Important: kernel

Issue Overview: An issue where a provided address with accessok is not checked was discovered in i915gemexecbuffer2ioctl in drivers/gpu/drm/i915/i915gemexecbuffer.c in the Linux kernel through 4.19.13. A local attacker can craft a malicious IOCTL function call to overwrite arbitrary kernel memory...

CVE-2020-10768

A flaw was found in the prctl function, where it can be used to enable indirect branch speculation after it has been disabled. This call incorrectly reports it as being 'force disabled' when it is not and opens the system to Spectre v2 attacks. The highest threat from this vulnerability is to...

UBUNTU-CVE-2020-10768

A flaw was found in the Linux Kernel before 5.8-rc1 in the prctl function, where it can be used to enable indirect branch speculation after it has been disabled. This call incorrectly reports it as being 'force disabled' when it is not and opens the system to Spectre v2 attacks. The highest threa...

CVE-2020-10768

A flaw was found in the Linux Kernel before 5.8-rc1 in the prctl function, where it can be used to enable indirect branch speculation after it has been disabled. This call incorrectly reports it as being 'force disabled' when it is not and opens the system to Spectre v2 attacks. The highest threa...

Android kernel/sys.c elevation of privilege vulnerability

Android is a cell phone operating system based on the Linux open kernel. A security vulnerability exists in the implementation of the prctlsetvmaanonname function within kernel/sys.c in versions of Android prior to 5.1.1 LMY49F, and 6.0 prior to 2016-01-01, which does not ensure that only one vma...

CVE-2014-3690

arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.17.2 on Intel processors does not ensure that the value in the CR4 control register remains the same after a VM entry, which allows host OS users to kill arbitrary processes or cause a denial of service system disruption by...

CVE-2014-3690

CVE-2014-3690 affects arch/x86/kvm/vmx.c in the Linux kernel’s KVM subsystem on Intel, where the CR4 control register value may not be preserved across VM entries. The vendor-provided details in connected Nessus advisories describe a local attacker with access to /dev/kvm who can kill arbitrary p...

openSUSE Security Update : dbus-1 (openSUSE-SU-2014:1228-1)

DBUS-1 was upgraded to upstream release 1.8. This brings the version of dbus to the latest stable release from an unstable snapshot 1.7.4 that is know to have several regressions - Upstream changes since 1.7.4 : + Security fixes : - Do not accept an extra fd in the padding of a cmsg message, whic...

Linux Kernel 2.6.13 <= 2.6.17.4 - sys_prctl() Local Root Exploit

No description provided by source. // / Local r00t Exploit for: / / Linux Kernel PRCTL Core Dump Handling / / BID 18874 / CVE-2006-2451 / / Kernel 2.6.x = 2.6.13 && 2.6.17.4 / / By: / / - dreyer [email protected] main PoC code / / - RoMaNSoFt [email protected] local root code / / 10.Jul.2006 / //...

Linux Kernel 2.6.13 <= 2.6.17.4 - sys_prctl() Local Root Exploit (3)

No description provided by source. / $Id: raptorprctl.c,v 1.1 2006/07/13 14:21:43 raptor Exp $ raptorprctl.c - Linux 2.6.x suiddumpable vulnerability Copyright c 2006 Marco Ivaldi [email protected] The suiddumpable support in Linux kernel 2.6.13 up to versions before 2.6.17.4, and 2.6.16...

Linux Kernel 2.6.13 <= 2.6.17.4 - prctl() Local Root Exploit (logrotate)

No description provided by source. / $Id: raptorprctl2.c,v 1.3 2006/07/18 13:16:45 raptor Exp $ raptorprctl2.c - Linux 2.6.x suiddumpable2 logrotate Copyright c 2006 Marco Ivaldi [email protected] The suiddumpable support in Linux kernel 2.6.13 up to versions before 2.6.17.4, and 2.6.16 befo...

[oss-security] Re: &#40;Linux kernel&#41; Bug#751417: linux-image-3.2.0-4-5kc-malta: no SIGKILL after prctl&#40;PR_SET_SECCOMP, 1, ...&#41; on MIPS

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 According to the manual page, after calling it with 1 as a second argument, any consecutive system calls other than read, write, exit and sigreturn should result in the delivery of SIGKILL. However, under MIPS any consecutive system call behaves as if...

[oss-security] Re: Bug#751417: linux-image-3.2.0-4-5kc-malta: no SIGKILL after prctl&#40;PR_SET_SECCOMP, 1, ...&#41; on MIPS

On dim., 2014-06-15 at 19:31 +0100, Ben Hutchings wrote: Please can you assign a CVE ID to this bug? Hi Ben, we usually don't assign CVE from our pool for public issues, and I'm especially reluctant here as I don't know if someone else aware of this issue could have assign one. So I'm asking on...

Overflow vulnerability:linux, each version corresponding overflow vulnerability finishing summary(overflow code)-vulnerability warning-the black bar safety net

2.4.17 local kmod 2.4.18 brk brk2 local kmod km. 2 2.4.19 brk brk2 local kmod km. 2 2.4.20 ptrace kmod ptrace-kmod km. 2 brk brk2 2.4.21 km. 2 brk brk2 ptrace ptrace-kmod 2.4.22 km. 2 brk2 brk ptrace ptrace-kmod 2.4.22-1 0 loginx ./ loginx 2.4.23 mremappte 2.4.24 mremappte Uselib24 2.4.25-1...

Linux Kernel &quot;prctl&quot;非法权限增大漏洞

Secunia Advisory:SA20953 Linux内核被报告一个漏洞，这个漏洞可被恶意本地用户操作旁路某些安全限制或潜在获得非法权限。 这个漏洞是由存储器内容更新时的操作不当引起的。这个漏洞可被操作转存存储文件至通常受限目录或潜在获得根特权。 Linux Kernel 2.6.x 升级至版本2.6.17.4。 http://www.kernel.org/...

security flaw

Race condition in Linux kernel 2.6.17.4 and earlier allows local users to gain root privileges by using prctl with PRSETDUMPABLE in a way that causes /proc/self/environ to become setuid root...

CVE-2006-3626

Race condition in Linux kernel 2.6.17.4 and earlier allows local users to gain root privileges by using prctl with PRSETDUMPABLE in a way that causes /proc/self/environ to become setuid root...

Linux Kernel 2.6.13 <= 2.6.17.4 prctl() Local Root Exploit (logrotate)

Exploit for linux platform in category local exploits ====================================================================== Linux Kernel 2.6.13 The suiddumpable support in Linux kernel 2.6.13 up to versions before 2.6.17.4, and 2.6.16 before 2.6.16.24, allows a local user to cause a denial of...

Linux Kernel 2.6.13 2.6.17.4 - logrotate prctl() Local Privilege Escalation

Linux Kernel 2.6.13 2.6.17.4 - logrotate prctl Local Privilege Escalation / $Id: raptorprctl2.c,v 1.3 2006/07/18 13:16:45 raptor Exp $ raptorprctl2.c - Linux 2.6.x suiddumpable2 logrotate Copyright c 2006 Marco Ivaldi The suiddumpable support in Linux kernel 2.6.13 up to versions before 2.6.17.4,...

prctl.sh.txt

!/bin/sh PRCTL local root exp By: Sunix + effected systems 2.6.13 /tmp/getsuid.c include include include include include include include char payload="\nSHELL=/bin/sh\nPATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin\n root chown root.root /tmp/s ; chmod 4777 /tmp/s ; rm -f...