18 matches found
Double free
A double free bug in packetsetring in net/packet/afpacket.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a9755...
CVE-2021-22600
CVE-2021-22600 is a local kernel vulnerability in the Linux packet migration path. A double-free in packet_set_ring() within net/packet/af_packet.c can be exploited by a local user via crafted syscalls, enabling either denial of service or privilege escalation. Connected sources confirm the under...
CVE-2021-22600
A double free bug in packetsetring in net/packet/afpacket.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a9755 Recent assessments:...
Important: Red Hat Security Advisory: kpatch-patch security update
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...
kernel: memory corruption in net/packet/af_packet.c leads to elevation of privilege
A flaw was found in the Linux kernel. Memory corruption can be exploited to gain root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...
CVE-2019-20812
An issue was discovered in the Linux kernel before 5.4.7. The prbcalcretireblktmo function in net/packet/afpacket.c can result in a denial of service CPU consumption and soft lockup in a certain failure case involving TPACKETV3, aka CID-b43d1f9f7067...
AF_PACKET packet_set_ring Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'AFPACKET packetsetring Privilege Escalation', 'Description' = %q This module exploits a heap-out-of-bounds write in the packetsetring function in...
SUSE SLES12 Security Update : kernel (SUSE-SU-2018:0562-1)
This update for the Linux Kernel 3.12.61-52119 fixes several issues. The following security issue was fixed : - CVE-2017-15649: net/packet/afpacket.c in the Linux kernel allowed local users to gain privileges via crafted system calls that trigger mishandling of packetfanout data structures, becau...
SUSE SLES12 Security Update : kernel (SUSE-SU-2018:0233-1)
This update for the Linux Kernel 3.12.61-52111 fixes one issue. The following security issue was fixed : - CVE-2017-15649: net/packet/afpacket.c in the Linux kernel allowed local users to gain privileges via crafted system calls that trigger mishandling of packetfanout data structures, because of...
SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3315-1)
This update for the Linux Kernel 3.12.61-52106 fixes several issues. The following security issue was fixed : - CVE-2017-15649: net/packet/afpacket.c in the Linux kernel allowed local users to gain privileges via crafted system calls that trigger mishandling of packetfanout data structures, becau...
SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3307-1)
This update for the Linux Kernel 3.12.61-52101 fixes several issues. The following security issues were fixed : - CVE-2017-16939: The XFRM dump policy implementation in net/xfrm/xfrmuser.c allowed local users to gain privileges or cause a denial of service use-after-free via a crafted SORCVBUF...
SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3124-1) (KRACK)
This update for the Linux Kernel 3.12.67-606421 fixes several issues. The following security issues were fixed : - CVE-2017-15649: net/packet/afpacket.c in the Linux kernel allowed local users to gain privileges via crafted system calls that trigger mishandling of packetfanout data structures,...
openSUSE Security Update : the Linux Kernel (openSUSE-2017-1224) (KRACK)
The openSUSE Leap 42.2 kernel was updated to 4.4.92 to receive various security and bugfixes. The following security bugs were fixed : - CVE-2017-13080: Wi-Fi Protected Access WPA and WPA2 allowed reinstallation of the Group Temporal Key GTK during the group key handshake, allowing an attacker...
Security update for the Linux Kernel (important)
The openSUSE Leap 42.3 kernel was updated to 4.4.92 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-13080: Wi-Fi Protected Access WPA and WPA2 allowed reinstallation of the Group Temporal Key GTK during the group key handshake, allowing an attacker...
UCloud-201612-002: Linux kernel through kill to mention the right vulnerability Security Alert-vulnerability warning-the black bar safety net
Dear UCloud users: The Linux kernel is proof of the presence of conditions of competition of high-risk vulnerabilities, exploit the vulnerability from low rights processes executing kernel code, harm the serious. Please check you are using the kernel is in the affected range, and timely upgrades...
[slackware-security] kernel
New kernel packages are available for Slackware 14.2 and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/linux-4.4.38/: Upgraded. This kernel fixes a security issue with a race condition in net/packet/afpacket.c that can be exploited to...
Race condition
Race condition in net/packet/afpacket.c in the Linux kernel through 4.8.12 allows local users to gain privileges or cause a denial of service use-after-free by leveraging the CAPNETRAW capability to change a socket version, related to the packetsetring and packetsetsockopt functions...
Information disclosure
The packetrecvmsg function in net/packet/afpacket.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel memory via a 1 recvfrom, 2 recvmmsg, or...