CVE-2016-7389

For the NVIDIA Quadro, NVS, GeForce, and Tesla products, NVIDIA GPU Display Driver on Linux R304 before 304.132, R340 before 340.98, R367 before 367.55, R36193 before 361.93.03, and R370 before 370.28 contains a vulnerability in the kernel mode layer nvidia.ko handler for mmap where improper inpu...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2016-3635)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2016-3635 advisory. - sched: panic on corrupted stack end Jann Horn Orabug: 24971921 CVE-2016-1583 - ecryptfs: forbid opening files without mmap handler Jann Horn Orabug:...

Linux Kernel 2.6.22 3.9 - Dirty COW PTRACE_POKEDATA Race Condition (Write Access Method)

Linux Kernel 2.6.22 3.9 - Dirty COW PTRACEPOKEDATA Race Condition Write Access Method // $ echo pikachu|sudo tee pokeball;ls -l pokeball;gcc -pthread pokemon.c -o d;./d pokeball miltank;cat pokeball include //// pikachu include //// -rw-r--r-- 1 root root 8 Apr 4 12:34 pokeball include ////...

DirtyCow Linux Kernel Race Condition Exploit

Exploit for linux platform in category local exploits / dirtyc0w.c $ sudo -s echo this is not a test foo chmod 0404 foo $ ls -lah foo -r-----r-- 1 root root 19 Oct 20 15:23 foo $ cat foo this is not a test $ gcc -lpthread dirtyc0w.c -o dirtyc0w $ ./dirtyc0w foo m00000000000000000 mmap 56123000...

Internet Bug Bounty: Information disclosure in mmap module - python 2.7.12

First thing first, the report was sent to python's security mailing list on the 27.8.16 and was fixed by benjamin on the 5.10.16 rev 144f10202076, and acknowledged be me today 8.10.16. In a security audit I made to the mmap module in python 2.7.12, I have found a major information leak...

SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2016:2105-1)

The SUSE Linux Enterprise 12 SP1 kernel was updated to 3.12.62 to receive various security and bugfixes. The following security bugs were fixed : - CVE-2014-9904: The sndcompresscheckinput function in sound/core/compressoffload.c in the ALSA subsystem in the Linux kernel did not properly check fo...

Security update for the Linux Kernel (important)

The openSUSE 13.1 kernel was updated to 3.12.62 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2014-9904: The sndcompresscheckinput function in sound/core/compressoffload.c in the ALSA subsystem in the Linux kernel did not properly check for an integer...

Security update for the Linux Kernel (important)

The openSUSE 13.2 kernel was updated to fix various bugs and security issues. The following security bugs were fixed: - CVE-2016-1583: Prevent the usage of mmap when the lower file system does not allow it. This could have lead to local privilege escalation when ecryptfs-utils was installed and...

Linux kernel in a recursive exploit-vulnerability warning-the black bar safety net

6 on 1 Number, I have submitted a linux kernel in any recursion vulnerability. If the installed Ubuntu system when choosing a home directory encryption, the vulnerability to by a local user to trigger. If you want to know the exploit code and a short bit of the vulnerability report, please visit...

CVE-2016-1583

The ecryptfsprivilegedopen function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service stack memory consumption via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling...

DEBIAN-CVE-2016-1583

The ecryptfsprivilegedopen function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service stack memory consumption via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling...

Design/Logic Flaw

The ecryptfsprivilegedopen function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service stack memory consumption via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling...

CVE-2016-1583

CVE-2016-1583 affects the Linux kernel: ecryptfs_privileged_open (fs/ecryptfs/kthread.c) allows a local attacker to gain privileges or cause a denial of service via crafted mmap calls for /proc pathnames, triggering recursive pagefault handling. Affects kernels prior to 4.6.3; patch released in 4...

CVE-2016-1583

The ecryptfsprivilegedopen function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service stack memory consumption via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling...

CVE-2016-1583

The ecryptfsprivilegedopen function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service stack memory consumption via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling...

openSUSE Security Update : the Linux Kernel (openSUSE-2016-753)

The openSUSE Leap 42.1 kernel was updated to 4.1.26 to receive various security and bugfixes. The following security bugs were fixed : - CVE-2016-1583: Prevent the usage of mmap when the lower file system does not allow it. This could have lead to local privilege escalation when ecryptfs-utils wa...

Linux - ecryptfs and /proc/$pid/environ Privilege Escalation

Exploit for linux platform in category local exploits Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=836 Stacking filesystems, including ecryptfs, protect themselves against deep nesting, which would lead to kernel stack overflow, by tracking the recursion depth of filesystems...

SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2016:1596-1)

The SUSE Linux Enterprise 12 GA kernel was updated to fix one security issue. The following security bug was fixed : - CVE-2016-1583: Prevent the usage of mmap when the lower file system does not allow it. This could have lead to local privilege escalation when ecryptfs-utils was installed and...

SUSE: Security Advisory for kernel (SUSE-SU-2016:1596-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-3007-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...