summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Kernel: net: mac80211: CVE-2014-2706daisy-eneaSona Sarmadi2016-06-172-0/+167
| | | | | | | | | | | | | | crash dues to AP powersave TX vs. wakeup race Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2706 Reference to upstream fix: https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/ commit/?id=a7ee1a84a81555b19ec3d02f104bfd70cf0b668a Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Tudor Florea <tudor.florea@enea.com>
* kernel: block/floppy: CVE-2014-1737, CVE-2014-1738Sona Sarmadi2016-06-173-0/+94
| | | | | | | | | | | | | | | | | | | | Fixes privilege escalation via FDRAWCMD floppy ioctl command References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1737 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1738 Reference to upstream fixes: CVE-2014-1737: https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/ commit/?id=21506304588afab20b2d52aaa56b70e85aca6386 CVE-2014-1738: https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/ commit/?id=50c648e394a0968f19d448b70bec82da88219963 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Tudor Florea <tudor.florea@enea.com>
* kernel-virt-kvm: CVE-2013-4587Sona Sarmadi2016-06-172-0/+44
| | | | | | | | | | | | | | Improve create VCPU parameter (CVE-2013-4587) Reference: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4587 Reference to upstream fix: https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/ commit/?id=f4d838225e0cbdc8099c2eb8d55dd9406def1f33 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Tudor Florea <tudor.florea@enea.com>
* kernel-net: CVE-2013-4348Sona Sarmadi2016-06-172-0/+47
| | | | | | | | | | | | | | flow_dissector: fail on evil iph->ihl Reference: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4348 Reference to upstream fix: https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/ commit/?id=666a76c79fc23fef31fb870193053464148ba488 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Tudor Florea <tudor.florea@enea.com>
* kernel-cifs: CVE-2013-4247Sona Sarmadi2016-06-162-0/+49
| | | | | | | | | | | | | | Fix off-by-one bug in build_unc_path_to_root Reference: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4247 Reference to upstream fix: https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/ commit/?id=1fc29bacedeabb278080e31bb9c1ecb49f143c3b Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Tudor Florea <tudor.florea@enea.com>
* kernel: CVE-2015-5364, CVE-2015-5366Tudor Florea2015-07-227-0/+71
| | | | | | | | | | | This fixes incorrect processing of checksums in UDP implementation References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5364 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5366 http://www.openwall.com/lists/oss-security/2015/07/10/3 Signed-off-by: Tudor Florea <tudor.florea@enea.com>
* kernel: x86, kvm: CVE-2015-4692Tudor Florea2015-07-092-1/+27
| | | | | | | | | NULL pointer dereference in kvm_apic_has_events function References: http://www.openwall.com/lists/oss-security/2015/06/21/1 Signed-off-by: Tudor Florea <tudor.florea@enea.com>
* kernel: x86: CVE-2015-2830Tudor Florea2015-07-072-0/+64
| | | | | | | | | | | | Fixes a flaw in the way the Linux kernel's 32-bit emulation implementation handled forking or closing of a task with an 'int80' entry. References: http://seclists.org/oss-sec/2015/q2/8 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2830 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* Kernel: crypto: CVE-2015-3331Tudor Florea2015-07-072-0/+72
| | | | | | | | | | | | Fixes buffer overruns in RFC4106 implementation using AESNI. References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3331 http://www.openwall.com/lists/oss-security/2015/04/18/1 https://software.intel.com/en-us/articles/intel-advanced-encryption-standard-in Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* kernel-net-rds: CVE-2015-2042Tudor Florea2015-07-072-0/+49
| | | | | | | | | | Fixes incorret data type in rds_sysctl_rds_table References http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2042 http://www.openwall.com/lists/oss-security/2015/02/20/20 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* valgrind: fix compile issueTudor Florea2015-07-071-0/+4
| | | | | | | disable the compiling of valgrind 3.9 ptests for zc702-zynq7 target Signed-off-by: Tudor Florea <tudor.florea@enea.com>
* KVM-x86-SYSENTER: CVE-2015-0239Tudor Florea2015-07-072-0/+95
| | | | | | | | | Insufficient sysenter emulation when invoked from 16-bit code References: http://www.openwall.com/lists/oss-security/2015/01/27/6 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* x86, mm/ASLR: CVE-2015-1593Tudor Florea2015-07-072-0/+117
| | | | | | | | | | Fix stack randomization on 64-bit systems References: http://hmarco.org/bugs/linux-ASLR-integer-overflow.html http://www.openwall.com/lists/oss-security/2015/02/13/13 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* IB-uverbs: CVE-2014-8159Tudor Florea2015-07-072-0/+52
| | | | | | | | | Prevent integer overflow in ib_umem_get address arithmetic Reference http://www.securitytracker.com/id/1032224 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* isofs: CVE-2014-9584Tudor Florea2015-07-072-0/+40
| | | | | | | | | | | | | Fixes an information leakage flaw in the Linux kernel built with the iso9660 file system(CONFIG_ISO9660_FS). This could occur while accessing data on an iso9660 image with RockRidge extension reference(ER) records. Reference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9584 http://www.openwall.com/lists/oss-security/2015/01/09/4 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* kernel-netfilter: CVE-2014-8160Tudor Florea2015-07-072-0/+101
| | | | | | | | | | | | Fixes iptables restriction bypass if a protocol handler kernel module is not loaded. References - ----------- -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8160 -> http://www.openwall.com/lists/oss-security/2015/01/14/3 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* netfilter: CVE-2014-9715Tudor Florea2015-07-072-0/+63
| | | | | | | | | | | | Fixes an integer overflow flaw in the Linux kernel's netfilter connection tracking implementation References: - ----------- -> http://marc.info/?l=netfilter-devel&m=140112364215200&w=2 -> http://www.openwall.com/lists/oss-security/2015/04/08/1 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* x86, kvm: CVE-2014-8134Tudor Florea2015-07-072-0/+77
| | | | | | | | | | Fixes a leak of the high 16 bits of the kernel stack address on 32-bit KVM paravirt guests. Reference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8134 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* kernel-net: CVE-2015-1421Sona Sarmadi2015-07-062-0/+140
| | | | | | | | | | | | | Fixes a use-after-free flaw in the sctp_assoc_update function in net/sctp/associola.c in the Linux kernel before 3.18.8. A remote attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system. Reference http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1421 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* media: ttusb-dec: CVE-2014-8884Sona Sarmadi2015-07-062-0/+38
| | | | | | | | | Fixes buffer overflow in ioctl Reference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8884 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* x86,kvm,vmx: Preserve CR4 across VM entrySona Sarmadi2015-07-062-0/+89
| | | | | | | | | Fix for CVE-2014-3690. Reference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3690 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* eCryptfs: CVE-2014-9683Sona Sarmadi2015-07-062-0/+42
| | | | | | | | | | This fixes a 1-byte NULL write past the end of allocated memory References http://seclists.org/oss-sec/2015/q1/582 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9683 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* ipv4: CVE-2015-1465Sona Sarmadi2015-07-062-0/+89
| | | | | | | | | | It was found that routing packets to too many different dsts/too fast can lead to a excessive resource consumption. A remote attacker can use this flaw to crash the system. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1465 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* x86_64: CVE-2014-9419Sona Sarmadi2015-07-062-0/+314
| | | | | | | | | | partial ASLR bypass through TLS base addresses leak Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9419 http://www.openwall.com/lists/oss-security/2014/12/18/17 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* security-keys: CVE-2014-9529Sona Sarmadi2015-07-062-0/+54
| | | | | | | | | Fixes security/keys/gc.c race condition Reference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9529 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* media: media-device: CVE-2014-1739Sona Sarmadi2015-07-062-0/+38
| | | | | | | | | Fix infoleak in ioctl media_enum_entities() Reference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1739 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* kernel: CVE-2014-7825, CVE-2014-7826Sona Sarmadi2015-07-062-0/+89
| | | | | | | | | | | | | | | | | | | Insufficient syscall number validation in perf and ftrace subsystems CVE-2014-7825 Fixes an out-of-bounds memory access flaw, in the syscall tracing functionality of the Linux kernel's perf subsystem. CVE-2014-7826 Fixes an out-of-bounds memory access flaw, in the syscall tracing functionality of the Linux kernel's ftrace subsystem. References: http://www.openwall.com/lists/oss-security/2014/11/06/11 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7825 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7826 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* fs-userns: CVE-2014-4014Sona Sarmadi2015-07-062-0/+195
| | | | | | | | | | | Fixes a potential privilege escalation flaw when the Linux kernel is built with the user namespaces(CONFIG_USER_NS) References: http://www.openwall.com/lists/oss-security/2014/06/10/4 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4014 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* mm/shmem: CVE-2014-4171Sona Sarmadi2015-07-064-0/+470
| | | | | | | | | | | Fix for a denial of service flaw in the Linux kernel built with the shared memory suppor Reference http://www.openwall.com/lists/oss-security/2014/06/18/11 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4171 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* mm: CVE-2014-3122Sona Sarmadi2015-07-062-0/+91
| | | | | | | | | try_to_unmap_cluster() should lock_page() before mlocking Reference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3122 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* net-ipv4: CVE-2014-2851Sona Sarmadi2015-07-062-0/+72
| | | | | | | | | Fixes refcount issue in ping_init_sock() function Reference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2851 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* ath9k: CVE-2014-2672Sona Sarmadi2015-07-062-0/+79
| | | | | | | | | | | A remote attacker could use a race condition flaw in the ath_tx_aggr_sleep() function to crash the system by creating large network traffic on the system's Atheros 9k wireless network adapter. Reference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2672 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* net-rds CVE-2013-7339Sona Sarmadi2015-07-062-0/+40
| | | | | | | | | Fixes dereference of a NULL device in rds_ib_laddr_check() Reference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7339 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* kernel-netfilter: CVE-2014-2523Sona Sarmadi2015-07-062-0/+70
| | | | | | | | | Fixes incorrect skb_header_pointer API usages Reference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2523 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* kernel-cifs: cifs-CVE-2014-0069Sona Sarmadi2015-07-062-0/+103
| | | | | | | | | | Fixes incorrect handling of bogus user pointers during uncached writes Reference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0069 Signen-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* kernel: assorted infoleak security fixesSona Sarmadi2015-07-064-0/+120
| | | | | | | | CVE-2014-1444 farsync: fix info leak in ioctl CVE-2014-1445 wanxl: fix info leak in ioctl CVE-2014-1446 hamradio/yam: fix info leak in ioctl Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* fs-isofs: CVE-2014-9420Sona Sarmadi2015-07-062-0/+59
| | | | | | | | | Fixes infinite loop in CE record entries Reference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9420 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* target: CVE-2014-4027Sona Sarmadi2015-07-062-0/+47
| | | | | | | | | | Explicitly clear ramdisk_mcp backend pages Reference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4027 http://permalink.gmane.org/gmane.linux.scsi.target.devel/6618 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* ALSA: CVE-2014-4656Sona Sarmadi2015-07-063-0/+91
| | | | | | | | | | | Handle numid overflow Make sure that id->index does not overflow References: http://www.openwall.com/lists/oss-security/2014/06/26/6 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4656 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* kernel-net-sctp: CVE-2014-7841Sona Sarmadi2015-07-062-0/+86
| | | | | | | | | NULL pointer dereference in af->from_addr_param on malformed packet Reference: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7841 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* net-sctp: CVE-2014-3688Sona Sarmadi2015-07-062-0/+161
| | | | | | | | | | | | remote memory pressure from excessive queueing Reference: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3688 Fixes: b896b82be4ae ("[SCTP] ADDIP: Support for processing incoming ASCONF_ACK chunks.") Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* net-sctp: CVE-2014-3687Sona Sarmadi2015-07-062-0/+103
| | | | | | | | | | | | panic on duplicate ASCONF chunks Reference: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3687 Fixes: b896b82be4ae ("[SCTP] ADDIP: Support for processing incoming ASCONF_ACK chunks.") Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* net-sctp: CVE-2014-3673Sona Sarmadi2015-07-062-0/+349
| | | | | | | | | | | | skb_over_panic when receiving malformed ASCONF chunks Reference: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3673 Fixes: b896b82be4ae ("[SCTP] ADDIP: Support for processing incoming ASCONF_ACK chunks.") Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* net-sctp: CVE-2014-0101Sona Sarmadi2015-07-062-0/+146
| | | | | | | | | Fixes sctp_sf_do_5_1D_ce to verify if we/peer is AUTH capable Reference: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0101 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* kvm-iommu: CVE-2014-8369Sona Sarmadi2015-07-062-0/+85
| | | | | | | | | | | Fixes excessive pages un-pinning in kvm_iommu_map error path. (This vulnerability exists because of an incorrect fix for CVE-2014-3601) Reference: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8369 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* kvm-iommu: CVE-2014-3601Sona Sarmadi2015-07-062-0/+95
| | | | | | | | | | | Fixes the third parameter of kvm_iommu_put_pages The third parameter of kvm_iommu_put_pages is wrong, It should be 'gfn - slot->base_gfn'. Reference: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3601 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* Kernel-HID/USB: multiple CVEsSona Sarmadi2015-07-065-0/+281
| | | | | | | | | | | | | | | CVE-2014-3181 Kernel: HID: OOB write in magicmouse driver CVE-2014-3182 Kernel: HID: logitech-dj OOB array access CVE-2014-3184 Kernel: HID: off by one error in various _report_fixup routines CVE-2014-3185 Kernel: USB serial: memory corruption flaw References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3181 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3182 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3184 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3185 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* kernel-auditsc: CVE-2014-3917Sona Sarmadi2015-07-062-0/+92
| | | | | | | | | audit_krule mask accesses need bounds checking Reference: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3917 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* kernel-ALSA: CVE-2014-4652 CVE-2014-4653Sona Sarmadi2015-07-063-0/+230
| | | | | | | | | | | | | | CVE-2014-4652 Protect user controls against concurrent access CVE-2014-4653 Don't access controls outside of protected regions Reference: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4652 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4653 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* kernel-SCTP: CVE-2014-4667Sona Sarmadi2015-07-062-0/+51
| | | | | | | | | Linux kernel: sctp: sk_ack_backlog wrap-around problem Reference: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4667 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-09-14 11:38:15 +0000