Ubuntu 13.10 : linux vulnerabilities (USN-2075-1)

Vasily Kulikov reported a flaw in the Linux kernel's implementation of ptrace. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory. CVE-2013-2929 Dave Jones and Vince Weaver reported a flaw in the Linux kernel's per event subsystem that allows...

USN-2073-1: Linux kernel vulnerabilities

Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP Fragmentation Offload UFO. An unprivileged local user could exploit this flaw to cause a denial of service system crash or possibly gain administrative privileges. CVE-2013-4470 Multiple integer overflow flaws were discovered in the...

Intel VT-d Interrupt Remapping engines can be evaded by native NMI interrupts

ISSUE DESCRIPTION Message Signaled Interrupts MSI interrupts on Intel platforms are defined as DWORD writes to a special address location 0xFEE?????. MSIs on Intel Platforms supporting VT-d have two defined formats - Remappable format interrupts, and Compatibility not remappable format interrupts...

Oracle Linux 5 : kernel (ELSA-2008-1017)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2008-1017 advisory. - drm i915 driver arbitrary ioremap Eugene Teo 464508 464509 CVE-2008-3831 - fs don't allow splice to files opened with OAPPEND Eugene Teo 466709 46671...

Debian DSA-2704-1 : mesa - out of bounds access

It was discovered that applications using the mesa library, a free implementation of the OpenGL API, may crash or execute arbitrary code due to an out of bounds memory access in the library. This vulnerability only affects systems with Intel chipsets. The oldstable distribution squeeze is not...

Debian: Security Advisory (DSA-2704-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2013-3051

The TrustZone kernel, when used in conjunction with a certain Motorola build of Android 4.1.2, on Motorola Razr HD, Razr M, and Atrix HD devices with the Qualcomm MSM8960 chipset does not verify the association between a certain physical-address argument and a memory region, which allows local...

Broadcom chipset routers format string vulnerability

UPnP stack implementation format string vulnerability...

DefenseCode Security Advisory: Broadcom UPnP Remote Preauth Root Code Execution Vulnerability

DefenseCode Security Advisory http://www.defensecode.com/ Broadcom UPnP Remote Preauth Root Code Execution Vulnerability Advisory ID: DC-2013-01-003 Advisory Title: Broadcom UPnP Remote Preauth Root Code Execution Vulnerability Advisory URL: http://www.defensecode.com/subcategory/advisories-28...

Remote Root access vulnerability in Routers with Broadcom chipsets

DefenseCode researchers have discovered a critical security vulnerability that allows remote unauthenticated attacker to remotely execute arbitrary code under root privileges in the UPnP Universal Plug and Play implementation developed by Broadcom and used by many routers with Broadcom chipsets...

Broadcom UPnP Remote Preauth Root Code Execution

DefenseCode Security Advisory http://www.defensecode.com/ Broadcom UPnP Remote Preauth Root Code Execution Vulnerability Advisory ID: DC-2013-01-003 Advisory Title: Broadcom UPnP Remote Preauth Root Code Execution Vulnerability Advisory URL: http://www.defensecode.com/subcategory/advisories-28...

SuSE 11.2 Security Update : Linux kernel (SAT Patch Numbers 7123 / 7127)

The SUSE Linux Enterprise 11 SP2 kernel has been updated to 3.0.51 which fixes various bugs and security issues. It contains the following feature enhancements : - The cachefiles framework is now supported FATE312793, bnc782369. The userland utilities were published seperately to support this...

Broadcom DoS on BCM4325 and BCM4329 Devices

Exploit for hardware platform in category dos / poc Exploit Author: CoreLabs Core Security Technologies fue descubierta por el investigador argentino Andrés Blanco, Vendor Homepage: Software Link: download link if available Version: 1.0 Tested on: Apple iPhone 3GS Apple iPod 2G HTC Touch Pro 2 HT...

Smartphone wireless chipset vulnerable to DoS attack

Security researcher Andres Blanco from CoreSecurity discovered a serious vulnerability in two Wireless Broadcom chipsets used in Smartphones. Broadcom Corporation, a global innovation leader in semiconductor solutions for wired and wireless communications. Broadcom BCM4325 and BCM4329 wireless...

The Tale of One Thousand and One DSL Modems

This is the description of an attack happening in Brazil since 2011 using 1 firmware vulnerability, 2 malicious scripts and 40 malicious DNS servers, which affected 6 hardware manufacturers, resulting in millions of Brazilian internet users falling victim to a sustained and silent mass attack on...

kernel, perf, python security update

CentOS Errata and Security Advisory CESA-2012:1064 Updated kernel packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring...

Juniper Junos MPC Malformed Route Prefix Remote DoS (PSN-2011-08-327)

According to its self-reported version number, the remote Juniper router has a denial of service vulnerability. Receiving specific route prefix install/delete actions e.g., a BGP routing update can cause the router to crash. This issue only affects MX Series routers with port concetrators based o...

kernel: ALSA: hda-intel: Avoid divide by zero crash

The azxpositionok function in hdaintel.c in Linux kernel 2.6.33-rc4 and earlier, when running on the AMD780V chip set, allows context-dependent attackers to cause a denial of service crash via unknown manipulations that trigger a divide-by-zero error...

Mandriva Update for gdm MDVA-2010:133 (gdm)

Check for the Version of gdm OpenVAS Vulnerability Test Mandriva Update for gdm MDVA-2010:133 gdm Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

Design/Logic Flaw

The azxpositionok function in hdaintel.c in Linux kernel 2.6.33-rc4 and earlier, when running on the AMD780V chip set, allows context-dependent attackers to cause a denial of service crash via unknown manipulations that trigger a divide-by-zero error...