Lucene search
K

384 matches found

RedHat Linux
RedHat Linux
added 2016/09/15 7:38 a.m.8 views

kernel: compat IPT_SO_SET_REPLACE setsockopt

A flaw was discovered in processing setsockopt for 32 bit processes on 64 bit systems. This flaw will allow attackers to alter arbitrary kernel memory when unloading a kernel module. This action is usually restricted to root-privileged users but can also be leveraged if the kernel is compiled wit...

7.8CVSS7.2AI score0.05676EPSS
Exploits10References4
CNVD
CNVD
added 2016/04/12 12:0 a.m.1 views

Linux kernel 'mark_source_chains()' denial of service vulnerability

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from a boundary error in the 'marksourcechains' function in the net/ipv4/netfilter/iptables.c file. When...

8.4CVSS7.6AI score0.01234EPSS
Exploits1References1
exploitpack
exploitpack
added 2016/03/09 12:0 a.m.20 views

Linux Kernel 3.103.18 4.4 - Netfilter IPT_SO_SET_REPLACE Memory Corruption

Linux Kernel 3.103.18 4.4 - Netfilter IPTSOSETREPLACE Memory Corruption Source: https://code.google.com/p/google-security-research/issues/detail?id=758 A memory corruption vulnerability exists in the IPTSOSETREPLACE ioctl in the netfilter code for iptables support. This ioctl is can be triggered ...

0.3AI score
Exploits0
0day.today
0day.today
added 2016/03/09 12:0 a.m.162 views

Linux Kernel 3.10 / 3.18 / 4.4 - Netfilter IPT_SO_SET_REPLACE Memory Corruption

Exploit for linux platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=758 A memory corruption vulnerability exists in the IPTSOSETREPLACE ioctl in the netfilter code for iptables support. This ioctl is can be triggered by an unprivileged user...

7.2CVSS8.3AI score0.01234EPSS
Exploits1
exploitpack
exploitpack
added 2016/02/19 12:0 a.m.20 views

AUFS (Ubuntu 15.10) - allow_userns FuseXattr User Namespaces Privilege Escalation

AUFS Ubuntu 15.10 - allowuserns FuseXattr User Namespaces Privilege Escalation Source: http://www.halfdog.net/Security/2016/AufsPrivilegeEscalationInUserNamespaces/ Introduction Problem description: Aufs is a union filesystem to mix content of different underlying filesystems, e.g. read-only medi...

1AI score
Exploits0
Exploit DB
Exploit DB
added 2016/02/19 12:0 a.m.41 views

AUFS (Ubuntu 15.10) - 'allow_userns' Fuse/Xattr User Namespaces Privilege Escalation

Source: http://www.halfdog.net/Security/2016/AufsPrivilegeEscalationInUserNamespaces/ Introduction Problem description: Aufs is a union filesystem to mix content of different underlying filesystems, e.g. read-only medium with r/w RAM-fs. That is also allowed in user namespaces when module was...

7.4AI score
Exploits0
OSV
OSV
added 2016/02/08 3:59 a.m.1 views

DEBIAN-CVE-2015-8709

kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor...

7CVSS7.7AI score0.00398EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2015/12/21 12:0 a.m.67 views

Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2847-1)

Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service crash the host or potentially execute arbitrary code on the host. CVE-2015-8550...

8.2CVSS7AI score0.0108EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2015/12/21 12:0 a.m.51 views

Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-2848-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2848-1 advisory. Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the...

8.2CVSS7.2AI score0.0108EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2015/12/21 12:0 a.m.59 views

Ubuntu 15.04 : linux vulnerabilities (USN-2850-1)

Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service crash the host or potentially execute arbitrary code on the host. CVE-2015-8550...

8.2CVSS7AI score0.0108EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2015/12/21 12:0 a.m.53 views

Ubuntu 14.04 LTS : Linux kernel (Utopic HWE) vulnerabilities (USN-2849-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2849-1 advisory. Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the...

8.2CVSS7.2AI score0.0108EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2015/12/21 12:0 a.m.17 views

Ubuntu 15.10 : linux-raspi2 vulnerability (USN-2852-1)

Jann Horn discovered a ptrace issue with user namespaces in the Linux kernel. The namespace owner could potentially exploit this flaw by ptracing a root owned process entering the user namespace to elevate its privileges and potentially gain access outside of the namespace...

5.5AI score
Exploits0References1
OpenVAS
OpenVAS
added 2015/12/21 12:0 a.m.20 views

Ubuntu: Security Advisory (USN-2854-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS7.1AI score0.0108EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2015/12/21 12:0 a.m.66 views

Ubuntu 14.04 LTS : Linux kernel (Vivid HWE) vulnerabilities (USN-2854-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2854-1 advisory. Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the...

8.2CVSS7.2AI score0.0108EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2015/12/21 12:0 a.m.284 views

Ubuntu 15.10 : linux vulnerabilities (USN-2851-1)

Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service crash the host or potentially execute arbitrary code on the host. CVE-2015-8550...

8.2CVSS7AI score0.0108EPSS
Exploits2References4
Ubuntu
Ubuntu
added 2015/12/20 12:10 p.m.65 views

USN-2854-1: Linux kernel (Vivid HWE) vulnerabilities

Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service crash the host or potentially execute arbitrary code on the host. CVE-2015-8550...

8.2CVSS7.2AI score0.0108EPSS
Exploits2
OSV
OSV
added 2015/12/20 12:10 p.m.3 views

USN-2854-1 linux-lts-vivid vulnerabilities

Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service crash the host or potentially execute arbitrary code on the host. CVE-2015-8550...

8.2CVSS7AI score0.0108EPSS
Exploits2References5
Ubuntu
Ubuntu
added 2015/12/20 12:7 p.m.83 views

USN-2853-1: Linux kernel (Wily HWE) vulnerabilities

Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service crash the host or potentially execute arbitrary code on the host. CVE-2015-8550...

8.2CVSS7.2AI score0.0108EPSS
Exploits2
OSV
OSV
added 2015/12/20 12:7 p.m.1 views

USN-2853-1 linux-lts-wily vulnerabilities

Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service crash the host or potentially execute arbitrary code on the host. CVE-2015-8550...

8.2CVSS7AI score0.0108EPSS
Exploits2References5
OpenVAS
OpenVAS
added 2015/12/20 12:0 a.m.31 views

Ubuntu: Security Advisory (USN-2848-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS7.1AI score0.0108EPSS
Exploits2References3
Rows per page
Query Builder