Ubuntu: Security Advisory (USN-2589-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-2588-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2588-1 advisory. A stack overflow was discovered in the the microcode loader for the intel x86 platform. A local attacker could exploit this flaw to cause a denial of...

Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2587-1)

A stack overflow was discovered in the the microcode loader for the intel x86 platform. A local attacker could exploit this flaw to cause a denial of service kernel crash or to potentially execute code with kernel privileges. CVE-2015-2666 It was discovered that the Linux kernel's IPv6 networking...

Ubuntu 14.10 : linux vulnerabilities (USN-2590-1)

Jan Beulich discovered the Xen virtual machine subsystem of the Linux kernel did not properly restrict access to PCI command registers. A local guest user could exploit this flaw to cause a denial of service host crash. CVE-2015-2150 A stack overflow was discovered in the the microcode loader for...

Ubuntu 14.04 LTS : Linux kernel (Utopic HWE) vulnerabilities (USN-2589-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2589-1 advisory. Jan Beulich discovered the Xen virtual machine subsystem of the Linux kernel did not properly restrict access to PCI command registers. A local guest use...

USN-2590-1: Linux kernel vulnerabilities

Jan Beulich discovered the Xen virtual machine subsystem of the Linux kernel did not properly restrict access to PCI command registers. A local guest user could exploit this flaw to cause a denial of service host crash. CVE-2015-2150 A stack overflow was discovered in the the microcode loader for...

USN-2589-1: Linux kernel (Utopic HWE) vulnerabilities

Jan Beulich discovered the Xen virtual machine subsystem of the Linux kernel did not properly restrict access to PCI command registers. A local guest user could exploit this flaw to cause a denial of service host crash. CVE-2015-2150 A stack overflow was discovered in the the microcode loader for...

USN-2588-1: Linux kernel vulnerabilities

A stack overflow was discovered in the the microcode loader for the intel x86 platform. A local attacker could exploit this flaw to cause a denial of service kernel crash or to potentially execute code with kernel privileges. CVE-2015-2666 It was discovered that the Linux kernel's IPv6 networking...

USN-2588-1 linux vulnerabilities

A stack overflow was discovered in the the microcode loader for the intel x86 platform. A local attacker could exploit this flaw to cause a denial of service kernel crash or to potentially execute code with kernel privileges. CVE-2015-2666 It was discovered that the Linux kernel's IPv6 networking...

USN-2587-1: Linux kernel (Trusty HWE) vulnerabilities

A stack overflow was discovered in the the microcode loader for the intel x86 platform. A local attacker could exploit this flaw to cause a denial of service kernel crash or to potentially execute code with kernel privileges. CVE-2015-2666 It was discovered that the Linux kernel's IPv6 networking...

Apple Mac OSX - Local Denial of Service

Apple Mac OSX - Local Denial of Service / 2015, Maxime Villard, CVE-2015-1100 Local DoS caused by a missing limit check in the fat loader of the Mac OS X Kernel. $ gcc -o Mac-OS-XFat-DoS Mac-OS-XFat-DoS.c $ ./Mac-OS-XFat-DoS BINARY-NAME Obtained from: http://m00nbsd.net/garbage/Mac-OS-XFat-DoS.c...

Apple Mac OSX - Local Denial of Service

/ 2015, Maxime Villard, CVE-2015-1100 Local DoS caused by a missing limit check in the fat loader of the Mac OS X Kernel. $ gcc -o Mac-OS-XFat-DoS Mac-OS-XFat-DoS.c $ ./Mac-OS-XFat-DoS BINARY-NAME Obtained from: http://m00nbsd.net/garbage/Mac-OS-XFat-DoS.c Analysis:...

Mozilla: resource: // documents can load privileged pages (MFSA 2015-33)

A flaw was found in the way documents were loaded via resource URLs in, for example, Mozilla's PDF.js PDF file viewer. An attacker could use this flaw to bypass certain restrictions and under certain conditions even execute arbitrary code with the privileges of the user running Firefox...

freetype: integer overflow in tt_face_load_font_dir() leading to out-of-bounds read

sfnt/ttload.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting the values, which allows remote attackers to cause a denial of service integer overflow and out-of-bounds read or possibly have unspecified other impact via a crafted SFNT table...

tboot: argument measurement vulnerability for GRUB2+ELF kernels

Trusted Boot tboot before 1.8.2 has a 'loader.c' Security Bypass Vulnerability...

Fedora 20 : php-5.5.22-1.fc20 (2015-2328)

19 Feb 2015, PHP 5.5.22 Core : - Fixed bug 67068 getClosure returns somethings that's not a closure. Danack at basereality dot com - Fixed bug 68925 Mitigation for CVE-2015-0235 ' GHOST: glibc gethostbyname buffer overflow. Stas - Fixed bug 68942 Use after free vulnerability in unserialize with...

OpenJDK: incorrect context class loader use in RMI transport (RMI, 8055309)

An improper permission check issue was discovered in the RMI component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions...

OpenJDK: incorrect context class loader use in RMI transport (RMI, 8055309)

An improper permission check issue was discovered in the RMI component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions...

Internet Bug Bounty: Bad Write in TTF font parsing (win32k.sys)

This bug was originally reported through Project Zero at Google. Alex Rice suggested to me that I could potentially receive a bounty through Hacker One so I am also opening a report here. The vulnerability reference numbers are MS15-010 CVE-2015-0059 The original bug report is...

DEBIAN-CVE-2014-9658

The ttfaceloadkern function in sfnt/ttkern.c in FreeType before 2.5.4 enforces an incorrect minimum table length, which allows remote attackers to cause a denial of service out-of-bounds read or possibly have unspecified other impact via a crafted TrueType font...