Red Hat Security Advisory 2016-2923-01 – OpenStack Block Storage manages block storage mounting and the presentation of such mounted block storage to instances. The backend physical storage can consist of local disks, or Fiber Channel, iSCSI, and NFS mounts attached to Compute nodes.
Monthly Archives: December 2016
Kernel Live Patch Security Notice LSN-0014-1
Philip Pettersson discovered a race condition in the af_packet implementation in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service (system crash) or run arbitrary code with administrative privileges. Pengfei Wang discovered a race condition in the Adaptec AAC RAID controller driver in the Linux kernel when handling ioctl()s. A local attacker could use this to cause a denial of service (system crash). Marco Grassi discovered a use-after-free condition could occur in the TCP retransmit queue handling code in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.
OpenSSH 7.2 Denial Of Service
OpenSSH versions 7.2 and below crypt CPU consumption denial of service exploit.
GLSA 201612-26: OpenJPEG: Multiple vulnerabilities
GLSA 201612-25: CrackLib: Buffer overflow
Vuln: SimpleSAMLphp CVE-2016-9814 Security Bypass Vulnerability
SimpleSAMLphp CVE-2016-9814 Security Bypass Vulnerability
Vuln: Libav Multiple Denial of Service Vulnerabilities
Libav Multiple Denial of Service Vulnerabilities
Vuln: PwC ACE-ABAP CVE-2016-9832 Remote Code Execution Vulnerability
PwC ACE-ABAP CVE-2016-9832 Remote Code Execution Vulnerability
Vuln: ForeScout CounterACT SecureConnector Agent Multiple Insecure File Creation Vulnerabilities
ForeScout CounterACT SecureConnector Agent Multiple Insecure File Creation Vulnerabilities