USN-3797-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3797-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Noam Rathaus discovered that a use-after-free vulnerability existed in the Infiniband...

USN-3797-1: Linux kernel vulnerabilities

Noam Rathaus discovered that a use-after-free vulnerability existed in the Infiniband implementation in the Linux kernel. An attacker could use this to cause a denial of service system crash. CVE-2018-14734 It was discovered that an integer overflow existed in the CD-ROM driver of the Linux kerne...

Apple iOS / macOS - Kernel Memory Corruption due to Integer Overflow Exploit

Exploit for multiple platform in category dos / poc...

Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2018-4242)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-4242 advisory. - cdrom: Fix info leak/OOB read in cdromioctldrivestatus Scott Bauer Orabug: 28664499 CVE-2018-16658 - ACPICA: acpi: acpica: fix acpi operand cache lea...

Linux kernel information disclosure vulnerability (CNVD-2018-20690)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. An information disclosure vulnerability exists in the callers of the 'showopcodes' function in the Linux kernel, which stems from a lack of address detection in the...

Immunity Canvas: DMESG_LEAK

Name| dmesgleak ---|--- CVE| CVE-2018-14656 Exploit Pack| CANVAS Description| dmesgleak Notes| CVE Name: CVE-2018-14656 NOTES: This module gives an unpriviledged user the ability to dump a file from the kernel memory. A common scenario is to dump the /etc/shadow or kerberos tickets. Note: This on...

CVE-2018-14656

A missing address check in the callers of the showopcodes in the Linux kernel allows an attacker to dump the kernel memory at an arbitrary kernel address into the dmesg log...

SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2018:2776-1)

The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.155 to receive various security and bugfixes. The following security bugs were fixed : CVE-2018-13093: Prevent NULL pointer dereference and panic in lookupslow on a NULL inode-iops pointer when doing pathwalks on a corrupted xfs image. Th...

EulerOS Virtualization 2.5.1 : kernel (EulerOS-SA-2018-1256)

According to the version of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - A flaw was found in the Linux kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to...

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2018-4214)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-4214 advisory. - x86/speculation/l1tf: Fix overflow in l1tfpfnlimit on 32bit Vlastimil Babka Orabug: 28505519 CVE-2018-3620 - x86/speculation/l1tf: Exempt zeroed...

CVE-2018-16948

An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8.2. Several RPC server routines did not fully initialize their output variables before returning, leaking memory contents from both the stack and the heap. Because the OpenAFS cache manager functions as an Rx server for the AFSC...

UBUNTU-CVE-2018-16948

An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8.2. Several RPC server routines did not fully initialize their output variables before returning, leaking memory contents from both the stack and the heap. Because the OpenAFS cache manager functions as an Rx server for the AFSC...

DEBIAN-CVE-2018-16948

An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8.2. Several RPC server routines did not fully initialize their output variables before returning, leaking memory contents from both the stack and the heap. Because the OpenAFS cache manager functions as an Rx server for the AFSC...

Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-3762-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3762-1 advisory. It was discovered that the VirtIO subsystem in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to...

CVE-2018-16658

An information leak was discovered in the Linux kernel in cdromioctldrivestatus function in drivers/cdrom/cdrom.c that could be used by local attackers to read kernel memory at certain location...

CVE-2018-16658

An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdromioctldrivestatus in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940...

CVE-2018-16658

An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdromioctldrivestatus in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940...

CVE-2018-14625

A flaw was found where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition between connect and close function may allow an attacker using the AFVSOCK protocol to gather a 4 byte information leak or possibly impersonate AFVSOCK messages...

Kernel: hw: cpu: L1 terminal fault (L1TF)

Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF issue was found in the way the x86 microprocessor designs have implemented speculative execution of...

Kernel: hw: cpu: L1 terminal fault (L1TF)

Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF issue was found in the way the x86 microprocessor designs have implemented speculative execution of...