MiracleLinux 7 : kernel-3.10.0-327.4.5.el7 (AXSA:2016-070:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-070:01 advisory. The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the operating system:...

K01948202: Linux kernel vulnerability CVE-2016-0728

Security Advisory Description The joinsessionkeyring function in security/keys/processkeys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service integer overflow and use-after-free via...

SA40135 - Linux kernel: Possible use-after-free vulnerability in keyring facility (CVE-2016-0728)

Ivanti 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. An issue has been found within the Linux kernel that can allow exploitation. Pulse secure does utilize the Linux kernel, however we are not vulnerable as we are not using the vulnerabl...

SUSE: Security Advisory (SUSE-SU-2016:0205-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:0186-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1527)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Improper Access Control

The kernel packages contain the Linux kernel, the core of any Linux operating system. A use-after-free flaw was found in the way the Linux kernel's key management subsystem handled keyring object reference counting in certain error path of the joinsessionkeyring function. A local, unprivileged us...

Privilege Escalation

The kernel packages contain the Linux kernel, the core of any Linux operating system. A use-after-free flaw was found in the way the Linux kernel's key management subsystem handled keyring object reference counting in certain error path of the joinsessionkeyring function. A local, unprivileged us...

Integer Overflow

The kernel packages contain the Linux kernel, the core of any Linux operating system. A use-after-free flaw was found in the way the Linux kernel's key management subsystem handled keyring object reference counting in certain error path of the joinsessionkeyring function. A local, unprivileged us...

Security Bulletin: Vulnerability in Linux Kernel affects PowerKVM (CVE-2016-0728)

Summary A Linux Kernel privilege escalation vulnerability affects PowerKVM. Vulnerability Details CVEID: CVE-2016-0728 DESCRIPTION: Linux Kernel could allow a local attacker to gain elevated privileges on the system, caused by a use-after-free in the joinsessionkeyring function in...

SUSE-SU-2016:0756-1 Security update for kernel live patch 7

This kernel live patch for Linux Kernel 3.12.44-52.18.1 fixes two security issues: Fixes: - CVE-2016-0728: A reference leak in keyring handling with joinsessionkeyring could lead to local attackers gain root privileges. bsc962078. - CVE-2013-7446: Use-after-free vulnerability in net/unix/afunix.c...

Fedora 23 : kernel-4.3.3-303.fc23 (2016-b59fd603be)

Backported i915, networking, and nouveau fixes tagged for stable from 4.4 upstream. Assorted fixes elsewhere. ---- A few bug fixes and backports of all the i915 patches queued for stable from 4.4. ---- A number of fixes across the tree Note that Tenable Network Security has extracted the precedin...

Fedora 22 : kernel-4.3.4-200.fc22 (2016-5d43766e33)

Update to latest upstream stable release, Linux v4.3.4. Elan touchpad fixes. ---- Update to 4.3.y stable series. Fixes across the tree. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatical...

The use of the Linux kernel in Use-After-Free（UAF）vulnerability to mention the right-vulnerability warning-the black bar safety net

Last month broke the CVE-2 0 1 6-0 7 2 8 （local mention the right loopholes so everyone's attention once again focused on the linux kernel security. And CVE-2 0 1 5-3 6 3 6, The CVE-2 0 1 5-7 3 1 2, The CVE-2 0 1 4-2 8 5 1, CVE-2 0 1 6-0 7 2 8 is a Use-After-Free（UAF types of vulnerabilities. We...

Oracle Linux 7 : kernel (ELSA-2016-0185)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-0185 advisory. - security keys: Fix keyring ref leak in joinsessionkeyring David Howells 1298931 1298036 CVE-2016-0728 - security keys: Don't permit requestkey to...

CVE-2016-0728

The joinsessionkeyring function in security/keys/processkeys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service integer overflow and use-after-free via crafted keyctl commands...

CVE-2016-0728

The CVE-2016-0728 issue affects the Linux kernel up to version 4.4.1, specifically in the keyring handling path join_session_keyring() within security/keys/process_keys.c. A flaw in object reference management in an error path can allow a local, unprivileged user to escalate privileges or cause a...

CVE-2016-0728

The joinsessionkeyring function in security/keys/processkeys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service integer overflow and use-after-free via crafted keyctl commands...

openSUSE Security Update : the Linux Kernel (openSUSE-2016-136)

The openSUSE 13.2 kernel was updated to receive various security and bugfixes. Following security bugs were fixed : - CVE-2016-0728: A reference leak in keyring handling with joinsessionkeyring could lead to local attackers gain root privileges. bsc962075. - CVE-2015-7550: A local user could have...

openSUSE: Security Advisory for kernel (openSUSE-SU-2016:0318-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...