Ubuntu: Security Advisory (USN-5135-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5135-1: Linux kernel vulnerability

It was discovered that the Linux kernel did not properly account for the memory usage of certain IPC objects. A local attacker could use this to cause a denial of service memory exhaustion...

USN-5120-1: Linux kernel (Azure) vulnerabilities

It was discovered that the f2fs file system in the Linux kernel did not properly validate metadata in some situations. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service system crash or possibly execute arbitrary code...

USN-5117-1: Linux kernel (OEM) vulnerabilities

It was discovered that the btrfs file system in the Linux kernel did not properly handle removing a non-existent device id. An attacker with CAPSYSADMIN could use this to cause a denial of service. CVE-2021-3739 It was discovered that the Qualcomm IPC Router protocol implementation in the Linux...

USN-5115-1: Linux kernel (OEM) vulnerabilities

It was discovered that a race condition existed in the Atheros Ath9k WiFi driver in the Linux kernel. An attacker could possibly use this to expose sensitive information WiFi network traffic. CVE-2020-3702 Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk discovered that the BPF...

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2016-3503)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-3503 advisory. - ipc/sem.c: fully initialize semarray before making it visible Manfred Spraul Orabug: 22250043 CVE-2015-7613 - Initialize msg/shm IPC objects befo...

Oracle Linux 7 : kernel (ELSA-2015-2152)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-2152 advisory. - kernel Initialize msg/shm IPC objects before doing ipcaddid Lennert Buytenhek 1271507 CVE-2015-7613 - fs vfs: Test for and handle paths that are...

kernel: Unauthorized access to IPC objects with SysV shm

A race condition flaw was found in the way the Linux kernel's IPC subsystem initialized certain fields in an IPC object structure that were later used for permission checking before inserting the object into a globally visible list. A local, unprivileged user could potentially use this flaw to...

DEBIAN-CVE-2015-7613

Race condition in the IPC object implementation in the Linux kernel through 4.2.3 allows local users to gain privileges by triggering an ipcaddid call that leads to uid and gid comparisons against uninitialized data, related to msg.c, shm.c, and util.c...

Debian DSA-3372-1 : linux - security update

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service, unauthorised information disclosure or unauthorised information modification. - CVE-2015-2925 Jann Horn discovered that when a subdirectory of a filesystem was bind-mounted...

PT-2015-7572 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 4.2.3 Description: A race condition exists in the IPC object implementation, allowing local users to gain privileges. This occurs when an ipc addid call is triggered, leading to comparisons of uid and gid against...