kernel: Null pointer dereference via keyctl

A flaw was found in the Linux kernel key management subsystem in which a local attacker could crash the kernel or corrupt the stack and additional memory denial of service by supplying a specially crafted RSA key. This flaw panics the machine during the verification of the RSA key...

UBUNTU-CVE-2018-11232

The etmsetupaux function in drivers/hwtracing/coresight/coresight-etm-perf.c in the Linux kernel before 4.10.2 allows attackers to cause a denial of service panic because a parameter is incorrectly used as a local variable...

CVE-2018-8060

HWiNFO AMD64 Kernel driver version 8.98 and lower allows an unprivileged user to send an IOCTL to the device driver. If input and/or output buffer pointers are NULL or if these buffers' data are invalid, a NULL/invalid pointer access occurs, resulting in a Windows kernel panic aka Blue Screen. Th...

Design/Logic Flaw

HWiNFO AMD64 Kernel driver version 8.98 and lower allows an unprivileged user to send an IOCTL to the device driver. If input and/or output buffer pointers are NULL or if these buffers' data are invalid, a NULL/invalid pointer access occurs, resulting in a Windows kernel panic aka Blue Screen. Th...

CVE-2018-8060

HWiNFO AMD64 Kernel driver version 8.98 and lower allows an unprivileged user to send an IOCTL to the device driver. If input and/or output buffer pointers are NULL or if these buffers' data are invalid, a NULL/invalid pointer access occurs, resulting in a Windows kernel panic aka Blue Screen. Th...

Kernel panic error is seen when trying to deploy the OVA file for XenMobile Server on VMware

You receive an error similar to the following one when trying to deploy the OVA file for XenMobile Server installation on to VMware: VFS: Cannot open root device "sda3" or unknown-block0,0: error -6Please append a correct "root=" boot option: here are the available partitions:Kernel panic - not...

Vulnerability of the setup_ntlmv2_rsp() function (fs/cifs/cifsencrypt.c) in the Linux kernel, allowing a hacker to trigger a service denial

The vulnerability of the setupntlmv2rsp function fs/cifs/cifsencrypt.c in the Linux kernel is related to a pointer dereferencing error. Exploiting this vulnerability could allow an attacker, operating remotely, to cause a kernel panic on the vulnerable system when it connects to a CIFS Common...

kernel: Null pointer dereference in fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() when empty TargetInfo is returned in NTLMSSP setup negotiation response allowing to crash client's kernel

A flaw was found in the Linux kernel's client-side implementation of the cifs protocol. This flaw allows an attacker controlling the server to kernel panic a client which has the CIFS server mounted...

Memory corruption

In FreeBSD before 11.0-STABLE, 11.0-RELEASE-p10, 10.3-STABLE, and 10.3-RELEASE-p19, ipfilter using "keep state" or "keep frags" options can cause a kernel panic when fed specially crafted packet fragments due to incorrect memory handling...

CVE-2017-1081

In FreeBSD before 11.0-STABLE, 11.0-RELEASE-p10, 10.3-STABLE, and 10.3-RELEASE-p19, ipfilter using "keep state" or "keep frags" options can cause a kernel panic when fed specially crafted packet fragments due to incorrect memory handling...

CVE-2017-1081

In FreeBSD before 11.0-STABLE, 11.0-RELEASE-p10, 10.3-STABLE, and 10.3-RELEASE-p19, ipfilter using "keep state" or "keep frags" options can cause a kernel panic when fed specially crafted packet fragments due to incorrect memory handling...

CVE-2017-1081

Removed by vendor...

CVE-2017-1081

CVE-2017-1081 affects FreeBSD: ipfilter (ipfilter(4)) processing of packet fragments when using keep state or keep frags can trigger a kernel panic in certain older builds (FreeBSD before 11.0-STABLE, 11.0-RELEASE-p10, 10.3-STABLE, 10.3-RELEASE-p19). The root cause is incorrect memory handling in...

CVE-2017-1081

In FreeBSD before 11.0-STABLE, 11.0-RELEASE-p10, 10.3-STABLE, and 10.3-RELEASE-p19, ipfilter using "keep state" or "keep frags" options can cause a kernel panic when fed specially crafted packet fragments due to incorrect memory handling...

kernel: Incorrect updates of uninstantiated keys crash the kernel

A vulnerability was found in the key management subsystem of the Linux kernel. An update on an uninstantiated key could cause a kernel panic, leading to denial of service DoS...

SUSE-SU-2018:0834-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-1068: Fixed flaw in the implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of...

FreeBSD-SA-18:01.ipsec

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-18:01.ipsec REVISED Security Advisory The FreeBSD Project Topic: ipsec validation and use-after-free Category: core Module: ipsec Announced: 2018-03-07 Credits:...

FreeBSD -- ipsec validation and use-after-free

Problem Description: Due to a lack of strict checking, an attacker from a trusted host can send a specially constructed IP packet that may lead to a system crash. Additionally, a use-after-free vulnerability in the AH handling code could cause unpredictable results. Impact: Access to out of bound...

Apple OS X Yosemite - flow_divert-heap-overflow Kernel Panic Exploit

Exploit for macOS platform in category dos / poc / flowdivert-heap-overflow.c Brandon Azad CVE-2016-1827: Kernel heap overflow in the function flowdiverthandleappmapcreate on OS X and iOS. Exploitation requires root privileges. The vulnerability was patched in OS X El Capitan 10.11.5 and iOS 9.3....

Sony Playstation 4 (PS4) - NamedObj Kernel Exploit Overview Vulnerability

Exploit for hardware platform in category dos / poc Introduction So fail0verflow released a writeup today on the namedobj exploit. I and a few others have had this exploit for some time but did not release as we received help indirectly from f0f, so it was not entirely ours to release. Now that i...