Ubuntu 13.04 : linux vulnerabilities (USN-1974-1)

Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on ARM platforms. A local user could exploit this flaw to gain privileges or cause a denial of service system crash. CVE-2013-4254 A memory leak was discovered in the user namespace facility of the Linux kernel. A local user...

Ubuntu 12.04 LTS : linux-lts-raring vulnerabilities (USN-1971-1)

Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on ARM platforms. A local user could exploit this flaw to gain privileges or cause a denial of service system crash. CVE-2013-4254 A memory leak was discovered in the user namespace facility of the Linux kernel. A local user...

USN-1974-1: Linux kernel vulnerabilities

Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on ARM platforms. A local user could exploit this flaw to gain privileges or cause a denial of service system crash. CVE-2013-4254 A memory leak was discovered in the user namespace facility of the Linux kernel. A local user...

USN-1971-1: Linux kernel (Raring HWE) vulnerabilities

Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on ARM platforms. A local user could exploit this flaw to gain privileges or cause a denial of service system crash. CVE-2013-4254 A memory leak was discovered in the user namespace facility of the Linux kernel. A local user...

DEBIAN-CVE-2013-4205

Memory leak in the unshareuserns function in kernel/usernamespace.c in the Linux kernel before 3.10.6 allows local users to cause a denial of service memory consumption via an invalid CLONENEWUSER unshare call...

UBUNTU-CVE-2013-4205

Memory leak in the unshareuserns function in kernel/usernamespace.c in the Linux kernel before 3.10.6 allows local users to cause a denial of service memory consumption via an invalid CLONENEWUSER unshare call...

Linux Kernel 3.8.x - open-time Capability file_ns_capable() Local Privilege Escalation

Linux Kernel 3.8.x - open-time Capability filenscapable Local Privilege Escalation / usernsrootsploit.c by / / Copyright c 2013 Andrew Lutomirski. All rights reserved. / / You may use, modify, and redistribute this code under the GPLv2. / define GNUSOURCE include include include include include...

Linux Kernel < 3.8.x - open-time Capability 'file_ns_capable()' Local Privilege Escalation

/ usernsrootsploit.c by / / Copyright c 2013 Andrew Lutomirski. All rights reserved. / / You may use, modify, and redistribute this code under the GPLv2. / define GNUSOURCE include include include include include include include include include include include include include ifndef CLONENEWUSER...

DEBIAN-CVE-2013-1959

kernel/usernamespace.c in the Linux kernel before 3.8.9 does not have appropriate capability requirements for the uidmap and gidmap files, which allows local users to gain privileges by opening a file within an unprivileged process and then modifying the file within a privileged process...

Design/Logic Flaw

kernel/usernamespace.c in the Linux kernel before 3.8.9 does not have appropriate capability requirements for the uidmap and gidmap files, which allows local users to gain privileges by opening a file within an unprivileged process and then modifying the file within a privileged process...

CVE-2013-1959

kernel/usernamespace.c in the Linux kernel before 3.8.9 does not have appropriate capability requirements for the uidmap and gidmap files, which allows local users to gain privileges by opening a file within an unprivileged process and then modifying the file within a privileged process...

UBUNTU-CVE-2013-1959

kernel/usernamespace.c in the Linux kernel before 3.8.9 does not have appropriate capability requirements for the uidmap and gidmap files, which allows local users to gain privileges by opening a file within an unprivileged process and then modifying the file within a privileged process...

DEBIAN-CVE-2013-1958

The scmcheckcreds function in net/core/scm.c in the Linux kernel before 3.8.6 does not properly enforce capability requirements for controlling the PID value associated with a UNIX domain socket, which allows local users to bypass intended access restrictions by leveraging the time interval durin...

CVE-2013-1956

The createuserns function in kernel/usernamespace.c in the Linux kernel before 3.8.6 does not check whether a chroot directory exists that differs from the namespace root directory, which allows local users to bypass intended filesystem restrictions via a crafted clone system call...

Design/Logic Flaw

The scmcheckcreds function in net/core/scm.c in the Linux kernel before 3.8.6 does not properly enforce capability requirements for controlling the PID value associated with a UNIX domain socket, which allows local users to bypass intended access restrictions by leveraging the time interval durin...

CVE-2013-1958

The scmcheckcreds function in net/core/scm.c in the Linux kernel before 3.8.6 does not properly enforce capability requirements for controlling the PID value associated with a UNIX domain socket, which allows local users to bypass intended access restrictions by leveraging the time interval durin...