new packages: keyutils

An update is available for keyutils. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Enterpris...

ALBA-2021:4454 keyutils bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

keyutils bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

keyutils bug fix and enhancement update

An update is available for keyutils. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Enterpris...

Linux Kernel keyctl_set_reqkey_keyring Denial Of Service

/ Source: https://bugzilla.novell.com/showbug.cgi?id=1034862 QA REPRODUCER: gcc -O2 -o CVE-2017-7472 CVE-2017-7472.c -lkeyutils ./CVE-2017-7472 will run the kernel out of memory / include include int main for ;; keyctlsetreqkeykeyringKEYREQKEYDEFLTHREADKEYRING;...

Linux Kernel < 4.10.13 - keyctl_set_reqkey_keyring Local Denial of Service Exploit

Exploit for linux platform in category dos / poc / Source: https://bugzilla.novell.com/showbug.cgi?id=1034862 QA REPRODUCER: gcc -O2 -o CVE-2017-7472 CVE-2017-7472.c -lkeyutils ./CVE-2017-7472 will run the kernel out of memory / include include int main for ;;...

CVE-2016-7914

The assocarrayinsertintoterminalnode function in lib/assocarray.c in the Linux kernel before 4.5.3 does not check whether a slot is a leaf, which allows local users to obtain sensitive information from kernel memory or cause a denial of service invalid pointer dereference and out-of-bounds read v...

UBUNTU-CVE-2016-7914

The assocarrayinsertintoterminalnode function in lib/assocarray.c in the Linux kernel before 4.5.3 does not check whether a slot is a leaf, which allows local users to obtain sensitive information from kernel memory or cause a denial of service invalid pointer dereference and out-of-bounds read v...

Linux Kernel REFCOUNT Overflow / Use-After-Free

Exploit Title: Linux kernel REFCOUNT overflow/Use-After-Free in keyrings Date: 19/1/2016 Exploit Author: Perception Point Team CVE : CVE-2016-0728 / CVE-2016-0728 local root exploit modified by Federico Bento to read kernel symbols from /proc/kallsyms props to grsecurity/PaX for preventing this i...

Linux Kernel 4.4.1 - REFCOUNT Overflow Use-After-Free in Keyrings Local Privilege Escalation (1)

/ Exploit Title: Linux kernel REFCOUNT overflow/Use-After-Free in keyrings Date: 19/1/2016 Exploit Author: Perception Point Team CVE : CVE-2016-0728 / / $ gcc cve20160728.c -o cve20160728 -lkeyutils -Wall / / $ ./cve2016072 PPKEY / / EDB-Note: More information...

ipa security and bug fix update

3.0.0-47.el6 - Resolves: 1220788 - Some IPA schema files are not RFC 4512 compliant 3.0.0-46.el6 - Use tls version range in NSSHTTPS initialization - Resolves: 1154687 - POODLE: force using safe ciphers non-SSLv3 in IPA client and server - Resolves: 1012224 - host certificate not issued to client...

SLES11: Security update for curl

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: curl keyutils-libs libcurl4 libidn More details may also be found by searching for the SuSE Enterprise Server 11 patch database located at...

MDVA-2009:025 : keyutils

This update fixes two minor issues with keyutils. request-key was installed in /usr/sbin while the kernel expect it in /sbin directory. keyctl was installed in /usr/bin instead of /bin. This update also add lines to /etc/request-key.conf for cifs.upcall required for krb5 support for mount.cifs...

MDVA-2009:025-1 : keyutils

This update fixes two minor issues with keyutils. request-key was installed in /usr/sbin while the kernel expect it in /sbin directory. keyctl was installed in /usr/bin instead of /bin. This update also add lines to /etc/request-key.conf for cifs.upcall required for krb5 support for mount.cifs...

SUSE: Security Summary (SUSE-SR:2009:005)

The remote host is missing updates announced in advisory SUSE-SR:2009:005. SuSE Security Summaries are short on detail when it comes to the names of packages affected by a particular bug. Because of this, while this test will detect out of date packages, it cannot tell you what bugs impact which...