Lucene search
+L

45 matches found

OSV
OSV
added 2024/09/27 12:39 p.m.18 views

CVE-2024-46826 ELF: fix kernel.randomize_va_space double read

In the Linux kernel, the following vulnerability has been resolved: ELF: fix kernel.randomizevaspace double read ELF loader uses "randomizevaspace" twice. It is sysctl and can change at any moment, so 2 loads could see 2 different values in theory with unpredictable consequences. Issue exactly on...

5.5CVSS6AI score0.00248EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/02/15 6:19 a.m.4 views

SUSE CVE-2004-1071

The binfmtelf loader binfmtelf.c in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code...

7.2CVSS7.2AI score0.00508EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2022/08/26 12:0 a.m.30 views

Ubuntu: Security Advisory (USN-103-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.2CVSS6.5AI score0.13429EPSS
Exploits2References3
CNNVD
CNNVD
added 2022/08/18 12:0 a.m.6 views

UPX 安全漏洞

UPX is a portable and extensible executable compression program. A security vulnerability exists in UPX version 3.96, which stems from a Segmentaation error found in the invertptdynamic function of plxelf.cpp, where an attacker utilizes a crafted input file to allow invalid access to a memory...

5.5CVSS6.3AI score0.00397EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2018/01/16 12:0 a.m.47 views

openSUSE: Security Advisory for glibc (openSUSE-SU-2018:0089-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS8.4AI score0.13368EPSS
Exploits15References2
Tenable Nessus
Tenable Nessus
added 2018/01/15 12:0 a.m.44 views

SUSE SLED12 / SLES12 Security Update : glibc (SUSE-SU-2018:0074-1)

This update for glibc fixes the following issues : - A privilege escalation bug in the realpath function has been fixed. CVE-2018-1000001, bsc1074293 - A memory leak and a buffer overflow in the dynamic ELF loader has been fixed. CVE-2017-1000408, CVE-2017-1000409, bsc1071319 - An issue in the co...

9.8CVSS7.8AI score0.13368EPSS
Exploits15References25
RedHat Linux
RedHat Linux
added 2017/09/26 7:38 p.m.4 views

kernel: load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary

A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable PIE, the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory...

7.8CVSS6.6AI score0.10695EPSS
Exploits5References6
RedHat Linux
RedHat Linux
added 2017/09/26 6:1 p.m.4 views

kernel: load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary

A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable PIE, the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory...

7.8CVSS6.6AI score0.10695EPSS
Exploits5References6
RedHat Linux
RedHat Linux
added 2017/09/26 6:0 p.m.5 views

kernel: load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary

A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable PIE, the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory...

7.8CVSS6.6AI score0.10695EPSS
Exploits5References6
exploitpack
exploitpack
added 2015/06/01 12:0 a.m.15 views

Linux Kernel (PonyOS 3.0) - ELF Loader Local Privilege Escalation

Linux Kernel PonyOS 3.0 - ELF Loader Local Privilege Escalation Exploit Title: PonyOS = 3.0 ELF loader privilege escalation Google Dork: if applicable Date: 29th May 2015 Exploit Author: Hacker Fantastic Vendor Homepage: www.ponyos.org Software Link: download link if available Version: 3.0 Tested...

0.8AI score
Exploits0
Exploit DB
Exploit DB
added 2015/06/01 12:0 a.m.23 views

Linux Kernel (PonyOS 3.0) - ELF Loader Local Privilege Escalation

Exploit Title: PonyOS = 3.0 ELF loader privilege escalation Google Dork: if applicable Date: 29th May 2015 Exploit Author: Hacker Fantastic Vendor Homepage: www.ponyos.org Software Link: download link if available Version: 3.0 Tested on: 3.0 CVE : N/A Source:...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/08/10 12:0 a.m.30 views

SuSE 11.3 Security Update : Xen (SAT Patch Number 8063)

The Xen hypervisor and toolset has been updated to 4.2.206 to fix various bugs and security issues : The following security issues have been addressed : - Various integer overflows in the ELF loader were fixed. XSA-55. CVE-2013-2194 - Various pointer dereferences issues in the ELF loader were...

7.4CVSS5.5AI score0.00562EPSS
Exploits0References23
RedHat Linux
RedHat Linux
added 2012/02/13 8:30 p.m.7 views

glibc: ld.so d_tag signedness error in elf_get_dynamic_info

Integer signedness error in the elfgetdynamicinfo function in elf/dynamic-link.h in ld.so in the GNU C Library aka glibc or libc6 2.0.1 through 2.11.1, when the --verify option is used, allows user-assisted remote attackers to execute arbitrary code via a crafted ELF program with a negative value...

5.1CVSS7.8AI score0.04514EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2007/11/10 12:0 a.m.34 views

Ubuntu 5.04 / 5.10 / 6.06 LTS : linux-source-2.6.10/-2.6.12/-2.6.15 vulnerabilities (USN-347-1)

Sridhar Samudrala discovered a local Denial of Service vulnerability in the handling of SCTP sockets. By opening such a socket with a special SOLINGER value, a local attacker could exploit this to crash the kernel. CVE-2006-4535 Kirill Korotaev discovered that the ELF loader on the ia64 and sparc...

4.9CVSS5.5AI score0.00434EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2006/10/14 12:0 a.m.56 views

Debian DSA-1082-1 : kernel-source-2.4.17 - several vulnerabilities

Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2004-0427 A local denial of service vulnerability i...

10CVSS6.6AI score0.04156EPSS
Exploits8References61
Ubuntu
Ubuntu
added 2006/09/19 12:57 a.m.58 views

USN-347-1: Linux kernel vulnerabilities

Sridhar Samudrala discovered a local Denial of Service vulnerability in the handling of SCTP sockets. By opening such a socket with a special SOLINGER value, a local attacker could exploit this to crash the kernel. CVE-2006-4535 Kirill Korotaev discovered that the ELF loader on the ia64 and sparc...

4.9CVSS5.4AI score0.00434EPSS
Exploits0
securityvulns
securityvulns
added 2006/09/19 12:0 a.m.47 views

Linux kernel DoS

Special SOLINGER value for SCTP socket causes system to crash. ELF loader vulnerability on 64-bit system causes system to crash on malformed ELF binary...

2.2AI score
Exploits0References2Affected Software1
CVE
CVE
added 2006/05/31 10:0 a.m.76 views

CVE-2004-0138

CVE-2004-0138 affects the Linux kernel 2.4 series prior to 2.4.25. The vulnerability lies in the ELF loader: a crafted ELF with an invalid interpreter arch triggers a BUG() when an invalid VMA is unmapped, allowing local denial of service (crash). The issue is mitigated by upgrading to 2.4.25 or ...

4.9CVSS5.6AI score0.00427EPSS
Exploits0References16Affected Software1
Cvelist
Cvelist
added 2006/05/31 10:0 a.m.30 views

CVE-2004-0138

The ELF loader in Linux kernel 2.4 before 2.4.25 allows local users to cause a denial of service crash via a crafted ELF file with an interpreter with an invalid arch architecture, which triggers a BUG when an invalid VMA is unmapped...

5.6AI score0.00427EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2006/03/13 12:0 a.m.37 views

Ubuntu 4.10 / 5.04 / 5.10 : linux-source-2.6.8.1/-2.6.10/-2.6.12 vulnerabilities (USN-263-1)

A flaw was found in the module reference counting for loadable protocol modules of netfilter. By performing particular socket operations, a local attacker could exploit this to crash the kernel. This flaw only affects Ubuntu 5.10. CVE-2005-3359 David Howells noticed a race condition in the addkey...

7.1CVSS5.6AI score0.02726EPSS
Exploits1References6
Rows per page
Query Builder