Sony Playstation 4 (PS4) - NamedObj Kernel Exploit Overview Vulnerability

Exploit for hardware platform in category dos / poc Introduction So fail0verflow released a writeup today on the namedobj exploit. I and a few others have had this exploit for some time but did not release as we received help indirectly from f0f, so it was not entirely ours to release. Now that i...

Apple OS X Yosemite - flow_divert-heap-overflow Kernel Panic Exploit

Exploit for macOS platform in category dos / poc / flowdivert-heap-overflow.c Brandon Azad CVE-2016-1827: Kernel heap overflow in the function flowdiverthandleappmapcreate on OS X and iOS. Exploitation requires root privileges. The vulnerability was patched in OS X El Capitan 10.11.5 and iOS 9.3....

DEBIAN-CVE-2018-1066

The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setupntlmv2rsp that allows an attacker controlling a CIFS server to kernel panic a client that has this server mounted, because an empty TargetInfo field in an NTLMSSP setup negotiation...

Null pointer dereference

The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setupntlmv2rsp that allows an attacker controlling a CIFS server to kernel panic a client that has this server mounted, because an empty TargetInfo field in an NTLMSSP setup negotiation...

CVE-2018-1066

The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setupntlmv2rsp that allows an attacker controlling a CIFS server to kernel panic a client that has this server mounted, because an empty TargetInfo field in an NTLMSSP setup negotiation...

CVE-2018-1066

CVE-2018-1066 affects the Linux kernel prior to 4.11, where a NULL pointer dereference in fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() can cause a kernel panic on clients mounting a CIFS server, due to mishandling of an empty TargetInfo field in NTLMSSP during session recovery. Connected documents co...

CVE-2018-1066

The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setupntlmv2rsp that allows an attacker controlling a CIFS server to kernel panic a client that has this server mounted, because an empty TargetInfo field in an NTLMSSP setup negotiation...

UBUNTU-CVE-2018-1066

The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setupntlmv2rsp that allows an attacker controlling a CIFS server to kernel panic a client that has this server mounted, because an empty TargetInfo field in an NTLMSSP setup negotiation...

kernel security update

2.6.18-419.0.0.0.8 - Backport CVEs to RHCK/OL5 orabug 27547712 CVE-2017-5753 CVE-2017-5754 - 2.6.18-419.0.0.0.5 - fs fix kernel panic on boot on ia64 guests Honglei Wang orabug 26934100...

CVE-2017-18079

A flaw was found in the Linux kernel's implementation of i8042 serial ports. An attacker could cause a kernel panic if they are able to add and remove devices as the module is loaded...

kernel: Null pointer dereference due to incorrect node-splitting in assoc_array implementation

A flaw was found in the Linux kernel's implementation of associative arrays introduced in 3.13. This functionality was backported to the 3.10 kernels in Red Hat Enterprise Linux 7. The flaw involved a null pointer dereference in assocarrayapplyedit due to incorrect node-splitting in assocarray...

kernel: Null pointer dereference due to incorrect node-splitting in assoc_array implementation

A flaw was found in the Linux kernel's implementation of associative arrays introduced in 3.13. This functionality was backported to the 3.10 kernels in Red Hat Enterprise Linux 7. The flaw involved a null pointer dereference in assocarrayapplyedit due to incorrect node-splitting in assocarray...

kernel: Null pointer dereference due to incorrect node-splitting in assoc_array implementation

A flaw was found in the Linux kernel's implementation of associative arrays introduced in 3.13. This functionality was backported to the 3.10 kernels in Red Hat Enterprise Linux 7. The flaw involved a null pointer dereference in assocarrayapplyedit due to incorrect node-splitting in assocarray...

Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update provides the upstream 4.4.111 and fixes several security issues. The most important fix in this update is for the security issue named "Meltdown" that is fixed in theese kernels by enabling kernel Page Table Isolation KTPI. Note that according to AMD, this issue does not...

CVE-2017-1000407

The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic...

CVE-2017-1000407

The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic...

CVE-2017-1000407

The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic...

CVE-2017-1000407

CVE-2017-1000407 affects the Linux kernel when built with KVM support, where an attacker can flood the diagnostic port 0x80 and trigger a kernel crash. Root cause: improper validation of user-supplied input at the diagnostic port, enabling denial of service via port flooding. Impact per public ad...

CVE-2017-1000407

The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic...

UBUNTU-CVE-2017-1000407

The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic...