)
USN-3050-1 (UBUNTU)
USN-3057-1 (UBUNTU)
USN-3049-1 (UBUNTU)
USN-3053-1 (UBUNTU)
USN-3051-1 (UBUNTU)
USN-3054-1 (UBUNTU)
CVE: CVE-2016-6156
CVE: CVE-2016-6156
Id:
CVE-2016-6156
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6156
Comment
: Race condition in the ec_device_ioctl_xcmd function in drivers/platform/chrome/cros_ec_dev.c in the Linux kernel before 4.7 allows local users to cause a denial of service (out-of-bounds array access) by changing a certain size value, aka a "double fetch" vulnerability.
CVSSv2 Score:
1.9
Access vector:
LOCAL
Access complexity:
MEDIUM
Authentication:
NONE
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
PARTIAL
CVSSv2 Vector:
AV:L/AC:M/Au:N/C:N/I:N/A:P
CVSSv3 Score:
5.1
Attack vector:
LOCAL
Attack complexity:
HIGH
Privileges required:
NONE
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE:
362 (Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition'))
References:
https://bugzilla.redhat.com/show_bug.cgi?id=1353490 (CONFIRM)
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=096cdc6f52225835ff503f987a0d68ef770bb78e (CONFIRM)
https://bugzilla.kernel.org/show_bug.cgi?id=120131 (MISC)
20160704 [CVE-2016-6156] Double-Fetch Vulnerability in Linux-4.6/drivers/platform/chrome/cros_ec_dev.c (BUGTRAQ)
https://github.com/torvalds/linux/commit/096cdc6f52225835ff503f987a0d68ef770bb78e (CONFIRM)
91553 (BID)
CVE: CVE-2016-6130
CVE: CVE-2016-6130
Id:
CVE-2016-6130
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6130
Comment
: Race condition in the sclp_ctl_ioctl_sccb function in drivers/s390/char/sclp_ctl.c in the Linux kernel before 4.6 allows local users to obtain sensitive information from kernel memory by changing a certain length value, aka a "double fetch" vulnerability.
CVSSv2 Score:
1.9
Access vector:
LOCAL
Access complexity:
MEDIUM
Authentication:
NONE
Confidentiality impact:
PARTIAL
Integrity impact:
NONE
Availability impact:
NONE
CVSSv2 Vector:
AV:L/AC:M/Au:N/C:P/I:N/A:N
CVSSv3 Score:
4.7
Attack vector:
LOCAL
Attack complexity:
HIGH
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
NONE
Availability impact:
NONE
CVSSv3 Vector:
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
CWE:
362 (Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition'))
References:
https://github.com/torvalds/linux/commit/532c34b5fbf1687df63b3fcd5b2846312ac943c6 (CONFIRM)
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=532c34b5fbf1687df63b3fcd5b2846312ac943c6 (CONFIRM)
20160630 [CVE-2016-6130] Double-Fetch Vulnerability in Linux-4.5/drivers/s390/char/sclp_ctl.c (BUGTRAQ)
https://bugzilla.kernel.org/show_bug.cgi?id=116741 (CONFIRM)
DSA-3616 (DEBIAN)
91540 (BID)
CVE: CVE-2019-3901
CVE: CVE-2019-3901
Id:
CVE-2019-3901
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3901
Comment
: A race condition in perf_event_open() allows local attackers to leak sensitive data from setuid programs. As no relevant locks (in particular the cred_guard_mutex) are held during the ptrace_may_access() call, it is possible for the specified target task to perform an execve() syscall with setuid execution before perf_event_alloc() actually attaches to it, allowing an attacker to bypass the ptrace_may_access() check and the perf_event_exit_task(current) call that is performed in install_exec_creds() during privileged execve() calls. This issue affects kernel versions before 4.8.
CVSSv2 Score:
1.9
Access vector:
LOCAL
Access complexity:
MEDIUM
Authentication:
NONE
Confidentiality impact:
PARTIAL
Integrity impact:
NONE
Availability impact:
NONE
CVSSv2 Vector:
AV:L/AC:M/Au:N/C:P/I:N/A:N
CVSSv3 Score:
4.7
Attack vector:
LOCAL
Attack complexity:
HIGH
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
NONE
Availability impact:
NONE
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
CWE:
667 (Improper Locking)
References:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3901 (CONFIRM)
89937 (BID)
https://security.netapp.com/advisory/ntap-20190517-0005/ (CONFIRM)
[debian-lts-announce] 20190528 [SECURITY] [DLA 1799-1] linux security update (MLIST)
[debian-lts-announce] 20190528 [SECURITY] [DLA 1799-2] linux security update (MLIST)
CVE: CVE-2016-4482
CVE: CVE-2016-4482
Id:
CVE-2016-4482
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4482
Comment
: The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted USBDEVFS_CONNECTINFO ioctl call.
CVSSv2 Score:
2.1
Access vector:
LOCAL
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
PARTIAL
Integrity impact:
NONE
Availability impact:
NONE
CVSSv2 Vector:
AV:L/AC:L/Au:N/C:P/I:N/A:N
CVSSv3 Score:
6.2
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
NONE
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
NONE
Availability impact:
NONE
CVSSv3 Vector:
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE:
200 (Information Exposure)
References:
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=681fef8380eb818c0b845fca5d2ab1dcbab114ee (CONFIRM)
https://bugzilla.redhat.com/show_bug.cgi?id=1332931 (CONFIRM)
[oss-security] 20160503 CVE Request: information leak in devio of Linux kernel (MLIST)
https://github.com/torvalds/linux/commit/681fef8380eb818c0b845fca5d2ab1dcbab114ee (CONFIRM)
FEDORA-2016-4ce97823af (FEDORA)
USN-3017-2 (UBUNTU)
USN-3018-2 (UBUNTU)
USN-3016-4 (UBUNTU)
USN-3016-1 (UBUNTU)
USN-3016-2 (UBUNTU)
USN-3016-3 (UBUNTU)
USN-3018-1 (UBUNTU)
USN-3019-1 (UBUNTU)
USN-3017-3 (UBUNTU)
USN-3020-1 (UBUNTU)
USN-3017-1 (UBUNTU)
USN-3021-1 (UBUNTU)
USN-3021-2 (UBUNTU)
SUSE-SU-2016:1672 (SUSE)
SUSE-SU-2016:1696 (SUSE)
SUSE-SU-2016:1690 (SUSE)
SUSE-SU-2016:1937 (SUSE)
DSA-3607 (DEBIAN)
SUSE-SU-2016:1985 (SUSE)
openSUSE-SU-2016:1641 (SUSE)
openSUSE-SU-2016:2184 (SUSE)
90029 (BID)
SUSE-SU-2016:2105 (SUSE)
CVE: CVE-2017-7495
CVE: CVE-2017-7495
Id:
CVE-2017-7495
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7495
Comment
: fs/ext4/inode.c in the Linux kernel before 4.6.2, when ext4 data=ordered mode is used, mishandles a needs-flushing-before-commit list, which allows local users to obtain sensitive information from other users' files in opportunistic circumstances by waiting for a hardware reset, creating a new file, making write system calls, and reading this file.
CVSSv2 Score:
2.1
Access vector:
LOCAL
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
PARTIAL
Integrity impact:
NONE
Availability impact:
NONE
CVSSv2 Vector:
AV:L/AC:L/Au:N/C:P/I:N/A:N
CVSSv3 Score:
5.5
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
NONE
Availability impact:
NONE
CVSSv3 Vector:
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CWE:
200 (Information Exposure)
References:
https://github.com/torvalds/linux/commit/06bd3c36a733ac27962fea7d6f47168841376824 (CONFIRM)
https://bugzilla.redhat.com/show_bug.cgi?id=1450261 (CONFIRM)
http://www.openwall.com/lists/oss-security/2017/05/15/2 (CONFIRM)
http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.2 (CONFIRM)
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=06bd3c36a733ac27962fea7d6f47168841376824 (CONFIRM)
98491 (BID)
https://source.android.com/security/bulletin/2017-09-01 (CONFIRM)
Content available only for registered users!
ovaldb@altx-soft.com