MiracleLinux 4 : kernel-2.6.32-696.16.1.el6 (AXSA:2017-2479:08)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-2479:08 advisory. A race condition issue leading to a use-after-free flaw was found in the way the raw packet sockets are implemented in the Linux kernel networking...

kernel: net/packet: slab-out-of-bounds access in packet_recvmsg()

An out-of-bounds access issue was found in the Linux kernel networking subsystem in the way raw packet sockets AFPACKET used PACKETCOPYTHRESH and mmap operations. A local attacker with CAPNETRAW capability could use this flaw to trigger a buffer overflow resulting in a system crash or privilege...

Privilege Escalation

Linux kernel is vulnerable to privilege escalation. A race condition issue leading to a use-after-free flaw was found in the way the raw packet sockets are implemented in the Linux kernel networking subsystem handling synchronization. A local user able to open a raw packet socket requires the...

Use-After-Free

Linux kernel is vulnerable to privilege escalation. A race condition issue leading to a use-after-free flaw was found in the way the raw packet sockets implementation in the Linux kernel networking subsystem handled synchronization while creating the TPACKETV3 ring buffer. A local user able to op...

kernel: Heap out-of-bounds read in AF_PACKET sockets

A race condition issue was found in the way the raw packet socket implementation in the Linux kernel networking subsystem handled synchronization. A local user able to open a raw packet socket requires the CAPNETRAW capability could use this to waste resources in the kernel's ring buffer or...

Important: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

kernel: Heap out-of-bounds read in AF_PACKET sockets

A race condition issue was found in the way the raw packet socket implementation in the Linux kernel networking subsystem handled synchronization. A local user able to open a raw packet socket requires the CAPNETRAW capability could use this to waste resources in the kernel's ring buffer or...

Virtuozzo 7 : readykernel-patch (VZA-2017-072)

According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - A race condition issue leading to a use-after-free flaw was found in the way the raw packet sockets are implemented ...

kernel, perf, python security update

CentOS Errata and Security Advisory CESA-2017:0386 An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

kernel: Race condition in packet_set_ring leads to use after free

A race condition issue leading to a use-after-free flaw was found in the way the raw packet sockets implementation in the Linux kernel networking subsystem handled synchronization while creating the TPACKETV3 ring buffer. A local user able to open a raw packet socket requires the CAPNETRAW...

Updated kernel-tmb packages fix security vulnerabilities

This update is based on upstream 4.4.39 and fixes at least the following security issues: Due to lack of size checking on ICMP header length, it is possible to cause out-of-bounds read on stack CVE-2016-8399 The TCP stack in the Linux kernel before 4.8.10 mishandles skb truncation, which allows...