1244 matches found
UBUNTU-CVE-2012-6703
Integer overflow in the sndcomprallocatebuffer function in sound/core/compressoffload.c in the ALSA subsystem in the Linux kernel before 3.6-rc6-next-20120917 allows local users to cause a denial of service insufficient memory allocation or possibly have unspecified other impact via a crafted...
DEBIAN-CVE-2016-3713
The msrmtrrvalid function in arch/x86/kvm/mtrr.c in the Linux kernel before 4.6.1 supports MSR 0x2f8, which allows guest OS users to read or write to the kvmarchvcpu data structure, and consequently obtain sensitive information or cause a denial of service system crash, via a crafted ioctl call...
kernel security, bug fix, and enhancement update
2.6.32-642 - scsi fc: revert - ensure scanwork isnt active when freeing fcrport Ewan Milne 1326447 - netdrv ixgbe: Update ixgbe driver to use netdevpicktx in ixgbeselectqueue John Greene 1310749 - netdrv mlx5e: Fix adding vlan rule with vid zero twice Kamal Heib 1322809 2.6.32-641 - netdrv ixgbe:...
Linux 内核通过 BPF 系统调用提权漏洞
漏洞概要 4 月 27 日有安全研究人员在 bugs.chromium.org 站点提交了本地提权高 危漏洞。 Linux 内核版本大于等于 4.4 时,当内核编译了 CONFIGBPFSYSCALL 并 且 sysctl 中的 kernel.unprivilegedbpfdisabled 没有明确设置为 1 时,无特 权的代码可以使用 bpf 系统调用加载 eBPF socket 过滤程序,从而达到系统提 权的⺫的,而前面的两个条件在最新的 Linux 发行版 Ubuntu 16.04 桌面版和 服务器版本均满足,经过测试 Kali Rolling 发行版 内核 4.4.0...
DEBIAN-CVE-2015-8746
fs/nfs/nfs4proc.c in the NFS client in the Linux kernel before 4.2.2 does not properly initialize memory for migration recovery operations, which allows remote NFS servers to cause a denial of service NULL pointer dereference and panic via crafted network traffic...
Linux kernel ati_remote2 Driver Component Denial of Service Vulnerability
The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the U.S. The atiremote2 Driver is one of the graphics card driver components. A denial of service vulnerability exists in the atiremote2 Driver component of Linux kernel version...
Apple Intel HD 3000 Graphics driver 10.0.0 - Privilege Escalation
Exploit for macOS platform in category local exploits / ░▀█▀░█▀█░█░░░█▀█░█▀▀░░░█░█░█░█░█░░░█▀█░█▀▄░█▀▀░█░█░ ░░█░░█▀█░█░░░█░█░▀▀█░░░▀▄▀░█░█░█░░░█░█░█░█░█▀▀░▀▄▀░ ░░▀░░▀░▀░▀▀▀░▀▀▀░▀▀▀░░░░▀░░▀▀▀░▀▀▀░▀░▀░▀▀░░▀▀▀░░▀░░ T A L O S V U L N D E V Proof-of-Concept Exploit Advisory:...
Apple Intel HD 3000 Graphics Driver 10.0.0 - Local Privilege Escalation
Apple Intel HD 3000 Graphics Driver 10.0.0 - Local Privilege Escalation / ░▀█▀░█▀█░█░░░█▀█░█▀▀░░░█░█░█░█░█░░░█▀█░█▀▄░█▀▀░█░█░ ░░█░░█▀█░█░░░█░█░▀▀█░░░▀▄▀░█░█░█░░░█░█░█░█░█▀▀░▀▄▀░ ░░▀░░▀░▀░▀▀▀░▀▀▀░▀▀▀░░░░▀░░▀▀▀░▀▀▀░▀░▀░▀▀░░▀▀▀░░▀░░ T A L O S V U L N D E V Proof-of-Concept Exploit Advisory:...
Android Security Advisory — 2016-03-18Stay organized with collectionsSave and categorize content based on your preferences.
Android Security Advisories are supplemental to the Nexus Security Bulletins. Refer to our summary page for more information about Security Advisories. Summary Google has become aware of a rooting application using an unpatched local elevation of privilege vulnerability in the kernel on some...
Two kind of vulnerabilities, you can make a billion Android phone is to obtain Root permissions-bug warning-the black bar safety net
Trend Micro reported that billions of Android device on the discovered vulnerabilities, an attacker by a simple operation to obtain root access. Currently on the market most of the smart devices are using the Qualcomm Snapdragon SoCs system chip, according to the company's official website...
SUSE-SU-2016:0585-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 12 SP1 kernel was updated to 3.12.53 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2013-7446: Use-after-free vulnerability in net/unix/afunix.c in the Linux kernel allowed local users to bypass intended AFUNIX socket permissions ...
PT-2016-4999 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.3.5 Description: The issue allows remote attackers to cause a denial of service, resulting in a divide-by-zero error and system crash, via crafted TCP traffic. This is due to a problem in the tcp cwnd reductio...
Th3 MMA mma.php Backdoor Arbitrary File Upload Exploit
Exploit for php platform in category remote exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'nokogiri' class Metasploit3 'Th3 MMA mma.php Backdoor Arbitrary File Upload', 'Descriptio...
Th3 MMA mma.php Backdoor Arbitrary File Upload
This module exploits Th3 MMA mma.php Backdoor which allows an arbitrary file upload that leads to arbitrary code execution. This backdoor also echoes the Linux kernel version or operating system version because of the phpuname function. This module requires Metasploit:...
Linux kernel buffer overflow vulnerability (CNVD-2015-06888)
The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A security vulnerability in the 'sctpinit' function in the net/sctp/protocol.c file in Linux kernel versions 4.2.2 and earlier stems from the presence of a failure to correctl...
UBUNTU-CVE-2015-5257
drivers/usb/serial/whiteheat.c in the Linux kernel before 4.2.4 allows physically proximate attackers to cause a denial of service NULL pointer dereference and OOPS or possibly have unspecified other impact via a crafted USB device. NOTE: this ID was incorrectly used for an Apache Cordova issue...
Amazon Linux: Security Advisory (ALAS-2013-252)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PT-2015-6383 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 4.0.5 Description: The issue allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted packet, related to the oz usb rx and oz usb handle ep data functions. This is due...
Vulnerabilities of the Red Hat Linux operating system that allow malicious actors to compromise the confidentiality, integrity, and accessibility of protected information
Multiple vulnerabilities exist in the kernel-2.2.17 component of the Red Hat Linux operating system. Exploitation of these vulnerabilities may lead to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited locally...
Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality of protected information
The Linux-image-2.6.18-4-686 operating system from Debian GNU/Linux has multiple vulnerabilities that, if exploited, may lead to a violation of the confidentiality of protected information. These vulnerabilities can be exploited remotely...