757 matches found
CVE-2017-16539
The DefaultLinuxSpec function in oci/defaults.go in Docker Moby through 17.03.2-ce does not block /proc/scsi pathnames, which allows attackers to trigger data loss when certain older Linux kernels are used by leveraging Docker container access to write a "scsi remove-single-device" line to...
CVE-2017-16539
The DefaultLinuxSpec function in oci/defaults.go in Docker Moby through 17.03.2-ce does not block /proc/scsi pathnames, which allows attackers to trigger data loss when certain older Linux kernels are used by leveraging Docker container access to write a "scsi remove-single-device" line to...
CVE-2017-16539
The DefaultLinuxSpec function in oci/defaults.go in Docker Moby through 17.03.2-ce does not block /proc/scsi pathnames, which allows attackers to trigger data loss when certain older Linux kernels are used by leveraging Docker container access to write a "scsi remove-single-device" line to...
CVE-2017-16539
The DefaultLinuxSpec function in oci/defaults.go in Docker Moby through 17.03.2-ce does not block /proc/scsi pathnames, which allows attackers to trigger data loss when certain older Linux kernels are used by leveraging Docker container access to write a "scsi remove-single-device" line to...
CVE-2017-16539
The DefaultLinuxSpec function in oci/defaults.go in Docker Moby through 17.03.2-ce does not block /proc/scsi pathnames, which allows attackers to trigger data loss when certain older Linux kernels are used by leveraging Docker container access to write a "scsi remove-single-device" line to...
Diamorphine - LKM Rootkit for Linux Kernels 2.6.x/3.x/4.x
Diamorphine is a LKM rootkit for Linux Kernels 2.6.x/3.x/4.x Features When loaded, the module starts invisible; Hide/unhide any process by sending a signal 31; Sending a signal 63to any pid makes the module become invisible; Sending a signal 64to any pid makes the given user become root; Files or...
SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2017:2864-1)
This update for xen fixes several issues: These security issues were fixed : - CVE-2017-5526: The ES1370 audio device emulation support was vulnerable to a memory leakage issue allowing a privileged user inside the guest to cause a DoS and/or potentially crash the Qemu process on the host...
CVE-2017-1000253
Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 committed on April 14, 2015. This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 backported to Linux 3.10.7...
CentOS 7 before 1708 PIE/stack corruption Vulnerability
Exploit for linux platform in category remote exploits Linux PIE/stack corruption CVE-2017-1000253 ======================================================================== Contents ======================================================================== Summary Analysis Exploitation Acknowledgmen...
CVE-2017-1000253
Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 committed on April 14, 2015. This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 backported to Linux 3.10.7...
CVE-2017-1000253
Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 committed on April 14, 2015. This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 backported to Linux 3.10.7...
Linux Local Privilege Escalation Vulnerability
A Linux PIE/stack corruption vulnerability exists. Most notably, all versions of CentOS 7 before 1708 released on September 13, 2017, all versions of Red Hat Enterprise Linux 7 before 7.4 released on August 1, 2017, and all versions of CentOS 6 and Red Hat Enterprise Linux 6 are exploitable. Linu...
CVE-2015-5327
Out-of-bounds memory read in the x509decodetime function in x509certparser.c in Linux kernels 4.3-rc1 and after...
UBUNTU-CVE-2015-5327
Out-of-bounds memory read in the x509decodetime function in x509certparser.c in Linux kernels 4.3-rc1 and after...
CVE-2015-5327
CVE-2015-5327 affects the Linux kernel (4.3-rc1 and later); the flaw is an out-of-bounds memory read in x509_decode_time within x509_cert_parser.c. Impact is partially confidentiality (per CVSS2) and high confidentiality (per CVSS3); the issue is fixed by kernel patches (as noted in referenced ad...
DEBIAN-CVE-2017-9725
In all Qualcomm products with Android releases from CAF using the Linux kernel, during DMA allocation, due to wrong data type of size, allocation size gets truncated which makes allocation succeed when it should fail...
Kernel security update: CVE-2017-7542 and other; Virtuozzo ReadyKernel patch 27.0 for Virtuozzo 7.0.5
The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to Virtuozzo kernels 3.10.0-514.26.1.vz7.33.22 Virtuozzo 7.0.5. Vulnerability id: CVE-2017-7542 Integer overflow vulnerability in ip6find1stfragopt function was found. Local attacker that h...
CVE-2017-7541
Kernel memory corruption due to a buffer overflow was found in brcmfcfg80211mgmttx function in Linux kernels from v3.9-rc1 to v4.13-rc1. The vulnerability can be triggered by sending a crafted NL80211CMDFRAME packet via netlink. This flaw is unlikely to be triggered remotely as certain userspace...
CVE-2017-9986
The intr function in sound/oss/msndpinnacle.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service over-boundary access or possibly have unspecified other impact by changing the value of a message queue head pointer between two kernel reads of that value, aka a "doub...
CVE-2017-0633
An information disclosure vulnerability in the Broadcom Wi-Fi driver could enable a local malicious component to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10,...