Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix three security issues and one bug are now available for Red Hat Enterprise Linux 6.4 Extended Update Support. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which...

USN-2282-1: Linux kernel vulnerabilities

Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol PPP when used with the Layer Two Tunneling Protocol L2TP. A local user could exploit this flaw to gain administrative privileges. CVE-2014-4943 An flaw was discovered in the Linux kernel's audit subsystem when auditing...

Privilege escalation

FreeBSD 8.4 before p14, 9.1 before p17, 9.2 before p10, and 10.0 before p7 does not properly initialize certain data structures, which allows local users to obtain sensitive information from kernel memory via a 1 SCTPSNDRCV, 2 SCTPEXTRCV, or 3 SCTPRCVINFO SCTP cmsg or a 4 SCTPPEERADDRCHANGE, 5...

CVE-2014-3952

CVE-2014-3952 is a local kernel memory disclosure in FreeBSD-related kernels. The vulnerability stems from improper initialization of the buffer between the control message header and data for sockbuf control messages, allowing an unprivileged local process to read kernel memory. Affected: FreeBS...

CVE-2014-3953

FreeBSD 8.4 before p14, 9.1 before p17, 9.2 before p10, and 10.0 before p7 does not properly initialize certain data structures, which allows local users to obtain sensitive information from kernel memory via a 1 SCTPSNDRCV, 2 SCTPEXTRCV, or 3 SCTPRCVINFO SCTP cmsg or a 4 SCTPPEERADDRCHANGE, 5...

CVE-2014-3952

Removed by vendor...

FreeBSD Security Advisory FreeBSD-SA-14:17.kmem

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-14:17.kmem Security Advisory The FreeBSD Project Topic: Kernel memory disclosure in control messages and SCTP notifications Category: core Module: kern, sctp...

DLA-0015-1 linux-2.6 - security update

Bulletin has no description...

FreeBSD-SA-14:17.kmem

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-14:17.kmem Security Advisory The FreeBSD Project Topic: Kernel memory disclosure in control messages and SCTP notifications Category: core Module: kern, sctp...

DEBIAN-CVE-2014-4652

Race condition in the tlv handler functionality in the sndctlelemusertlv function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 allows local users to obtain sensitive information from kernel memory by leveraging /dev/snd/controlCX access...

CVE-2014-4653

sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not ensure possession of a read/write lock, which allows local users to cause a denial of service use-after-free and obtain sensitive information from kernel memory by leveraging /dev/snd/controlCX acce...

Race condition

Race condition in the tlv handler functionality in the sndctlelemusertlv function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 allows local users to obtain sensitive information from kernel memory by leveraging /dev/snd/controlCX access...

Double free

sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not ensure possession of a read/write lock, which allows local users to cause a denial of service use-after-free and obtain sensitive information from kernel memory by leveraging /dev/snd/controlCX acce...

CVE-2014-4653

Summary (CVE-2014-4653) : The ALSA control implementation in the Linux kernel has a race/lock handling issue in sound/core/control.c. It does not ensure possession of a read/write lock, enabling a local attacker to trigger a denial of service (use-after-free) and to potentially read kernel memory...

CVE-2014-4653

sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not ensure possession of a read/write lock, which allows local users to cause a denial of service use-after-free and obtain sensitive information from kernel memory by leveraging /dev/snd/controlCX acce...

UBUNTU-CVE-2014-4652

Race condition in the tlv handler functionality in the sndctlelemusertlv function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 allows local users to obtain sensitive information from kernel memory by leveraging /dev/snd/controlCX access...

CVE-2014-1372

Graphics Driver in Apple OS X before 10.9.4 does not properly restrict read operations during processing of an unspecified system call, which allows local users to obtain sensitive information from kernel memory and bypass the ASLR protection mechanism via a crafted call...

Memory corruption

Graphics Driver in Apple OS X before 10.9.4 does not properly restrict read operations during processing of an unspecified system call, which allows local users to obtain sensitive information from kernel memory and bypass the ASLR protection mechanism via a crafted call...

CVE-2014-1372

Graphics Driver in Apple OS X before 10.9.4 does not properly restrict read operations during processing of an unspecified system call, which allows local users to obtain sensitive information from kernel memory and bypass the ASLR protection mechanism via a crafted call...

Mac OS X xnu <= 1228.3.13 (profil) Kernel Memory Leak/DoS PoC

No description provided by source. / xnu-profil-leak.c Copyright c 2008 by [email protected] Apple MACOS X xnu = 1228.3.13 local kernel memory leak/DoS POC by mu-b - Sat 16 Feb 2008 - Tested on: Apple MACOS X 10.5.1 xnu-1228.0.21/RELEASEI386 Apple MACOS X 10.5.2 xnu-1228.3.131/RELEASEI386 -...