CVE-2014-8476

Removed by vendor...

Debian Security Advisory DSA 3070-1 (kfreebsd-9 - security update)

Several vulnerabilities have been discovered in the FreeBSD kernel that may lead to a denial of service or information disclosure. CVE-2014-3711 Denial of service through memory leak in sandboxed namei lookups. CVE-2014-3952 Kernel memory disclosure in sockbuf control messages. CVE-2014-3953 Kern...

Oracle Linux 6 : kernel (ELSA-2014-1392)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-1392 advisory. - kernel futex: Fix errors in nested key ref-counting Denys Vlasenko 1094458 CVE-2014-0205 Tenable has extracted the preceding description block direct...

Microsoft Windows Kernel 'Win32k.sys' CVE-2014-4113 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges and gain access to kernel memory. Technologies Affected Microsoft Exchange Server 2003 SP2 Microsoft Windows 7 for 32-bi...

Kernel: mm: try_to_unmap_cluster() should lock_page() before mlocking

It was found that the trytounmapcluster function in the Linux kernel's Memory Managment subsystem did not properly handle page locking in certain cases, which could potentially trigger the BUGON macro in the mlockvmapage function. A local, unprivileged user could use this flaw to crash the system...

kernel: DoS with syscall auditing

An out-of-bounds memory access flaw was found in the Linux kernel's system call auditing implementation. On a system with existing audit rules defined, a local, unprivileged user could use this flaw to leak kernel memory to user space or, potentially, crash the system...

CVE-2014-4407

IOKit in Apple iOS before 8 and Apple TV before 7 does not properly initialize kernel memory, which allows attackers to obtain sensitive memory-content information via an application that makes crafted IOKit function calls...

kernel: DoS with syscall auditing

An out-of-bounds memory access flaw was found in the Linux kernel's system call auditing implementation. On a system with existing audit rules defined, a local, unprivileged user could use this flaw to leak kernel memory to user space or, potentially, crash the system...

Moderate: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

Ubuntu: Security Advisory (USN-2336-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2014-3070)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-3070 advisory. - net: Use netlinknscapable to verify the permisions of netlink messages Eric W. Biederman Orabug: 19404229 CVE-2014-0181 - sctp: Fix skackbacklog...

USN-2314-1 linux vulnerability

An flaw was discovered in the Linux kernel's audit subsystem when auditing certain syscalls. A local attacker could exploit this flaw to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service OOPS...

kernel: s390: ptrace: insufficient sanitization when setting psw mask

It was found that Linux kernel's ptrace subsystem did not properly sanitize the address-space-control bits when the program-status word PSW was being set. On IBM S/390 systems, a local, unprivileged user could use this flaw to set address-space-control bits to the kernel space, and thus gain read...

CVE-2014-3534

arch/s390/kernel/ptrace.c in the Linux kernel before 3.15.8 on the s390 platform does not properly restrict address-space control operations in PTRACEPOKEUSRAREA requests, which allows local users to obtain read and write access to kernel memory locations, and consequently gain privileges, via a...

CVE-2014-3534

arch/s390/kernel/ptrace.c in the Linux kernel before 3.15.8 on the s390 platform does not properly restrict address-space control operations in PTRACEPOKEUSRAREA requests, which allows local users to obtain read and write access to kernel memory locations, and consequently gain privileges, via a...

UBUNTU-CVE-2014-3534

arch/s390/kernel/ptrace.c in the Linux kernel before 3.15.8 on the s390 platform does not properly restrict address-space control operations in PTRACEPOKEUSRAREA requests, which allows local users to obtain read and write access to kernel memory locations, and consequently gain privileges, via a...

MQAC.sys Arbitrary Write Privilege Escalation

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rex' class Metasploit3 'MQAC.sys Arbitrary Write Privilege Escalation', 'Description' = %q A vulnerability within the MQAC.sys module allows an...

Microsoft Windows XP SP3 - 'MQAC.sys' Arbitrary Write Privilege Escalation (Metasploit)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rex' class Metasploit3 'MQAC.sys Arbitrary Write Privilege Escalation', 'Description' = %q A vulnerability within the MQAC.sys module allows an...

MQAC.sys Arbitrary Write Privilege Escalation Exploit

A vulnerability within the MQAC.sys module allows an attacker to overwrite an arbitrary location in kernel memory. This Metasploit module will elevate itself to SYSTEM, then inject the payload into another SYSTEM process. This module requires Metasploit: http//metasploit.com/download Current...

kernel: aio: insufficient sanitization of head in aio_read_events_ring()

Array index error in the aioreadeventsring function in fs/aio.c in the Linux kernel through 3.15.1 allows local users to obtain sensitive information from kernel memory via a large head value...