UBUNTU-CVE-2019-15794

Overlayfs in the Linux kernel and shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, both replace vma-vmfile in their mmap handlers. On error the original value is not restored, and the reference is put for the file to which vmfile points. On...

CVE-2016-7389

For the NVIDIA Quadro, NVS, GeForce, and Tesla products, NVIDIA GPU Display Driver on Linux R304 before 304.132, R340 before 340.98, R367 before 367.55, R36193 before 361.93.03, and R370 before 370.28 contains a vulnerability in the kernel mode layer nvidia.ko handler for mmap where improper inpu...

UBUNTU-CVE-2016-7389

For the NVIDIA Quadro, NVS, GeForce, and Tesla products, NVIDIA GPU Display Driver on Linux R304 before 304.132, R340 before 340.98, R367 before 367.55, R36193 before 361.93.03, and R370 before 370.28 contains a vulnerability in the kernel mode layer nvidia.ko handler for mmap where improper inpu...

USN-4068-2 linux-hwe, linux-gcp vulnerabilities

USN-4068-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.04 for Ubuntu 16.04 LTS. Adam Zabrocki discovered that the Intel i915 kernel mode graphics driver in the Linux kern...

Linux/x86_64 - Wget Linux Enumeration Script Shellcode (155 Bytes)

/ LinEnum Linux Enumeration Wget & CHMOD & Run Shellcode Language C & ASM - Linux/x8664 author : Kağan Çapar contact: email protected shellcode len : 155 bytes compilation: gcc -o shellcode shellcode.c test: run ./shellcode description: First, the linenum script is via github with wget command...

Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-4068-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4068-1 advisory. Adam Zabrocki discovered that the Intel i915 kernel mode graphics driver in the Linux kernel did not properly restrict mmap ranges in some situations. A...

The vulnerability of the arch/powerpc/mm/mmu_context_book3s64.c component of the Linux operating system allows a attacker to access memory contents or cause memory corruption in other processes within the system.

The vulnerability of the arch/powerpc/mm/mmucontextbook3s64.c component of the Linux operating system’s kernel a PowerPC microprocessor-based RISC architecture arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to access...

Linux/ARM64 - mmap() + read() stager + execve("/bin/sh", NULL, NULL) Shellcode (60 Bytes

/ Title: Linux/ARM64 - mmap + read stager + execve"/bin/sh", NULL, NULL Shellcode 60 Bytes Date: 2019-06-30 Tested: Ubuntu 16.04 aarch64 Author: Ken Kitahara Compilation: gcc -o loader loader.c ubuntu@ubuntu:/works$ lsbrelease -a No LSB modules are available. Distributor ID: Ubuntu Description:...

CVE-2019-13049

An integer wrap in kernel/sys/syscall.c in ToaruOS 1.10.10 allows users to map arbitrary kernel pages into userland process space via TOARUSYSFUNCMMAP, leading to escalation of privileges...

PT-2019-13096 · Toaruos · Toaruos

Name of the Vulnerable Software and Affected Versions: ToaruOS version 1.10.10 Description: The issue is related to an integer wrap in the kernel/sys/syscall.c file, which allows users to map arbitrary kernel pages into userland process space via the TOARU SYS FUNC MMAP function, leading to...

CVE-2019-12817

arch/powerpc/mm/mmucontextbook3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB. Only a subset of powerpc systems are affected...

DEBIAN-CVE-2019-12817

arch/powerpc/mm/mmucontextbook3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB. Only a subset of powerpc systems are affected...

CVE-2019-12817

arch/powerpc/mm/mmucontextbook3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB. Only a subset of powerpc systems are affected...

UBUNTU-CVE-2019-12817

arch/powerpc/mm/mmucontextbook3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB. Only a subset of powerpc systems are affected...

kernel: lack of check for mmap minimum address in expand_downwards in mm/mmap.c leads to NULL pointer dereferences exploit on non-SMAP platforms

A flaw was found in mmap in the Linux kernel allowing the process to map a null page. This allows attackers to abuse this mechanism to turn null pointer dereferences into workable exploits...

kernel: lack of check for mmap minimum address in expand_downwards in mm/mmap.c leads to NULL pointer dereferences exploit on non-SMAP platforms

A flaw was found in mmap in the Linux kernel allowing the process to map a null page. This allows attackers to abuse this mechanism to turn null pointer dereferences into workable exploits...

Ubuntu 16.04 LTS : AppArmor update (USN-4008-2)

The remote Ubuntu 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4008-2 advisory. USN-4008-1 fixed multiple security issues in the Linux kernel. This update provides the corresponding changes to AppArmor policy for correctly operating under the...

Denial Of Service (DoS)

Linux kernel is vulnerable to denial of serviceDoS attacks. This exists in the resvmaprelease function in mm/hugetlb.c which allows local users to crash the system via a crafted application that makes mmap system calls and has a large pgoff argument to the remapfilepages system call...

EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1510)

According to the version of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - By mmaping a FUSE-backed file onto a process's memory containing command line arguments or environment strings, an attacker can caus...

Denial Of Service (DoS)

kernel-rt is vulnerable to denial of service DoS. The vulnerability exists as mm/shmem.c allows local users to cause a DoS through the mmap system call...