Microsoft Windows - 'CNG.SYS' Kernel Security Feature Bypass (MS15-052)

// Source: http://www.binvul.com/viewthread.php?tid=508 // Source: https://twitter.com/NTarakanov/status/598370525132423168 include include include pragma commentlib, "ntdll.lib" int mainint argc, CHAR argv typedef NTSTATUS stdcall NTOPENFILEOUT PHANDLE FileHandle, IN ACCESSMASK DesiredAccess, IN...

Microsoft Windows Kernel Security Feature Bypass Vulnerability (3050514)

This host is missing an important security update according to Microsoft Bulletin MS15-052. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Code injection

The machvmread functionality in the kernel in Apple OS X before 10.10.3 allows local users to cause a denial of service system crash via unspecified vectors...

Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2562-1)

Sun Baoliang discovered a use after free flaw in the Linux kernel's SCTP Stream Control Transmission Protocol subsystem during INIT collisions. A remote attacker could exploit this flaw to cause a denial of service system crash or potentially escalate their privileges on the system. CVE-2015-1421...

RHEL 7 : kernel (RHSA-2015:0726)

Updated kernel packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, a...

kernel security and bug fix update

3.10.0-229.1.2 - Oracle Linux certificates Alexey Petrenko 3.10.0-229.1.2 - infiniband core: Prevent integer overflow in ibumemget address arithmetic Doug Ledford 1181177 1179347 CVE-2014-8159 3.10.0-229.1.1 - crypto testmgr: mark rfc4106gcmaes as fipsallowed Jarod Wilson 1197751 1185400 - virt...

Unbreakable Enterprise kernel security and bugfix update

kernel-uek 3.8.13-68 - ttusb-dec: buffer overflow in ioctl Dan Carpenter Orabug: 20673373 CVE-2014-8884 - mm: Fix NULL pointer dereference in madviseMADVWILLNEED support Kirill A. Shutemov Orabug: 20673279 CVE-2014-8173 - netfilter: conntrack: disable generic tracking for known protocols Florian...

Important: Red Hat Security Advisory: kernel security update

Updated kernel packages that fix three security issues are now available for Red Hat Enterprise Linux 6.2 Advanced Update Support. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

RHEL 6 : kernel (RHSA-2014:2030)

Updated kernel packages that fix one security issue are now available for Red Hat Enterprise Linux 6.4 Extended Update Support. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severit...

Important: Red Hat Security Advisory: kernel security update

Updated kernel packages that fix one security issue are now available for Red Hat Enterprise Linux 6.4 Extended Update Support. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severit...

CVE-2014-8133

arch/x86/kernel/tls.c in the Thread Local Storage TLS implementation in the Linux kernel through 3.18.1 allows local users to bypass the espfix protection mechanism, and consequently makes it easier for local users to bypass the ASLR protection mechanism, via a crafted application that makes a...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

OracleVM 2.1 : kernel (OVMSA-2009-0004)

The remote OracleVM system is missing necessary patches to address critical security updates : CVE-2008-3528 The error-reporting functionality in 1 fs/ext2/dir.c, 2 fs/ext3/dir.c, and possibly 3 fs/ext4/dir.c in the Linux kernel 2.6.26.5 does not limit the number of printk console messages that...

MGASA-2014-0459 Updated kernel-tmb packages fix security vulnerabilities

This kernel-tmb update is based on upstream -longterm 3.10.58 and fixes the following security issues: The kvmiommumappages function in virt/kvm/iommu.c in the Linux kernel through 3.16.1 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to 1...

RHEL 5 : kernel (RHSA-2014:0772)

Updated kernel packages that fix three security issues and two bugs are now available for Red Hat Enterprise Linux 5.9 Extended Update Support. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which...

RHEL 6 : kernel (RHSA-2014:0432)

Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 6.4 Extended Update Support. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, whi...

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel Security (ELSA-2014-3085)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-3085 advisory. - USB: whiteheat: Added bounds checking for bulk command response James Forshaw Orabug: 19849335 CVE-2014-3185 - HID: fix a couple of off-by-ones...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel Security (ELSA-2014-3084)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-3084 advisory. - USB: whiteheat: Added bounds checking for bulk command response James Forshaw Orabug: 19849334 CVE-2014-3185 - HID: fix a couple of off-by-ones...

Important: Red Hat Security Advisory: kernel security update

Updated kernel packages that fix two security issues are now available for Red Hat Enterprise Linux 6.2 Advanced Update Support. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...