CVE-2021-47299 xdp, net: Fix use-after-free in bpf_xdp_link_release

In the Linux kernel, the following vulnerability has been resolved: xdp, net: Fix use-after-free in bpfxdplinkrelease The problem occurs between devgetbyindex and devxdpattachlink. At this point, devxdpuninstall is called. Then xdp link will not be detached automatically when dev is released. But...

SUSE CVE-2004-1074

The binfmt functionality in the Linux kernel, when "memory overcommit" is enabled, allows local users to cause a denial of service kernel oops via a malformed a.out binary...

Ubuntu 14.04 LTS : linux-lts-xenial, linux-aws vulnerabilities (USN-4008-3)

USN-4008-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 ESM. Robert Swiecki discovered that the Linux kernel did not properly apply Address Space...

Ubuntu: Security Advisory (USN-4008-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-4008-2 apparmor update

USN-4008-1 fixed multiple security issues in the Linux kernel. This update provides the corresponding changes to AppArmor policy for correctly operating under the Linux kernel with fixes for CVE-2019-11190. Without these changes, some profile transitions may be unintentionally denied due to missi...

Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-4008-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4008-1 advisory. Robert wicki discovered that the Linux kernel did not properly apply Address Space Layout Randomization ASLR in some situations for setuid elf binaries. ...

Ubuntu: Security Advisory (USN-4007-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 16.04 LTS : Linux kernel (HWE) vulnerability (USN-4007-2)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-4007-2 advisory. USN-4007-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE...

Ubuntu: Security Advisory (USN-4007-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-4007-2: Linux kernel (HWE) vulnerability

USN-4007-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. Federico Manuel Bento discovered that the Linux kernel did not properly apply Address...

USN-4007-2 linux-aws-hwe, linux-hwe, linux-oracle vulnerability

USN-4007-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. Federico Manuel Bento discovered that the Linux kernel did not properly apply Address...

USN-4006-2 linux-hwe vulnerability

USN-4006-1 fixed a vulnerability in the Linux kernel for Ubuntu 18.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.10 for Ubuntu 18.04 LTS. Federico Manuel Bento discovered that the Linux kernel did not properly apply Address Space...

USN-4008-1: Linux kernel vulnerabilities

Robert Święcki discovered that the Linux kernel did not properly apply Address Space Layout Randomization ASLR in some situations for setuid elf binaries. A local attacker could use this to improve the chances of exploiting an existing vulnerability in a setuid elf binary. CVE-2019-11190 It was...

USN-4007-1 linux, linux-aws, linux-gcp, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon vulnerability

Federico Manuel Bento discovered that the Linux kernel did not properly apply Address Space Layout Randomization ASLR in some situations for setuid a.out binaries. A local attacker could use this to improve the chances of exploiting an existing vulnerability in a setuid a.out binary. As a hardeni...

USN-4006-1: Linux kernel vulnerability

Federico Manuel Bento discovered that the Linux kernel did not properly apply Address Space Layout Randomization ASLR in some situations for setuid a.out binaries. A local attacker could use this to improve the chances of exploiting an existing vulnerability in a setuid a.out binary. As a hardeni...

CVE-2019-11191

The Linux kernel through 5.0.7, when CONFIGIA32AOUT is enabled and ia32aout is loaded, allows local users to bypass ASLR on setuid a.out programs if any exist because installexeccreds is called too late in loadaoutbinary in fs/binfmtaout.c, and thus the ptracemayaccess check has a race condition...

ASAN/SUID - Local Privilege Escalation

!/bin/bash unsanitary.sh - ASAN/SUID Local Root Exploit Exploits er, unsanitized env var passing in ASAN which leads to file clobbering as root when executing setuid root binaries compiled with ASAN. Uses an overwrite of /etc/ld.so.preload to get root on a vulnerable system. Supply your own targe...

Linux Kernel <= 2.6.17.4 - (proc) Local Root Exploit

No description provided by source. / Author: h00lyshit Vulnerable: Linux 2.6 ALL Type of Vulnerability: Local Race Tested On : various distros Vendor Status: unknown Disclaimer: In no event shall the author be liable for any damages whatsoever arising out of or in connection with the use or sprea...

Debian DSA-1070-1 : kernel-source-2.4.19 - several vulnerabilities

Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2004-0427 A local denial of service vulnerability i...

Ubuntu 4.10 : linux-source-2.6.8.1 vulnerabilities (USN-57-1)

Paul Starzetz discovered a race condition in the ELF library and a.out binary format loaders, which can be locally exploited in several different ways to gain root privileges. CAN-2004-1235 Liang Bin found a design flaw in the capability module. After this module was loaded on demand in a running...