[SECURITY] Fedora 24 Update: xerces-c-3.1.3-1.fc24

Xerces-C is a validating XML parser written in a portable subset of C++. Xerces-C makes it easy to give your application the ability to read and write XML data. A shared library is provided for parsing, generating, manipulating, and validating XML documents. Xerces-C is faithful to the XML 1.0...

Red Hat OpenShift Information Disclosure Vulnerability

Red Hat OpenShift is a Platform-as-a-Service PaaS cloud computing platform from Red Hat, Inc. that builds, tests, deploys, and runs applications.OpenShift Enterprise is an open source version of the private cloud. A security vulnerability exists in Red Hat OpenShift Enterprise version 3.x that...

Linux kernel 'mark_source_chains()' denial of service vulnerability

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from a boundary error in the 'marksourcechains' function in the net/ipv4/netfilter/iptables.c file. When...

jdk7-openjdk: sandbox escape

It was discovered that the security fix for CVE-2013-5838 was incomplete and still allowed remote attackers to escape the Java security sandbox mechanism. The root problem is that the Reflection API does not properly guarantee type safety when Method Handle objects were invoked across two differe...

Linux Kernel 3.103.18 4.4 - Netfilter IPT_SO_SET_REPLACE Memory Corruption

Linux Kernel 3.103.18 4.4 - Netfilter IPTSOSETREPLACE Memory Corruption Source: https://code.google.com/p/google-security-research/issues/detail?id=758 A memory corruption vulnerability exists in the IPTSOSETREPLACE ioctl in the netfilter code for iptables support. This ioctl is can be triggered ...

Linux Kernel 3.10 / 3.18 / 4.4 - Netfilter IPT_SO_SET_REPLACE Memory Corruption

Exploit for linux platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=758 A memory corruption vulnerability exists in the IPTSOSETREPLACE ioctl in the netfilter code for iptables support. This ioctl is can be triggered by an unprivileged user...

Fedora 22 : pax-utils-1.1.4-1.fc22 (2015-6565f29415)

Changes since 1.0.5: security: whitelist the getcwd syscall security: fix build on systems w/out sisyscall security: whitelist the futex syscall security: whitelist dup syscalls security: do not warn when seccomp is disabled in the kernel security: whitelist fakeroot syscalls security: add a debu...

AUFS (Ubuntu 15.10) - allow_userns FuseXattr User Namespaces Privilege Escalation

AUFS Ubuntu 15.10 - allowuserns FuseXattr User Namespaces Privilege Escalation Source: http://www.halfdog.net/Security/2016/AufsPrivilegeEscalationInUserNamespaces/ Introduction Problem description: Aufs is a union filesystem to mix content of different underlying filesystems, e.g. read-only medi...

AUFS (Ubuntu 15.10) - 'allow_userns' Fuse/Xattr User Namespaces Privilege Escalation

Source: http://www.halfdog.net/Security/2016/AufsPrivilegeEscalationInUserNamespaces/ Introduction Problem description: Aufs is a union filesystem to mix content of different underlying filesystems, e.g. read-only medium with r/w RAM-fs. That is also allowed in user namespaces when module was...

DEBIAN-CVE-2015-8709

kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor...

Phan - Static Analyzer For PHP

Phan is a static analyzer for PHP. Getting it running Phan requires PHP 7+ with the php-ast extension loaded. The code you analyze can be written for any version of PHP. To get phan running; 1. Clone the repo 2. Run composer install to load dependencies 3. Run ./test to run the test suite 4. Test...

Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-2848-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2848-1 advisory. Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the...

Ubuntu 15.04 : linux vulnerabilities (USN-2850-1)

Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service crash the host or potentially execute arbitrary code on the host. CVE-2015-8550...

Ubuntu 14.04 LTS : Linux kernel (Utopic HWE) vulnerabilities (USN-2849-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2849-1 advisory. Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the...

Ubuntu 15.10 : linux-raspi2 vulnerability (USN-2852-1)

Jann Horn discovered a ptrace issue with user namespaces in the Linux kernel. The namespace owner could potentially exploit this flaw by ptracing a root owned process entering the user namespace to elevate its privileges and potentially gain access outside of the namespace...

Ubuntu 15.10 : linux vulnerabilities (USN-2851-1)

Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service crash the host or potentially execute arbitrary code on the host. CVE-2015-8550...

Ubuntu 14.04 LTS : Linux kernel (Vivid HWE) vulnerabilities (USN-2854-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2854-1 advisory. Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the...

Ubuntu: Security Advisory (USN-2854-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2847-1)

Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service crash the host or potentially execute arbitrary code on the host. CVE-2015-8550...

USN-2854-1 linux-lts-vivid vulnerabilities

Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service crash the host or potentially execute arbitrary code on the host. CVE-2015-8550...