Lucene search
K

18 matches found

Prion
Prion
added 2022/01/26 2:15 p.m.39 views

Double free

A double free bug in packetsetring in net/packet/afpacket.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a9755...

7.2CVSS7AI score0.05918EPSS
Exploits2References4Affected Software2
CVE
CVE
added 2022/01/26 12:0 a.m.1187 views

CVE-2021-22600

CVE-2021-22600 is a local kernel vulnerability in the Linux packet migration path. A double-free in packet_set_ring() within net/packet/af_packet.c can be exploited by a local user via crafted syscalls, enabling either denial of service or privilege escalation. Connected sources confirm the under...

7.2CVSS6.8AI score0.05918EPSS
In wildExploits2References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/01/26 12:0 a.m.68 views

CVE-2021-22600

A double free bug in packetsetring in net/packet/afpacket.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a9755 Recent assessments:...

7.2CVSS3.9AI score0.05918EPSS
In wildExploits2References5
RedHat Linux
RedHat Linux
added 2020/10/26 11:16 a.m.85 views

Important: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

7.8CVSS6.7AI score0.01308EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2020/10/26 11:16 a.m.7 views

kernel: memory corruption in net/packet/af_packet.c leads to elevation of privilege

A flaw was found in the Linux kernel. Memory corruption can be exploited to gain root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

7.8CVSS7AI score0.01308EPSS
Exploits1References6
Cvelist
Cvelist
added 2020/06/03 2:43 a.m.31 views

CVE-2019-20812

An issue was discovered in the Linux kernel before 5.4.7. The prbcalcretireblktmo function in net/packet/afpacket.c can result in a denial of service CPU consumption and soft lockup in a certain failure case involving TPACKETV3, aka CID-b43d1f9f7067...

5.8AI score0.0044EPSS
Exploits0References5
Packet Storm
Packet Storm
added 2018/05/17 12:0 a.m.202 views

AF_PACKET packet_set_ring Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'AFPACKET packetsetring Privilege Escalation', 'Description' = %q This module exploits a heap-out-of-bounds write in the packetsetring function in...

7.2CVSS0.6AI score0.17827EPSS
Exploits17
Tenable Nessus
Tenable Nessus
added 2018/03/01 12:0 a.m.38 views

SUSE SLES12 Security Update : kernel (SUSE-SU-2018:0562-1)

This update for the Linux Kernel 3.12.61-52119 fixes several issues. The following security issue was fixed : - CVE-2017-15649: net/packet/afpacket.c in the Linux kernel allowed local users to gain privileges via crafted system calls that trigger mishandling of packetfanout data structures, becau...

7.8CVSS6.6AI score0.0097EPSS
Exploits4References5
Tenable Nessus
Tenable Nessus
added 2018/01/29 12:0 a.m.31 views

SUSE SLES12 Security Update : kernel (SUSE-SU-2018:0233-1)

This update for the Linux Kernel 3.12.61-52111 fixes one issue. The following security issue was fixed : - CVE-2017-15649: net/packet/afpacket.c in the Linux kernel allowed local users to gain privileges via crafted system calls that trigger mishandling of packetfanout data structures, because of...

7.8CVSS6.5AI score0.0097EPSS
Exploits4References5
Tenable Nessus
Tenable Nessus
added 2017/12/15 12:0 a.m.56 views

SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3315-1)

This update for the Linux Kernel 3.12.61-52106 fixes several issues. The following security issue was fixed : - CVE-2017-15649: net/packet/afpacket.c in the Linux kernel allowed local users to gain privileges via crafted system calls that trigger mishandling of packetfanout data structures, becau...

7.8CVSS6.6AI score0.0097EPSS
Exploits4References6
Tenable Nessus
Tenable Nessus
added 2017/12/15 12:0 a.m.29 views

SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3307-1)

This update for the Linux Kernel 3.12.61-52101 fixes several issues. The following security issues were fixed : - CVE-2017-16939: The XFRM dump policy implementation in net/xfrm/xfrmuser.c allowed local users to gain privileges or cause a denial of service use-after-free via a crafted SORCVBUF...

7.8CVSS6.5AI score0.0215EPSS
Exploits7References8
Tenable Nessus
Tenable Nessus
added 2017/11/30 12:0 a.m.37 views

SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3124-1) (KRACK)

This update for the Linux Kernel 3.12.67-606421 fixes several issues. The following security issues were fixed : - CVE-2017-15649: net/packet/afpacket.c in the Linux kernel allowed local users to gain privileges via crafted system calls that trigger mishandling of packetfanout data structures,...

7.8CVSS7.1AI score0.02285EPSS
Exploits4References10
Tenable Nessus
Tenable Nessus
added 2017/10/30 12:0 a.m.260 views

openSUSE Security Update : the Linux Kernel (openSUSE-2017-1224) (KRACK)

The openSUSE Leap 42.2 kernel was updated to 4.4.92 to receive various security and bugfixes. The following security bugs were fixed : - CVE-2017-13080: Wi-Fi Protected Access WPA and WPA2 allowed reinstallation of the Group Temporal Key GTK during the group key handshake, allowing an attacker...

7.8CVSS7.4AI score0.02285EPSS
Exploits4References39
OPENSUSE Linux
OPENSUSE Linux
added 2017/10/25 3:7 p.m.544 views

Security update for the Linux Kernel (important)

The openSUSE Leap 42.3 kernel was updated to 4.4.92 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-13080: Wi-Fi Protected Access WPA and WPA2 allowed reinstallation of the Group Temporal Key GTK during the group key handshake, allowing an attacker...

6.9CVSS8.4AI score0.02285EPSS
Exploits4References63
myhack58
myhack58
added 2016/12/15 12:0 a.m.60 views

UCloud-201612-002: Linux kernel through kill to mention the right vulnerability Security Alert-vulnerability warning-the black bar safety net

Dear UCloud users: The Linux kernel is proof of the presence of conditions of competition of high-risk vulnerabilities, exploit the vulnerability from low rights processes executing kernel code, harm the serious. Please check you are using the kernel is in the affected range, and timely upgrades...

7.2CVSS0.6AI score0.11127EPSS
Exploits16
Slackware Linux
Slackware Linux
added 2016/12/12 11:10 p.m.59 views

[slackware-security] kernel

New kernel packages are available for Slackware 14.2 and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/linux-4.4.38/: Upgraded. This kernel fixes a security issue with a race condition in net/packet/afpacket.c that can be exploited to...

7.8CVSS8.2AI score0.11127EPSS
Exploits16
Prion
Prion
added 2016/12/08 8:59 a.m.28 views

Race condition

Race condition in net/packet/afpacket.c in the Linux kernel through 4.8.12 allows local users to gain privileges or cause a denial of service use-after-free by leveraging the CAPNETRAW capability to change a socket version, related to the packetsetring and packetsetsockopt functions...

7.2CVSS7.1AI score0.11127EPSS
Exploits16References34Affected Software2
Prion
Prion
added 2014/01/06 4:55 p.m.25 views

Information disclosure

The packetrecvmsg function in net/packet/afpacket.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel memory via a 1 recvfrom, 2 recvmmsg, or...

4.9CVSS5.6AI score0.0048EPSS
Exploits0References20Affected Software1
Rows per page
Query Builder