UbuntuUpdates.org

Bugs fixes in "linux-aws-hwe"

Origin Bug number Title Date fixed
CVE CVE-2019-11833 fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local user 2019-08-21
CVE CVE-2019-11815 An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. There is a race condition leading to a use-after-free 2019-08-21
CVE CVE-2019-12819 An issue was discovered in the Linux kernel before 5.0. The function __mdiobus_register() in drivers/net/phy/mdio_bus.c calls put_device(), which wil 2019-08-21
CVE CVE-2019-12984 A NULL pointer dereference vulnerability in the function nfc_genl_deactivate_target() in net/nfc/netlink.c in the Linux kernel before 5.1.13 can be t 2019-08-21
CVE CVE-2019-12818 An issue was discovered in the Linux kernel before 4.20.15. The nfc_llcp_build_tlv function in net/nfc/llcp_commands.c may return NULL. If the caller 2019-08-21
CVE CVE-2019-3846 A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malic 2019-08-21
CVE CVE-2019-10126 A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie. 2019-08-21
CVE CVE-2019-12614 An issue was discovered in dlpar_parse_cc_property in arch/powerpc/platforms/pseries/dlpar.c in the Linux kernel through 5.1.6. There is an unchecked 2019-08-21
CVE CVE-2016-7489 Teradata Virtual Machine Community Edition v15.10's perl script /opt/teradata/gsctools/bin/t2a.pl creates files in /tmp in an insecure manner, this m 2019-08-21
CVE CVE-2015-7442 consoleinst.sh in IBM Installation Manager before 1.7.4.4 and 1.8.x before 1.8.4 and Packaging Utility before 1.7.4.4 and 1.8.x before 1.8.4 allows l 2019-08-21
CVE CVE-2015-1838 modules/serverdensity_device.py in SaltStack before 2014.7.4 does not properly handle files in /tmp. 2019-08-21
CVE CVE-2011-4834 The GetInstalledPackages function in the configuration tool in HP Application Lifestyle Management (ALM) 11 on AIX, HP-UX, and Solaris allows local u 2019-08-21
CVE CVE-2009-0416 The SSL certificate setup program (genSslCert.sh) in Standards Based Linux Instrumentation for Manageability (SBLIM) sblim-sfcb 1.3.2 allows local us 2019-08-21
CVE CVE-2008-0525 PatchLink Update client for Unix, as used by Novell ZENworks Patch Management Update Agent for Linux/Unix/Mac (LUM) 6.2094 through 6.4102 and other p 2019-08-21
CVE CVE-2007-3852 The init script (sysstat.in) in sysstat 5.1.2 up to 7.1.6 creates /tmp/sysstat.run insecurely, which allows local users to execute arbitrary code. 2019-08-21
CVE CVE-2000-1134 Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka 2019-08-21
CVE CVE-2019-13272 In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptr 2019-08-21
CVE CVE-2019-13233 In arch/x86/lib/insn-eval.c in the Linux kernel before 5.1.9, there is a use-after-free for access to an LDT entry because of a race condition betwee 2019-08-21
CVE CVE-2018-5383 Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android version 2019-08-21
CVE CVE-2019-2101 In uvc_parse_standard_control of uvc_driver.c, there is a possible out-of-bound read due to improper input validation. This could lead to local infor 2019-08-21



About   -   Send Feedback to @ubuntu_updates