Ubuntu 12.04 LTS : linux vulnerability (USN-1992-1)

An information leak was discovered in the Linux kernel when reading broadcast messages from the notifypolicy interface of the IPSec keysocket. A local user could exploit this flaw to examine potentially sensitive information in kernel memory. Note that Tenable Network Security has extracted the...

Ubuntu: Security Advisory (USN-1972-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-1973-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 12.10 : linux vulnerabilities (USN-1972-1)

Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on ARM platforms. A local user could exploit this flaw to gain privileges or cause a denial of service system crash. CVE-2013-4254 A failure to validate block numbers was discovered in the Linux kernel's implementation of th...

RHEL 5 : kernel (RHSA-2013:1292)

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

Design/Logic Flaw

The sendfile system-call implementation in sys/kern/uipcsyscalls.c in the kernel in FreeBSD 9.2-RC1 and 9.2-RC2 does not properly pad transmissions, which allows local users to obtain sensitive information kernel memory via a length greater than the length of the file...

Kernel: fanotify: info leak in copy_event_to_user

The filleventmetadata function in fs/notify/fanotify/fanotifyuser.c in the Linux kernel through 3.9.4 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a read operation on the fanotify descriptor...

Kernel: information leak in cdrom driver

The mmcioctlcdromreaddata function in drivers/cdrom/cdrom.c in the Linux kernel through 3.10 allows local users to obtain sensitive information from kernel memory via a read operation on a malfunctioning CD-ROM drive...

Kernel: cpqarray/cciss: information leak via ioctl

The HP Smart Array controller disk-array driver and Compaq SMART2 controller disk-array driver in the Linux kernel through 3.9.4 do not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory via 1 a crafted IDAGETPCIINFO command for a...

Kernel: signal: information leak in tkill/tgkill

The dotkill function in kernel/signal.c in the Linux kernel before 3.8.9 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via a crafted application that makes a 1 tkill or 2 tgkill system call...

Kernel: net: af_key: initialize satype in key_notify_policy_flush

The keynotifypolicyflush function in net/key/afkey.c in the Linux kernel before 3.9 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notifypolicy interface of an IPSec keysocket...

DEBIAN-CVE-2013-2895

drivers/hid/hid-logitech-dj.c in the Human Interface Device HID subsystem in the Linux kernel through 3.11, when CONFIGHIDLOGITECHDJ is enabled, allows physically proximate attackers to cause a denial of service NULL pointer dereference and OOPS or obtain sensitive information from kernel memory...

UBUNTU-CVE-2013-2898

drivers/hid/hid-sensor-hub.c in the Human Interface Device HID subsystem in the Linux kernel through 3.11, when CONFIGHIDSENSORHUB is enabled, allows physically proximate attackers to obtain sensitive information from kernel memory via a crafted device...

FreeBSD Security Advisory FreeBSD-SA-13:11.sendfile

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-13:11.sendfile Security Advisory The FreeBSD Project Topic: Kernel memory disclosure in sendfile2 Category: core Module: sendfile Announced: 2013-09-10 Credits: E...

PT-2013-3097 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: Elevation of privilege issues exist due to the Windows kernel-mode driver's improper handling of objects in memory. An attacker who successfully exploits these issues could gain elevated...

MS Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2876315)

This host is missing an important security update according to Microsoft Bulletin MS13-076. OpenVAS Vulnerability Test $Id: secpodms13-076.nasl 6104 2017-05-11 09:03:48Z teissa $ MS Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities 2876315 Authors: Antu Sanadi Copyright: Copyright c...

PT-2013-4700 · Microsoft · Windows Xp +8

Name of the Vulnerable Software and Affected Versions: Windows XP versions SP2 and SP3 Windows Server 2003 version SP2 Windows Vista version SP2 Windows Server 2008 versions SP2 and R2 SP1 Windows 7 version SP1 Windows 8 Windows Server 2012 Windows RT Description: An issue exists in the Windows...

Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2876315)

This host is missing an important security update according to Microsoft Bulletin MS13-076. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

FreeBSD-SA-13:11.sendfile

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-13:11.sendfile Security Advisory The FreeBSD Project Topic: Kernel memory disclosure in sendfile2 Category: core Module: sendfile Announced: 2013-09-10 Credits: E...

Amazon Linux AMI : systemtap (ALAS-2012-54)

An invalid pointer read flaw was found in the way SystemTap handled malformed debugging information in DWARF format. When SystemTap unprivileged mode was enabled, an unprivileged user in the stapusr group could use this flaw to crash the system or, potentially, read arbitrary kernel memory...