24 matches found
EUVD-2016-9940
Malware in sbrugna...
EUVD-2004-0010
Malware in sbrugna...
EUVD-2015-8858
Malware in sbrugna...
Important: Red Hat Security Advisory: kernel-rt security update
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as...
CVE-2023-5197
A use-after-free vulnerability in the Linux kernel's netfilter: nftables component can be exploited to achieve local privilege escalation. Addition and removal of rules from chain bindings within the same transaction causes leads to use-after-free. We recommend upgrading past commit...
CVE-2022-3577
An out-of-bounds memory write flaw was found in the Linux kernel’s Kid-friendly Wired Controller driver. This flaw allows a local user to crash or potentially escalate their privileges on the system. It is in bigbenprobe of drivers/hid/hid-bigbenff.c. The reason is incorrect assumption - bigben...
MGASA-2021-0347 Updated kernel packages fix security vulnerabilities
This kernel update is based on upstream 5.10.48 and fixes at least the following security issues: The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database aka dbx protection mechanism. This affects certs/blacklist.c and certs/systemkeyring.c...
SUSE: Security Advisory (SUSE-SU-2014:0775-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EUVD-2018-10659
In the Linux kernel 4.15.x through 4.19.x before 4.19.2, mapwrite in kernel/usernamespace.c allows privilege escalation because it mishandles nested user namespaces with more than 5 UID or GID ranges. A user who has CAPSYSADMIN in an affected user namespace can bypass access controls on resources...
Integer overflow
An integer overflow flaw was found in the Linux kernel's createelftables function. An unprivileged local user with access to SUID or otherwise privileged binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable...
Linux Kernel 4.14.0-rc4+ - 'waitid()' Local Privilege Escalation
define GNUSOURCE include include include include include include include struct cred; struct taskstruct; typedef struct cred preparekernelcredt struct taskstruct daemon attributeregparm3; typedef int commitcredst struct cred new attributeregparm3; preparekernelcredt preparekernelcred; commitcreds...
Yet Another Linux Kernel Privilege-Escalation Bug Discovered
Security researchers have discovered a new privilege-escalation vulnerability in Linux kernel that could allow a local attacker to execute code on the affected systems with elevated privileges. Discovered by Venustech ADLab Active-Defense Lab researchers, the Linux kernel vulnerability...
CVE-2017-12146
The driveroverride implementation in drivers/base/platform.c in the Linux kernel before 4.12.1 allows local users to gain privileges by leveraging a race condition between a read operation and a store operation that involve different overrides...
CVE-2017-7308
The packetsetring function in net/packet/afpacket.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service integer signedness error and out-of-bounds write, or gain privileges if the CAPNETRAW capability is held...
Linux Kernel 2.6.x pipe.c Privilege Escalation Exploit
Linux kernel versions 2.6.10 up to but not including 2.6.31.5 pipe.c privilege escalation exploit. / expmoosecox.c Watch a video of the exploit here: http://www.youtube.com/watch?v=jt81NvaOj5Y developed entirely by Ingo Molnar exploit writer extraordinaire! , thanks to Fotis Loukos for pointing t...
CVE-2015-0570
Stack-based buffer overflow in the SETWPSIE IOCTL implementation in wlanhddhostapd.c in the WLAN aka Wi-Fi driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, allows attackers to gain privileges via a crafte...
CVE-2014-9710
The Btrfs implementation in the Linux kernel before 3.19 does not ensure that the visible xattr state is consistent with a requested replacement, which allows local users to bypass intended ACL settings and gain privileges via standard filesystem operations 1 during an xattr-replacement time...
CVE-2013-2851
Format string vulnerability in the registerdisk function in block/genhd.c in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root access and writing format string specifiers to /sys/module/mdmod/parameters/newarray in order to create a crafted /dev/md device nam...
Linux 2.6 Kernel ptrace_attach Privilege Escalation
/ ptraceattach privilege escalation exploit by s0m3b0dy tested on Gentoo 2.6.29rc1 grataz: Tazo, rassta, nukedclx, maciek, D0hannuk, mivus, wacky, nejmo, filo... email: s0m3b0dy1 at gmail.com / include include include include include include include include include include include include include...
CVE-2008-3527
arch/i386/kernel/sysenter.c in the Virtual Dynamic Shared Objects vDSO implementation in the Linux kernel before 2.6.21 does not properly check boundaries, which allows local users to gain privileges or cause a denial of service via unspecified vectors, related to the installspecialmapping,...