5579 matches found
Debian DLA-316-1 : eglibc security update
Several vulnerabilities have been discovered in eglibc that may lead to a privilege escalation or denial of service. Glibc pointer guarding weakness A weakness in the dynamic loader prior has been found. The issue is that the LDPOINTERGUARD in the environment is not sanitized allowing local...
MGASA-2015-0339 Updated freeimage packages fix security vulnerabilities
Updated freeimage packages fix security vulnerability: FreeImage is vulnerable to an integer overflow in PluginPCX.cpp, making the PCX loader vulnerable to malicious images with a bad window specification CVE-2015-0852. Moreover, FreeImage was built in Mageia against a number of bundled libraries...
RHEL 7 : kernel-rt (RHSA-2015:1565)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2015:1565 advisory. - kernel: netfilter connection tracking extensions denial of service CVE-2014-9715 - kernel: execution in the early microcode loader...
kernel: execution in the early microcode loader
A stack-based buffer overflow flaw was found in the Linux kernel's early load microcode functionality. On a system with UEFI Secure Boot enabled, a local, privileged user could use this flaw to increase their privileges to the kernel ring0 level, bypassing intended restrictions in place...
kernel: execution in the early microcode loader
A stack-based buffer overflow flaw was found in the Linux kernel's early load microcode functionality. On a system with UEFI Secure Boot enabled, a local, privileged user could use this flaw to increase their privileges to the kernel ring0 level, bypassing intended restrictions in place...
Google Chrome Blink Security Bypass Vulnerability (CNVD-2015-04879)
Blink is the United States Google Google Inc. and Norway Opens Opera Software company jointly developed a set of browser layout engine rendering engine. A security vulnerability exists in the core/loader/ImageLoader.cpp file in Blink, as used in Google Chrome versions prior to 44.0.2403.89, which...
Design/Logic Flaw
core/loader/ImageLoader.cpp in Blink, as used in Google Chrome before 44.0.2403.89, does not properly determine the V8 context of a microtask, which allows remote attackers to bypass Content Security Policy CSP restrictions by providing an image from an unintended source...
Bartalex Variants Spotted Dropping Pony, Dyre Malware
Some strains of Bartalex malware, a macro-based malware that first surfaced earlier this year, have recently been spotted dropping Pony loader malware and the Dyre banking Trojan. Primarily spread through spam, the first iterations of Bartalex were observed in late March embedded in Microsoft Wor...
Linux Kernel (PonyOS 3.0) - ELF Loader Local Privilege Escalation
Linux Kernel PonyOS 3.0 - ELF Loader Local Privilege Escalation Exploit Title: PonyOS = 3.0 ELF loader privilege escalation Google Dork: if applicable Date: 29th May 2015 Exploit Author: Hacker Fantastic Vendor Homepage: www.ponyos.org Software Link: download link if available Version: 3.0 Tested...
Linux Kernel (PonyOS 3.0) - ELF Loader Local Privilege Escalation
Exploit Title: PonyOS = 3.0 ELF loader privilege escalation Google Dork: if applicable Date: 29th May 2015 Exploit Author: Hacker Fantastic Vendor Homepage: www.ponyos.org Software Link: download link if available Version: 3.0 Tested on: 3.0 CVE : N/A Source:...
[USN-2590-1] Linux kernel vulnerabilities
========================================================================== Ubuntu Security Notice USN-2590-1 April 30, 2015 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
Ubuntu: Security Advisory (USN-2589-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-2588-1)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2588-1 advisory. A stack overflow was discovered in the the microcode loader for the intel x86 platform. A local attacker could exploit this flaw to cause a denial of...
Ubuntu 14.04 LTS : Linux kernel (Utopic HWE) vulnerabilities (USN-2589-1)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2589-1 advisory. Jan Beulich discovered the Xen virtual machine subsystem of the Linux kernel did not properly restrict access to PCI command registers. A local guest use...
Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2587-1)
A stack overflow was discovered in the the microcode loader for the intel x86 platform. A local attacker could exploit this flaw to cause a denial of service kernel crash or to potentially execute code with kernel privileges. CVE-2015-2666 It was discovered that the Linux kernel's IPv6 networking...
Ubuntu 14.10 : linux vulnerabilities (USN-2590-1)
Jan Beulich discovered the Xen virtual machine subsystem of the Linux kernel did not properly restrict access to PCI command registers. A local guest user could exploit this flaw to cause a denial of service host crash. CVE-2015-2150 A stack overflow was discovered in the the microcode loader for...
USN-2590-1: Linux kernel vulnerabilities
Jan Beulich discovered the Xen virtual machine subsystem of the Linux kernel did not properly restrict access to PCI command registers. A local guest user could exploit this flaw to cause a denial of service host crash. CVE-2015-2150 A stack overflow was discovered in the the microcode loader for...
USN-2589-1: Linux kernel (Utopic HWE) vulnerabilities
Jan Beulich discovered the Xen virtual machine subsystem of the Linux kernel did not properly restrict access to PCI command registers. A local guest user could exploit this flaw to cause a denial of service host crash. CVE-2015-2150 A stack overflow was discovered in the the microcode loader for...
USN-2588-1: Linux kernel vulnerabilities
A stack overflow was discovered in the the microcode loader for the intel x86 platform. A local attacker could exploit this flaw to cause a denial of service kernel crash or to potentially execute code with kernel privileges. CVE-2015-2666 It was discovered that the Linux kernel's IPv6 networking...
USN-2588-1 linux vulnerabilities
A stack overflow was discovered in the the microcode loader for the intel x86 platform. A local attacker could exploit this flaw to cause a denial of service kernel crash or to potentially execute code with kernel privileges. CVE-2015-2666 It was discovered that the Linux kernel's IPv6 networking...