192 matches found
GSD-2021-1000062 ext4: fix check to prevent false positive report of incorrect used inodes
ext4: fix check to prevent false positive report of incorrect used inodes This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.3 by commit...
GSD-2021-1000199 usb: dwc3: gadget: Free gadget structure only after freeing endpoints
usb: dwc3: gadget: Free gadget structure only after freeing endpoints This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.5 by commit...
CVE-2019-19814
In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause removedirtysegment slab-out-of-bounds write access because an array is bounded by the number of dirty types 8 but the array index can exceed this...
Low: Red Hat Security Advisory: kernel-alt security and bug fix update
An update for kernel-alt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
Linux Kernel 2.6.x / 3.10.x / 4.14.x (RedHat / Debian / CentOS) (x64) - 'Mutagen Astronomy' Local Privilege Escalation
/ EDB-Note: Systems with less than 32GB of RAM are unlikely to be affected by this issue, due to memory demands during exploitation. EDB Note: poc-exploit.c / / poc-exploit.c for CVE-2018-14634 Copyright C 2018 Qualys, Inc. This program is free software: you can redistribute it and/or modify it...
Important: Red Hat Security Advisory: kernel-alt security and bug fix update
An update for kernel-alt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...
Moderate: Red Hat Enhancement Advisory: new packages: kernel-alt
New kernel-alt packages are now available for Red Hat Enterprise Linux 7. The kernel-alt packages provide the Linux kernel version 4.11.0. This enhancement update adds the kernel-alt packages to Red Hat Enterprise Linux 7 for ARM and for IBM Power LE POWER9. For detailed information on changes in...
How to check Xenmobile Server Kernel version
How to check kernel Linux version for XenMobile server...
CVE-2017-1000379
The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing attackers to more easily manipulate the stack. Linux Kernel version 4.11.5 is affected...
Linux Kernel 2.6.22 < 3.9 - Dirty COW /proc/self/mem Race Condition Privilege Escalation (/etc/pa
Exploit for linux platform in category local exploits // EDB-Note: Compile: g++ -Wall -pedantic -O2 -std=c++11 -pthread -o dcow 40847.cpp -lutil // EDB-Note: Recommended way to run: ./dcow -s Will automatically do "echo 0 /proc/sys/vm/dirtywritebackcentisecs" // //...
Linux Kernel 2.6.22 < 3.9 - Dirty COW /proc/self/mem Race Condition Privilege Escalation (/etc/pa
Exploit for linux platform in category local exploits // EDB-Note: Compile: g++ -Wall -pedantic -O2 -std=c++11 -pthread -o dcow 40847.cpp -lutil // EDB-Note: Recommended way to run: ./dcow -s Will automatically do "echo 0 /proc/sys/vm/dirtywritebackcentisecs" // //...
Linux 内核通过 BPF 系统调用提权漏洞
漏洞概要 4 月 27 日有安全研究人员在 bugs.chromium.org 站点提交了本地提权高 危漏洞。 Linux 内核版本大于等于 4.4 时,当内核编译了 CONFIGBPFSYSCALL 并 且 sysctl 中的 kernel.unprivilegedbpfdisabled 没有明确设置为 1 时,无特 权的代码可以使用 bpf 系统调用加载 eBPF socket 过滤程序,从而达到系统提 权的⺫的,而前面的两个条件在最新的 Linux 发行版 Ubuntu 16.04 桌面版和 服务器版本均满足,经过测试 Kali Rolling 发行版 内核 4.4.0...
Android Security Advisory — 2016-03-18Stay organized with collectionsSave and categorize content based on your preferences.
Android Security Advisories are supplemental to the Nexus Security Bulletins. Refer to our summary page for more information about Security Advisories. Summary Google has become aware of a rooting application using an unpatched local elevation of privilege vulnerability in the kernel on some...
PT-2016-4999 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.3.5 Description: The issue allows remote attackers to cause a denial of service, resulting in a divide-by-zero error and system crash, via crafted TCP traffic. This is due to a problem in the tcp cwnd reductio...
Th3 MMA mma.php Backdoor Arbitrary File Upload Exploit
Exploit for php platform in category remote exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'nokogiri' class Metasploit3 'Th3 MMA mma.php Backdoor Arbitrary File Upload', 'Descriptio...
Th3 MMA mma.php Backdoor Arbitrary File Upload
This module exploits Th3 MMA mma.php Backdoor which allows an arbitrary file upload that leads to arbitrary code execution. This backdoor also echoes the Linux kernel version or operating system version because of the phpuname function. This module requires Metasploit:...
CVE-2014-7283
The xfsda3fixhashpath function in fs/xfs/xfsdabtree.c in the xfs implementation in the Linux kernel before 3.14.2 does not properly compare btree hash values, which allows local users to cause a denial of service filesystem corruption, and OOPS or panic via operations on directories that have has...
Linux Kernel <= 2.6.37 - Local Privilege Escalation
No description provided by source. / Linux Kernel = 2.6.37 local privilege escalation by Dan Rosenberg @djrbliss on twitter Usage: gcc full-nelson.c -o full-nelson ./full-nelson This exploit leverages three vulnerabilities to get root, all of which were discovered by Nelson Elhage: CVE-2010-4258...
Linux Kernel <= 2.4.29-rc2 uselib() Privilege Elevation
No description provided by source. / binfmtelf uselib VMA insert race vulnerability v1.08 gcc -O2 -fomit-frame-pointer elflbl.c -o elflbl Copyright c 2004 iSEC Security Research. All Rights Reserved. THIS PROGRAM IS FOR EDUCATIONAL PURPOSES ONLY IT IS PROVIDED AS IS AND WITHOUT ANY WARRANTY...
Linux Kernel < 2.6.22 ftruncate()/open() Local Exploit
No description provided by source. / gw-ftrex.c: Linux kernel 2.6.22 open/ftruncate local exploit by gat3way at gat3way dot eu bug information: http://osvdb.org/49081 !!!This is for educational purposes only!!! To use it, you've got to find a sgid directory you've got permissions to write into...