Apple OS X Yosemite - 'flow_divert-heap-overflow' Kernel Panic

/ flowdivert-heap-overflow.c Brandon Azad CVE-2016-1827: Kernel heap overflow in the function flowdiverthandleappmapcreate on OS X and iOS. Exploitation requires root privileges. The vulnerability was patched in OS X El Capitan 10.11.5 and iOS 9.3.2. This proof-of-concept triggers a kernel panic ...

Code injection

An issue was discovered in EMC ScaleIO versions before 2.0.1.1. A low-privileged local attacker may cause a denial-of-service by generating a kernel panic in the SCINI driver using IOCTL calls which may render the ScaleIO Data Client SDC server unavailable until the next reboot...

CVE-2016-9868

An issue was discovered in EMC ScaleIO versions before 2.0.1.1. A low-privileged local attacker may cause a denial-of-service by generating a kernel panic in the SCINI driver using IOCTL calls which may render the ScaleIO Data Client SDC server unavailable until the next reboot...

CVE-2016-9868

An issue was discovered in EMC ScaleIO versions before 2.0.1.1. A low-privileged local attacker may cause a denial-of-service by generating a kernel panic in the SCINI driver using IOCTL calls which may render the ScaleIO Data Client SDC server unavailable until the next reboot...

Security update for xen (important)

This updates xen to version 4.4.406 to fix the following issues: - An unprivileged user in a guest could gain guest could escalate privilege to that of the guest kernel, if it had could invoke the instruction emulator. Only 64-bit x86 HVM guest were affected. Linux guest have not been vulnerable...

Product update: Virtuozzo 7.0 Update 3

The new packages for Virtuozzo 7.0 introducing new features and bug fixes. Vulnerability id: PSBM-56838 Kernel panic when creating ploops on NVMe devices. Vulnerability id: PSBM-56668 HWIDs could not be obtained for SGI UV 1000 nodes. Vulnerability id: PSBM-56667 vzlicview could incorrectly detec...

CVE-2016-9031

An exploitable integer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFSADDENTRIES when dealing with 32-bit file systems. An attacker can craft an input that can cause a kernel panic and...

CVE-2016-9031

An exploitable integer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFSADDENTRIES when dealing with 32-bit file systems. An attacker can craft an input that can cause a kernel panic and...

CVE-2016-8733

An exploitable integer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFSADDENTRIES when dealing with native file systems. An attacker can craft an input that can cause a kernel panic and...

Integer overflow

An exploitable integer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFSADDENTRIES when dealing with native file systems. An attacker can craft an input that can cause a kernel panic and...

Integer overflow

An exploitable integer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFSADDENTRIES when dealing with 32-bit file systems. An attacker can craft an input that can cause a kernel panic and...

CVE-2016-8733

An exploitable integer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFSADDENTRIES when dealing with native file systems. An attacker can craft an input that can cause a kernel panic and...

CVE-2016-9031

An exploitable integer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFSADDENTRIES when dealing with 32-bit file systems. An attacker can craft an input that can cause a kernel panic and...

CVE-2016-9031

Affected: Joyent SmartOS Hyprlofs IOCTL path. Vulnerability in HYPRLOFS_ADD_ENTRIES (32-bit/native path) where user-supplied length is cast from unsigned to signed, bypassing length checks and causing a large allocation, leading to NULL-page write and potential privilege escalation. Impact: kerne...

CVE-2016-8733

CVE-2016-8733 concerns Joyent SmartOS, specifically the Hyprlofs file system. The vulnerability resides in the Ioctl handling path for HYPRLOFS_ADD_ENTRIES when dealing with native/file-system data models. A user-supplied length (an unsigned integer) is cast to a signed int, bypassing an upper bo...

CVE-2016-8733

An exploitable integer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFSADDENTRIES when dealing with native file systems. An attacker can craft an input that can cause a kernel panic and...

PT-2016-7557 · Joyent · Smartos

Name of the Vulnerable Software and Affected Versions: Joyent SmartOS version 20161110T013148Z Description: An integer overflow issue exists in the Hyprlofs file system, specifically in the Ioctl system call with the command HYPRLOFS ADD ENTRIES when handling native file systems. This can be...

PT-2016-7624 · Joyent · Smartos

Name of the Vulnerable Software and Affected Versions: Joyent SmartOS version 20161110T013148Z Description: An integer overflow exists in the Hyprlofs file system, specifically in the Ioctl system call with the command HYPRLOFS ADD ENTRIES when handling 32-bit file systems. This can cause a kerne...

Joyent SmartOS Hyprlofs FS IOCTL Native File System Integer Overflow Privilege Escalation Vulnerability

Summary An exploitable integer overflow exists in the Joyent SmartOS OS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFSADDENTRIES when dealing with native file systems. An attacker can craft an input that can cause a kernel...

[ASA-201612-14] linux-zen: denial of service

Arch Linux Security Advisory ASA-201612-14 ========================================== Severity: High Date : 2016-12-12 CVE-ID : CVE-2016-9919 Package : linux-zen Type : denial of service Remote : Yes Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package linux-zen before...