3589 matches found
Design/Logic Flaw
The Linux kernel, as used in Red Hat Enterprise Linux 7, kernel-rt, and Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended securelevel/secureboot restrictions by leveraging improper handling of secureboot flag across kexec reboot...
CVE-2015-7837
The Linux kernel, as used in Red Hat Enterprise Linux 7, kernel-rt, and Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended securelevel/secureboot restrictions by leveraging improper handling of secureboot flag across kexec reboot...
CVE-2015-7837
The Linux kernel, as used in Red Hat Enterprise Linux 7, kernel-rt, and Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended securelevel/secureboot restrictions by leveraging improper handling of secureboot flag across kexec reboot...
DEBIAN-CVE-2015-7837
The Linux kernel, as used in Red Hat Enterprise Linux 7, kernel-rt, and Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended securelevel/secureboot restrictions by leveraging improper handling of secureboot flag across kexec reboot...
CVE-2015-7837
CVE-2015-7837 affects the Linux kernel as used in Red Hat Enterprise Linux 7, kernel-rt, and Enterprise MRG 2. The issue is a security restriction bypass caused by improper handling of the secure_boot flag across a kexec reboot, allowing local users to bypass securelevel/secureboot restrictions. ...
CVE-2015-7837
The Linux kernel, as used in Red Hat Enterprise Linux 7, kernel-rt, and Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended securelevel/secureboot restrictions by leveraging improper handling of secureboot flag across kexec reboot...
CVE-2015-7837
The Linux kernel, as used in Red Hat Enterprise Linux 7, kernel-rt, and Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended securelevel/secureboot restrictions by leveraging improper handling of secureboot flag across kexec reboot...
Security update for xen (important)
This update for xen fixes several issues. These security issues were fixed: - CVE-2017-14316: Missing bound check in function allocheappages for an internal array allowed attackers using crafted hypercalls to execute arbitrary code within Xen XSA-231, bsc1056278 - CVE-2017-14318: The function...
SUSE-SU-2017:2420-1 Security update for xen
This update for xen fixes several issues. These security issues were fixed: - CVE-2017-14316: Missing bound check in function allocheappages for an internal array allowed attackers using crafted hypercalls to execute arbitrary code within Xen XSA-231, bsc1056278 - CVE-2017-14318: The function...
Motorola Bootloader - Kernel Cmdline Injection Secure Boot and Device Locking Bypass Exploit
Exploit for Android platform in category local exploits Sources: https://alephsecurity.com/2017/08/30/untethered-initroot/ https://github.com/alephsecurity/initroot initroot: Motorola Bootloader Kernel Cmdline Injection Secure Boot & Device Locking Bypass CVE-2016-10277 By Roee Hay / Aleph...
Motorola Bootloader - Kernel Cmdline Injection Secure Boot and Device Locking Bypass
Sources: https://alephsecurity.com/2017/08/30/untethered-initroot/ https://github.com/alephsecurity/initroot initroot: Motorola Bootloader Kernel Cmdline Injection Secure Boot & Device Locking Bypass CVE-2016-10277 By Roee Hay / Aleph Research, HCL Technologies Recap of the Vulnerability and the...
Ubuntu 14.04 LTS : Linux kernel (Xenial HWE) vulnerabilities (USN-3405-2)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3405-2 advisory. USN-3405-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enableme...
Ubuntu: Security Advisory (USN-3405-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-3405-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-3405-1)
The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3405-1 advisory. It was discovered that a use-after-free vulnerability existed in the POSIX message queue implementation in the Linux kernel. A local attacker could use...
USN-3405-2: Linux kernel (Xenial HWE) vulnerabilities
USN-3405-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that a use-after-free vulnerability existed in the POSIX message que...
USN-3405-2 linux-lts-xenial vulnerabilities
USN-3405-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that a use-after-free vulnerability existed in the POSIX message que...
USN-3405-1: Linux kernel vulnerabilities
It was discovered that a use-after-free vulnerability existed in the POSIX message queue implementation in the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-11176 Huang Weller discovered that the ext4 filesyste...
Scientific Linux Security Update : kernel on SL7.x x86_64 (20170815)
Security Fixes : - A race condition was found in the Linux kernel, present since v3.14-rc1 through v4.12. The race happens between threads of inotifyhandleevent and vfsrename while running the rename operation against the same file. As a result of the race the next slab data or the slab's free li...
Multiple NXP i.MX products verified to bypass vulnerability
The NXP i.MX 50 and others are different families of microprocessor products from NXP Semiconductors in the Netherlands. A security vulnerability exists in several NXP i.MX products due to the program failing to properly validate certificates. An attacker could use the vulnerability to bypass...