-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

====================================================================                   Red Hat Security Advisory

Synopsis:          Important: kernel-alt security and bug fix update
Advisory ID:       RHSA-2019:0831-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2019:0831
Issue date:        2019-04-23
CVE Names:         CVE-2018-13053 CVE-2018-13094 CVE-2018-14734 
                   CVE-2018-17972 CVE-2018-18281 CVE-2018-18386 
                   CVE-2018-18397 CVE-2019-9213 
====================================================================
1. Summary:

An update for kernel-alt is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - aarch64, noarch, ppc64le, s390x
Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7) - aarch64, noarch, ppc64le

3. Description:

The kernel-alt packages provide the Linux kernel version 4.x.

Security Fix(es):

* kernel: lack of check for mmap minimum address in expand_downwards in
mm/mmap.c leads to NULL pointer dereferences exploit on non-SMAP platforms
(CVE-2019-9213)

* kernel: use-after-free in ucma_leave_multicast in
drivers/infiniband/core/ucma.c (CVE-2018-14734)

* kernel: Unprivileged users able to inspect kernel stacks of arbitrary
tasks (CVE-2018-17972)

* kernel: TLB flush happens too late on mremap (CVE-2018-18281)

* kernel: Type confusion in drivers/tty/n_tty.c allows for a denial of
service (CVE-2018-18386)

* kernel: userfaultfd bypasses tmpfs file permissions (CVE-2018-18397)

* kernel: Integer overflow in the alarm_timer_nsleep function
(CVE-2018-13053)

* kernel: NULL pointer dereference in xfs_da_shrink_inode function
(CVE-2018-13094)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Bug Fix(es):

* Failed to boot with ftrace=function in kvm with 2vcpu (BZ#1501024)

* [ALT-7.5][x86_64] perf test 63 - inet_pton fails on x86_64 (BZ#1518836)

* BUG: potential out-of-bounds string access when forcing a SELinux label
on a file (BZ#1595706)

* stack out-of-bounds in smb{2,3}_create_lease_buf() on SMB2/SMB3 mounts
(BZ#1598757)

* [ALT-7.6][KVM][PANIC] ltp/lite proc01 - Unable to handle kernel paging
request at virtual address ffff7fe000200018 (BZ#1623193)

* Kernel lock up due to read/write lock (BZ#1636261)

* [RHEL-ALT] Fix potential Spectre v1 in tty code (BZ#1639679)

* [Huawei AArch64 7.6 Bug] HNS3: Vlan on HNS3 NIC cannot communicate
(BZ#1639713)

* [RHEL7.6-ALT][AWS] backport "nvme: update timeout module parameter type"
(BZ#1654958)

* ignore STABLE_FLAG of rmap_item->address in rmap_walk_ksm (BZ#1663565)

* RHEL-Alt-7.6 - kernel: zcrypt: fix specification exception on z196 at ap
probe (BZ#1670018)

* [Huawei AArch64 7.6 Bug] Flock over NFSv3 failed (BZ#1670650)

* [Huawei AArch64 7.6/7.6-z Bug] HNS3: if a single transmit packet(skb) has
more than 8 frags, will cause the NIC to be unavailable (BZ#1677643)

* krb5{,i,p} doesn't work with older enctypes on aarch64 (BZ#1678922)

Users of kernel are advised to upgrade to these updated packages, which fix
these bugs.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1597747 - CVE-2018-13053 kernel: Integer overflow in the alarm_timer_nsleep function
1597771 - CVE-2018-13094 kernel: NULL pointer dereference in xfs_da_shrink_inode function
1611005 - CVE-2018-14734 kernel: use-after-free in ucma_leave_multicast in drivers/infiniband/core/ucma.c
1636349 - CVE-2018-17972 kernel: Unprivileged users able to inspect kernel stacks of arbitrary tasks
1640598 - CVE-2018-18386 kernel: Type confusion in drivers/tty/n_tty.c allows for a denial of service
1641548 - CVE-2018-18397 kernel: userfaultfd bypasses tmpfs file permissions
1645121 - CVE-2018-18281 kernel: TLB flush happens too late on mremap
1686136 - CVE-2019-9213 kernel: lack of check for mmap minimum address in expand_downwards in mm/mmap.c leads to NULL pointer dereferences exploit on non-SMAP platforms

6. Package List:

Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7):

Source:
kernel-alt-4.14.0-115.7.1.el7a.src.rpm

aarch64:
kernel-4.14.0-115.7.1.el7a.aarch64.rpm
kernel-debug-4.14.0-115.7.1.el7a.aarch64.rpm
kernel-debug-debuginfo-4.14.0-115.7.1.el7a.aarch64.rpm
kernel-debug-devel-4.14.0-115.7.1.el7a.aarch64.rpm
kernel-debuginfo-4.14.0-115.7.1.el7a.aarch64.rpm
kernel-debuginfo-common-aarch64-4.14.0-115.7.1.el7a.aarch64.rpm
kernel-devel-4.14.0-115.7.1.el7a.aarch64.rpm
kernel-headers-4.14.0-115.7.1.el7a.aarch64.rpm
kernel-tools-4.14.0-115.7.1.el7a.aarch64.rpm
kernel-tools-debuginfo-4.14.0-115.7.1.el7a.aarch64.rpm
kernel-tools-libs-4.14.0-115.7.1.el7a.aarch64.rpm
perf-4.14.0-115.7.1.el7a.aarch64.rpm
perf-debuginfo-4.14.0-115.7.1.el7a.aarch64.rpm
python-perf-4.14.0-115.7.1.el7a.aarch64.rpm
python-perf-debuginfo-4.14.0-115.7.1.el7a.aarch64.rpm

noarch:
kernel-abi-whitelists-4.14.0-115.7.1.el7a.noarch.rpm
kernel-doc-4.14.0-115.7.1.el7a.noarch.rpm

ppc64le:
kernel-4.14.0-115.7.1.el7a.ppc64le.rpm
kernel-bootwrapper-4.14.0-115.7.1.el7a.ppc64le.rpm
kernel-debug-4.14.0-115.7.1.el7a.ppc64le.rpm
kernel-debug-debuginfo-4.14.0-115.7.1.el7a.ppc64le.rpm
kernel-debuginfo-4.14.0-115.7.1.el7a.ppc64le.rpm
kernel-debuginfo-common-ppc64le-4.14.0-115.7.1.el7a.ppc64le.rpm
kernel-devel-4.14.0-115.7.1.el7a.ppc64le.rpm
kernel-headers-4.14.0-115.7.1.el7a.ppc64le.rpm
kernel-tools-4.14.0-115.7.1.el7a.ppc64le.rpm
kernel-tools-debuginfo-4.14.0-115.7.1.el7a.ppc64le.rpm
kernel-tools-libs-4.14.0-115.7.1.el7a.ppc64le.rpm
perf-4.14.0-115.7.1.el7a.ppc64le.rpm
perf-debuginfo-4.14.0-115.7.1.el7a.ppc64le.rpm
python-perf-4.14.0-115.7.1.el7a.ppc64le.rpm
python-perf-debuginfo-4.14.0-115.7.1.el7a.ppc64le.rpm

s390x:
kernel-4.14.0-115.7.1.el7a.s390x.rpm
kernel-debug-4.14.0-115.7.1.el7a.s390x.rpm
kernel-debug-debuginfo-4.14.0-115.7.1.el7a.s390x.rpm
kernel-debug-devel-4.14.0-115.7.1.el7a.s390x.rpm
kernel-debuginfo-4.14.0-115.7.1.el7a.s390x.rpm
kernel-debuginfo-common-s390x-4.14.0-115.7.1.el7a.s390x.rpm
kernel-devel-4.14.0-115.7.1.el7a.s390x.rpm
kernel-headers-4.14.0-115.7.1.el7a.s390x.rpm
kernel-kdump-4.14.0-115.7.1.el7a.s390x.rpm
kernel-kdump-debuginfo-4.14.0-115.7.1.el7a.s390x.rpm
kernel-kdump-devel-4.14.0-115.7.1.el7a.s390x.rpm
perf-4.14.0-115.7.1.el7a.s390x.rpm
perf-debuginfo-4.14.0-115.7.1.el7a.s390x.rpm
python-perf-4.14.0-115.7.1.el7a.s390x.rpm
python-perf-debuginfo-4.14.0-115.7.1.el7a.s390x.rpm

Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7):

aarch64:
kernel-debug-debuginfo-4.14.0-115.7.1.el7a.aarch64.rpm
kernel-debuginfo-4.14.0-115.7.1.el7a.aarch64.rpm
kernel-debuginfo-common-aarch64-4.14.0-115.7.1.el7a.aarch64.rpm
kernel-tools-debuginfo-4.14.0-115.7.1.el7a.aarch64.rpm
kernel-tools-libs-devel-4.14.0-115.7.1.el7a.aarch64.rpm
perf-debuginfo-4.14.0-115.7.1.el7a.aarch64.rpm
python-perf-debuginfo-4.14.0-115.7.1.el7a.aarch64.rpm

noarch:
kernel-doc-4.14.0-115.7.1.el7a.noarch.rpm

ppc64le:
kernel-debug-debuginfo-4.14.0-115.7.1.el7a.ppc64le.rpm
kernel-debug-devel-4.14.0-115.7.1.el7a.ppc64le.rpm
kernel-debuginfo-4.14.0-115.7.1.el7a.ppc64le.rpm
kernel-debuginfo-common-ppc64le-4.14.0-115.7.1.el7a.ppc64le.rpm
kernel-tools-debuginfo-4.14.0-115.7.1.el7a.ppc64le.rpm
kernel-tools-libs-devel-4.14.0-115.7.1.el7a.ppc64le.rpm
perf-debuginfo-4.14.0-115.7.1.el7a.ppc64le.rpm
python-perf-debuginfo-4.14.0-115.7.1.el7a.ppc64le.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2018-13053
https://access.redhat.com/security/cve/CVE-2018-13094
https://access.redhat.com/security/cve/CVE-2018-14734
https://access.redhat.com/security/cve/CVE-2018-17972
https://access.redhat.com/security/cve/CVE-2018-18281
https://access.redhat.com/security/cve/CVE-2018-18386
https://access.redhat.com/security/cve/CVE-2018-18397
https://access.redhat.com/security/cve/CVE-2019-9213
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2019 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBXL8hu9zjgjWX9erEAQjtKxAAnCp/1p+VtOf8XPuseKCuXRLPp9F5BWK5
3bVvuRy7QxihAFX1AWZ1Vcza4ZUoDEdk7qnjEl+C95Nyx5OA3U05dT26nKW8FF5c
eQIuc9YzujsC8ttK90z0maZ+nQ0DwfZ6t7uAFEHqsJ1N7WU6/Hs1s7eW21Abz7XZ
eGxbcAa/4FxaTR+k47/wjw2yFVAOBw6HKhm2ifRHRwdeHlORAuE9cP7q8DQH7VuQ
hdNdcl3rOqeUa0QEXwWlfGaCYNJgMCLJryY8V33ZfZQhSBa16lGFZai7WxH1cNrl
Xh6ZZoAy6pUGiCweTzjpAn+XWKglHrPJfFBJ4/PSjh9SMMgALcxYCkCaBCo8qslP
ua8v0KFS1ppJhjqni/x9HEVFbKUg9cOz+HllxrYqJ1wJ+AUHTBCwJaHoVGbjkIyR
5jxUchpDbjLbfHl6R1Fn0/7eCZTuwCEFADRv4TX39KcNa0s6uA+fqIcfpLPGFmWJ
k+2eQNvInYMulW+uUJiKO8awwXcHfxwZThQh/euRuKQDw8dKgl7b5RpEdHmrFYF8
NdqJ4fMddkWl2qf/sx4P2+xzjhMimp+isosu1YTSvIj4KnsUUSBx/CZPvr07NRoy
YuzTZyOSejEz1ldjVa1uAzQktFo2fUUDVOYvNj5WIVBKHVl6/2mBZ/iernk3jIRD
ZqrjglEZmE4=phWZ
-----END PGP SIGNATURE-----

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

RedHat: RHSA-2019-0831:01 Important: kernel-alt security and bug fix update

An update for kernel-alt is now available for Red Hat Enterprise Linux 7

Summary

The kernel-alt packages provide the Linux kernel version 4.x.
Security Fix(es):
* kernel: lack of check for mmap minimum address in expand_downwards in mm/mmap.c leads to NULL pointer dereferences exploit on non-SMAP platforms (CVE-2019-9213)
* kernel: use-after-free in ucma_leave_multicast in drivers/infiniband/core/ucma.c (CVE-2018-14734)
* kernel: Unprivileged users able to inspect kernel stacks of arbitrary tasks (CVE-2018-17972)
* kernel: TLB flush happens too late on mremap (CVE-2018-18281)
* kernel: Type confusion in drivers/tty/n_tty.c allows for a denial of service (CVE-2018-18386)
* kernel: userfaultfd bypasses tmpfs file permissions (CVE-2018-18397)
* kernel: Integer overflow in the alarm_timer_nsleep function (CVE-2018-13053)
* kernel: NULL pointer dereference in xfs_da_shrink_inode function (CVE-2018-13094)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* Failed to boot with ftrace=function in kvm with 2vcpu (BZ#1501024)
* [ALT-7.5][x86_64] perf test 63 - inet_pton fails on x86_64 (BZ#1518836)
* BUG: potential out-of-bounds string access when forcing a SELinux label on a file (BZ#1595706)
* stack out-of-bounds in smb{2,3}_create_lease_buf() on SMB2/SMB3 mounts (BZ#1598757)
* [ALT-7.6][KVM][PANIC] ltp/lite proc01 - Unable to handle kernel paging request at virtual address ffff7fe000200018 (BZ#1623193)
* Kernel lock up due to read/write lock (BZ#1636261)
* [RHEL-ALT] Fix potential Spectre v1 in tty code (BZ#1639679)
* [Huawei AArch64 7.6 Bug] HNS3: Vlan on HNS3 NIC cannot communicate (BZ#1639713)
* [RHEL7.6-ALT][AWS] backport "nvme: update timeout module parameter type" (BZ#1654958)
* ignore STABLE_FLAG of rmap_item->address in rmap_walk_ksm (BZ#1663565)
* RHEL-Alt-7.6 - kernel: zcrypt: fix specification exception on z196 at ap probe (BZ#1670018)
* [Huawei AArch64 7.6 Bug] Flock over NFSv3 failed (BZ#1670650)
* [Huawei AArch64 7.6/7.6-z Bug] HNS3: if a single transmit packet(skb) has more than 8 frags, will cause the NIC to be unavailable (BZ#1677643)
* krb5{,i,p} doesn't work with older enctypes on aarch64 (BZ#1678922)
Users of kernel are advised to upgrade to these updated packages, which fix these bugs.



Summary


Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.

References

https://access.redhat.com/security/cve/CVE-2018-13053 https://access.redhat.com/security/cve/CVE-2018-13094 https://access.redhat.com/security/cve/CVE-2018-14734 https://access.redhat.com/security/cve/CVE-2018-17972 https://access.redhat.com/security/cve/CVE-2018-18281 https://access.redhat.com/security/cve/CVE-2018-18386 https://access.redhat.com/security/cve/CVE-2018-18397 https://access.redhat.com/security/cve/CVE-2019-9213 https://access.redhat.com/security/updates/classification/#important

Package List

Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7):
Source: kernel-alt-4.14.0-115.7.1.el7a.src.rpm
aarch64: kernel-4.14.0-115.7.1.el7a.aarch64.rpm kernel-debug-4.14.0-115.7.1.el7a.aarch64.rpm kernel-debug-debuginfo-4.14.0-115.7.1.el7a.aarch64.rpm kernel-debug-devel-4.14.0-115.7.1.el7a.aarch64.rpm kernel-debuginfo-4.14.0-115.7.1.el7a.aarch64.rpm kernel-debuginfo-common-aarch64-4.14.0-115.7.1.el7a.aarch64.rpm kernel-devel-4.14.0-115.7.1.el7a.aarch64.rpm kernel-headers-4.14.0-115.7.1.el7a.aarch64.rpm kernel-tools-4.14.0-115.7.1.el7a.aarch64.rpm kernel-tools-debuginfo-4.14.0-115.7.1.el7a.aarch64.rpm kernel-tools-libs-4.14.0-115.7.1.el7a.aarch64.rpm perf-4.14.0-115.7.1.el7a.aarch64.rpm perf-debuginfo-4.14.0-115.7.1.el7a.aarch64.rpm python-perf-4.14.0-115.7.1.el7a.aarch64.rpm python-perf-debuginfo-4.14.0-115.7.1.el7a.aarch64.rpm
noarch: kernel-abi-whitelists-4.14.0-115.7.1.el7a.noarch.rpm kernel-doc-4.14.0-115.7.1.el7a.noarch.rpm
ppc64le: kernel-4.14.0-115.7.1.el7a.ppc64le.rpm kernel-bootwrapper-4.14.0-115.7.1.el7a.ppc64le.rpm kernel-debug-4.14.0-115.7.1.el7a.ppc64le.rpm kernel-debug-debuginfo-4.14.0-115.7.1.el7a.ppc64le.rpm kernel-debuginfo-4.14.0-115.7.1.el7a.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.14.0-115.7.1.el7a.ppc64le.rpm kernel-devel-4.14.0-115.7.1.el7a.ppc64le.rpm kernel-headers-4.14.0-115.7.1.el7a.ppc64le.rpm kernel-tools-4.14.0-115.7.1.el7a.ppc64le.rpm kernel-tools-debuginfo-4.14.0-115.7.1.el7a.ppc64le.rpm kernel-tools-libs-4.14.0-115.7.1.el7a.ppc64le.rpm perf-4.14.0-115.7.1.el7a.ppc64le.rpm perf-debuginfo-4.14.0-115.7.1.el7a.ppc64le.rpm python-perf-4.14.0-115.7.1.el7a.ppc64le.rpm python-perf-debuginfo-4.14.0-115.7.1.el7a.ppc64le.rpm
s390x: kernel-4.14.0-115.7.1.el7a.s390x.rpm kernel-debug-4.14.0-115.7.1.el7a.s390x.rpm kernel-debug-debuginfo-4.14.0-115.7.1.el7a.s390x.rpm kernel-debug-devel-4.14.0-115.7.1.el7a.s390x.rpm kernel-debuginfo-4.14.0-115.7.1.el7a.s390x.rpm kernel-debuginfo-common-s390x-4.14.0-115.7.1.el7a.s390x.rpm kernel-devel-4.14.0-115.7.1.el7a.s390x.rpm kernel-headers-4.14.0-115.7.1.el7a.s390x.rpm kernel-kdump-4.14.0-115.7.1.el7a.s390x.rpm kernel-kdump-debuginfo-4.14.0-115.7.1.el7a.s390x.rpm kernel-kdump-devel-4.14.0-115.7.1.el7a.s390x.rpm perf-4.14.0-115.7.1.el7a.s390x.rpm perf-debuginfo-4.14.0-115.7.1.el7a.s390x.rpm python-perf-4.14.0-115.7.1.el7a.s390x.rpm python-perf-debuginfo-4.14.0-115.7.1.el7a.s390x.rpm
Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7):
aarch64: kernel-debug-debuginfo-4.14.0-115.7.1.el7a.aarch64.rpm kernel-debuginfo-4.14.0-115.7.1.el7a.aarch64.rpm kernel-debuginfo-common-aarch64-4.14.0-115.7.1.el7a.aarch64.rpm kernel-tools-debuginfo-4.14.0-115.7.1.el7a.aarch64.rpm kernel-tools-libs-devel-4.14.0-115.7.1.el7a.aarch64.rpm perf-debuginfo-4.14.0-115.7.1.el7a.aarch64.rpm python-perf-debuginfo-4.14.0-115.7.1.el7a.aarch64.rpm
noarch: kernel-doc-4.14.0-115.7.1.el7a.noarch.rpm
ppc64le: kernel-debug-debuginfo-4.14.0-115.7.1.el7a.ppc64le.rpm kernel-debug-devel-4.14.0-115.7.1.el7a.ppc64le.rpm kernel-debuginfo-4.14.0-115.7.1.el7a.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.14.0-115.7.1.el7a.ppc64le.rpm kernel-tools-debuginfo-4.14.0-115.7.1.el7a.ppc64le.rpm kernel-tools-libs-devel-4.14.0-115.7.1.el7a.ppc64le.rpm perf-debuginfo-4.14.0-115.7.1.el7a.ppc64le.rpm python-perf-debuginfo-4.14.0-115.7.1.el7a.ppc64le.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/


Severity
Advisory ID: RHSA-2019:0831-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2019:0831
Issued Date: : 2019-04-23
CVE Names: CVE-2018-13053 CVE-2018-13094 CVE-2018-14734 CVE-2018-17972 CVE-2018-18281 CVE-2018-18386 CVE-2018-18397 CVE-2019-9213

Topic

An update for kernel-alt is now available for Red Hat Enterprise Linux 7.Red Hat Product Security has rated this update as having a security impactof Important. A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is available for each vulnerabilityfrom the CVE link(s) in the References section.


Topic


 

Relevant Releases Architectures

Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - aarch64, noarch, ppc64le, s390x

Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7) - aarch64, noarch, ppc64le


Bugs Fixed

1597747 - CVE-2018-13053 kernel: Integer overflow in the alarm_timer_nsleep function

1597771 - CVE-2018-13094 kernel: NULL pointer dereference in xfs_da_shrink_inode function

1611005 - CVE-2018-14734 kernel: use-after-free in ucma_leave_multicast in drivers/infiniband/core/ucma.c

1636349 - CVE-2018-17972 kernel: Unprivileged users able to inspect kernel stacks of arbitrary tasks

1640598 - CVE-2018-18386 kernel: Type confusion in drivers/tty/n_tty.c allows for a denial of service

1641548 - CVE-2018-18397 kernel: userfaultfd bypasses tmpfs file permissions

1645121 - CVE-2018-18281 kernel: TLB flush happens too late on mremap

1686136 - CVE-2019-9213 kernel: lack of check for mmap minimum address in expand_downwards in mm/mmap.c leads to NULL pointer dereferences exploit on non-SMAP platforms


Related News

24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved