Ubuntu 14.04 LTS : Linux kernel (Vivid HWE) vulnerabilities (USN-2798-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2798-1 advisory. It was discovered that in certain situations, a directory could be renamed outside of a bind mounted location. An attacker could use this to escape bind...

Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-2794-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2794-1 advisory. It was discovered that in certain situations, a directory could be renamed outside of a bind mounted location. An attacker could use this to escape bind...

Ubuntu 14.04 LTS : Linux kernel (Utopic HWE) vulnerabilities (USN-2797-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2797-1 advisory. It was discovered that the Linux kernel did not check if a new IPv6 MTU set by a user space application was valid. A remote attacker could forge a route...

USN-2796-1: Linux kernel (OMAP4) vulnerabilities

Dmitry Vyukov discovered that the Linux kernel did not properly initialize IPC object state in certain situations. A local attacker could use this to escalate their privileges, expose confidential information, or cause a denial of service system crash. CVE-2015-7613 It was discovered that the Lin...

USN-2795-1: Linux kernel (Trusty HWE) vulnerabilities

It was discovered that in certain situations, a directory could be renamed outside of a bind mounted location. An attacker could use this to escape bind mount containment and gain access to sensitive information. CVE-2015-2925 Moein Ghasemzadeh discovered that the USB WhiteHEAT serial driver...

Linux kernel 'drivers/usb/serial/whiteheat.c' denial of service vulnerability

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A denial of service vulnerability exists in the Linux kernel. A local attacker could exploit this vulnerability to cause a denial of service by crashing or rebooting the...

Oracle: Security Advisory (ELSA-2008-0885)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2015-5257

drivers/usb/serial/whiteheat.c in the Linux kernel before 4.2.4 allows physically proximate attackers to cause a denial of service NULL pointer dereference and OOPS or possibly have unspecified other impact via a crafted USB device. NOTE: this ID was incorrectly used for an Apache Cordova issue...

PT-2015-6820 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.2.4 Description: The issue allows physically proximate attackers to cause a denial of service NULL pointer dereference and OOPS or possibly have unspecified other impact via a crafted USB device. This is due t...

Huawei UAP2105 Command Injection Vulnerability

The Huawei UAP2105 is a home-based WCDMA wireless network access device. The Huawei UAP2105 suffers from a command injection vulnerability that allows local attackers to execute VxWorks debugging commands via a serial port access shell to view and modify memory and files, resulting in information...

Debian DSA-3348-1 : qemu - security update

Several vulnerabilities were discovered in qemu, a fast processor emulator. - CVE-2015-3214 Matt Tait of Google's Project Zero security team discovered a flaw in the QEMU i8254 PIT emulation. A privileged guest user in a guest with QEMU PIT emulation enabled could potentially use this flaw to...

Debian DSA-3349-1 : qemu-kvm - security update

Several vulnerabilities were discovered in qemu-kvm, a full virtualization solution on x86 hardware. - CVE-2015-5165 Donghai Zhu discovered that the QEMU model of the RTL8139 network card did not sufficiently validate inputs in the C+ mode offload emulation, allowing a malicious guest to read...

[SECURITY] [DSA 3348-1] qemu security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3348-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 02, 2015 https://www.debian.org/security/faq -...

Security Advisory - No Authentication Vulnerability on the Serial Port of the UAP2105

The UAP2105 serves as a radio access device in the uBro solutions. As one of the AP series products developed on the basis of 3GPP R99/R4/R5/R6 FDD, the UAP2105 complies with the R8 HNB standard and provides Small Office and Home Office SOHO and home users with improved indoor coverage. With the...

Fedora 21 : qemu-2.1.3-9.fc21 (2015-13404)

Fix crash in qemuspicecreatedisplay bz 1163047 CVE-2015-3209: pcnet: multi-tmd buffer overflow in the tx path bz 1230536 CVE-2015-3214: i8254: out-of-bounds memory access bz 1243728 CVE-2015-5154: ide: atapi: heap overflow during I/O buffer memory access bz 1247141 CVE-2015-5745: buffer overflow...

Ubuntu 14.04 LTS : QEMU vulnerabilities (USN-2724-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2724-1 advisory. It was discovered that QEMU incorrectly handled a PRDT with zero complete sectors in the IDE functionality. A malicious guest could possibly use this iss...

USN-2724-1 qemu, qemu-kvm vulnerabilities

It was discovered that QEMU incorrectly handled a PRDT with zero complete sectors in the IDE functionality. A malicious guest could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. CVE-2014-9718 Donghai Zhu discovered that QEMU...

Samsung smart Refrigerator presence of the vulnerability can lead to Gmail credentials theft-vulnerability warning-the black bar safety net

The recent Internet of things and new security issues, this time security researchers from the Samsung smart fridge to extract the Gmail authentication information. The middleman steal authentication At the recent DEFCON hacking conference, hackers have made a through the middle attack to steal t...

QEMU 'virtio-serial-bus.c' Buffer Overflow Vulnerability

QEMU is a simulation processor software developed by French programmer Fabrice Bellard. The software is fast and cross-platform. A local buffer overflow vulnerability exists in QEMU, which can be exploited by an attacker to execute arbitrary code in an affected application or cause a denial of...

Microsoft Windows Mount Manager Local Elevation of Privilege Vulnerability

Microsoft Windows is a series of operating systems released by Microsoft Corporation in the U.S. Mount Manager is one of the mounter components. A local elevation of privilege vulnerability exists in Microsoft Windows Mount Manager, which can be exploited by an attacker to write a malicious binar...