CVE-2014-3687

The sctpassoclookupasconfack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service panic via duplicate ASCONF chunks that trigger an incorrect uncork within the side-effect interpreter...

RHEL 6 : kernel (RHSA-2014:1365)

Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 6.4 Extended Update Support. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...

RHEL 6 : kernel (RHSA-2013:0662)

Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 6.3 Extended Update Support. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, whi...

Minix 3.3.0 - Local Denial of Service (PoC)

Exploit Title: MINIX 3.3.0 Local Denial of Service Exploit Author: nitr0us Vendor Homepage: www.minix3.org Software Link: http://www.minix3.org/download/index.html Version: 3.3.0 Tested on: MINIX 3.3.0 x86 Attached three PoCs malformed ELFs and a screenshot of the panic...

MINIX 3.3.0 Local Denial of Service PoC

Exploit for linux platform in category dos / poc Exploit Title: MINIX 3.3.0 Local Denial of Service Exploit Author: nitr0us Vendor Homepage: www.minix3.org Software Link: http://www.minix3.org/download/index.html Version: 3.3.0 Tested on: MINIX 3.3.0 x86 Attached three PoCs malformed ELFs and a...

Ubuntu: Security Advisory (USN-2395-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2394-1)

Nadav Amit reported that the KVM Kernel Virtual Machine mishandles noncanonical addresses when emulating instructions that change the rip Instruction Pointer. A guest user with access to I/O or the MMIO can use this flaw to cause a denial of service system crash of the guest. CVE-2014-3647 A flaw...

Debian: Security Advisory (DSA-3060-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OpenBSD <= 5.5 Local Kernel Panic

OpenBSD = 5.5 All architectures is prone to a local DoS condition by triggering a kernel panic through a malformed ELF executable. A patch has been released to address this issue. See "013 Reliability Fix" at: http://www.openbsd.org/errata55.html013kernexec More details and PoC code:...

OpenBSD 5.5 - Local Kernel Panic (Denial of Service)

OpenBSD 5.5 - Local Kernel Panic Denial of Service / tenochtitlan.c OpenBSD include include include include include include include include ifndef OpenBSD error "Not an OpenBSD system !!!1111"; else include endif ifndef i386 error "Not an i386 system !!!1111"; endif // In Aztec mythology,...

OpenBSD 5.5 - Local Kernel Panic (Denial of Service)

/ tenochtitlan.c OpenBSD include include include include include include include include ifndef OpenBSD error "Not an OpenBSD system !!!1111"; else include endif ifndef i386 error "Not an i386 system !!!1111"; endif // In Aztec mythology, Huitzilopochtli, was a god of war, a sun god, // the patro...

OpenBSD 5.5 Local Kernel Panic Exploit

OpenBSD versions 5.5 and below local kernel panic proof of concept exploit for i386...

SuSE 11.3 Security Update : Xen (SAT Patch Number 9828)

The SUSE Linux Enterprise 11 Service Pack 3 Xen package was updated to fix various bugs and security issues. The following security issues have been fixed : - XSA-108: CVE-2014-7188: Improper MSR range used for x2APIC emulation. bnc897657 - XSA-106: CVE-2014-7156: Missing privilege level checks i...

CVE-2014-7283

The xfsda3fixhashpath function in fs/xfs/xfsdabtree.c in the xfs implementation in the Linux kernel before 3.14.2 does not properly compare btree hash values, which allows local users to cause a denial of service filesystem corruption, and OOPS or panic via operations on directories that have has...

CVE-2014-7283

The xfsda3fixhashpath function in fs/xfs/xfsdabtree.c in the xfs implementation in the Linux kernel before 3.14.2 does not properly compare btree hash values, which allows local users to cause a denial of service filesystem corruption, and OOPS or panic via operations on directories that have has...

Ubuntu 12.04 LTS : linux vulnerabilities (USN-2376-1)

Steven Vittitoe reported multiple stack buffer overflows in Linux kernel's magicmouse HID driver. A physically proximate attacker could exploit this flaw to cause a denial of service system crash or possibly execute arbitrary code via specially crafted devices. CVE-2014-3181 Ben Hawkes reported...

Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-2379-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2379-1 advisory. Steven Vittitoe reported multiple stack buffer overflows in Linux kernel's magicmouse HID driver. A physically proximate attacker could exploit this flaw...

openSUSE Security Update : xen (openSUSE-SU-2014:1279-1)

XEN was updated to fix various bugs and security issues. Security issues fixed : - bnc897657 - CVE-2014-7188: XSA-108 Improper MSR range used for x2APIC emulation - bnc895802 - CVE-2014-7156: XSA-106: Missing privilege level checks in x86 emulation of software interrupts - bnc895799 -...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 6.4 Extended Update Support. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...

Buffer overflow

Buffer overflow in net/ceph/authx.c in Ceph, as used in the Linux kernel before 3.16.3, allows remote attackers to cause a denial of service memory corruption and panic or possibly have unspecified other impact via a long unencrypted auth ticket...