13 matches found
CVE-2017-5123
Insufficient data validation in waitid allowed an user to escape sandboxes on Linux...
CVE-2017-5123
Insufficient data validation in waitid allowed an user to escape sandboxes on Linux...
CVE-2017-5123
Insufficient data validation in waitid allowed an user to escape sandboxes on Linux...
CVE-2017-5123
CVE-2017-5123 is a Linux kernel local privilege-escalation vulnerability in the waitid path. The waitid handler in kernel/exit.c writes to user memory by calling unsafe_put_user without performing an access_ok() check, and without wrapping user-space writes in the required user_access_begin()/use...
CVE-2017-5123
Insufficient data validation in waitid allowed an user to escape sandboxes on Linux...
Fedora 27 : kernel (2017-aa9927961f)
The 4.13.8 update contains a number of important fixes across the tree. ---- The 4.13.6 stable update contains a number of important fixes across the tree. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has...
Fedora Update for kernel FEDORA-2017-cafcdbdde5
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 26 : kernel (2017-c110ac0eb1)
The 4.13.8 update contains a number of important fixes across the tree. ---- The 4.13.6 stable kernel update contains a number of important fixes across the tree. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenab...
Fedora 25 : kernel (2017-cafcdbdde5)
The 4.13.8 update contains a number of important fixes across the tree. ---- The 4.13.6 stable kernel update contains a number of important fixes across the tree. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenab...
Linux Kernel 4.14.0-rc4+ - 'waitid()' Privilege Escalation(CVE-2017-5123)
This is a guest post by a young and talented Portuguese exploiter, Federico Bento. He won this year’s Pwnie for Epic Achievement exploiting TIOCSTI ioctl. Days ago he posted a video demonstrating an exploit for CVE-2017-5123 and luckly for you I managed to convince him to do a write-up about it. ...
[ASA-201710-24] linux-zen: privilege escalation
Arch Linux Security Advisory ASA-201710-24 ========================================== Severity: High Date : 2017-10-16 CVE-ID : CVE-2017-5123 Package : linux-zen Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-445 Summary ======= The package linux-zen before...
CVE-2017-5123
The waitid implementation in upstream kernels did not restrict the target destination to copy information results. This can allow local users to write to otherwise protected kernel memory, which can lead to privilege escalation...
CVE-2017-5123
Insufficient data validation in waitid allowed an user to escape sandboxes on Linux...