130 matches found
CVE-2016-7117
Use-after-free vulnerability in the sysrecvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing...
CVE-2016-7117
Use-after-free vulnerability in the sysrecvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing...
The vulnerability of the Linux operating system allows a malicious individual to gain access to confidential information from the kernel’s memory.
A local user can access the kernel memory due to information leakage during the execution of system calls recvmmsg and recvmsg...
The vulnerability of the Linux operating system, which allows a malicious individual to increase their privileges
The compatsysrecvmmsg function in the net/compat.c file, with the configuration CONFIGX86X32, allows a malicious individual to increase their privileges through the system call recvmmsg...
PT-2016-7227 · Linux +4 · Linux Kernel +4
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.5.2 Description: The issue is related to a use-after-free vulnerability in the sys recvmmsg function, located in the net/socket.c file of the Linux kernel. This vulnerability can be exploited by remote attacke...
Linux 3.4+ - Arbitrary write with CONFIG_X86_X32
No description provided by source. / Local root exploit for CVE-2014-0038. https://raw.github.com/saelo/cve-2014-0038/master/timeoutpwn.c Bug: The X86X32 recvmmsg syscall does not properly sanitize the timeout pointer passed from userspace. Exploit primitive: Pass a pointer to a kernel address as...
linux 3.4+ - Local Root (CONFIG_X86_X32=y)
No description provided by source. / ============================== recvmmsg.c - linux 3.4+ local root CONFIGX86X32=y CVE-2014-0038 / x32 ABI with recvmmsg by rebel @ irc.smashthestack.org ----------------------------------- takes about 13 minutes to run because timeout-tvsec is decremented once...
Linux 3.4+ recvmmsg x32 compat - Proof of Concept
No description provided by source. / PoC trigger for the linux 3.4+ recvmmsg x32 compat bug, based on the manpage https://code.google.com/p/chromium/issues/detail?id=338594 $ while true; do echo $RANDOM /dev/udp/127.0.0.1/1234; sleep 0.25; done / define GNUSOURCE include netinet/ip.h include...
Kernel: net: leakage of uninitialized memory to user-space via recv syscalls
The Linux kernel before 3.12.4 updates certain length values before ensuring that associated data structures have been initialized, which allows local users to obtain sensitive information from kernel stack memory via a 1 recvfrom, 2 recvmmsg, or 3 recvmsg system call, related to net/ipv4/ping.c,...
Ubuntu: Security Advisory (USN-2136-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 12.10 : linux vulnerabilities (USN-2138-1)
Mathy Vanhoef discovered an error in the the way the ath9k driver was handling the BSSID masking. A remote attacker could exploit this error to discover the original MAC address after a spoofing atack. CVE-2013-4579 Andrew Honig reported a flaw in the Linux Kernel's kvmvmioctlcreatevcpu function ...
USN-2141-1: Linux kernel (OMAP4) vulnerabilities
Mathy Vanhoef discovered an error in the the way the ath9k driver was handling the BSSID masking. A remote attacker could exploit this error to discover the original MAC address after a spoofing atack. CVE-2013-4579 Andrew Honig reported a flaw in the Linux Kernel's kvmvmioctlcreatevcpu function ...
Ubuntu Update for linux-ti-omap4 USN-2110-1
Check for the Version of linux-ti-omap4 OpenVAS Vulnerability Test $Id: gbubuntuUSN21101.nasl 7957 2017-12-01 06:40:08Z santu $ Ubuntu Update for linux-ti-omap4 USN-2110-1 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is...
Ubuntu: Security Advisory (USN-2108-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 10.04 LTS : linux vulnerabilities (USN-2107-1)
A flaw was discovered in the Linux kernel's compat ioctls for Adaptec AACRAID scsi raid devices. An unprivileged local user could send administrative commands to these devices potentially compromising the data stored on the device. CVE-2013-6383 mpd reported an information leak in the recvfrom,...
Ubuntu 12.04 LTS : linux vulnerabilities (USN-2109-1)
Vasily Kulikov reported a flaw in the Linux kernel's implementation of ptrace. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory. CVE-2013-2929 Stephan Mueller reported an error in the Linux kernel's ansi cprng random number generator. This flaw...
Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-2108-1)
A flaw was discovered in the Linux kernel's compat ioctls for Adaptec AACRAID scsi raid devices. An unprivileged local user could send administrative commands to these devices potentially compromising the data stored on the device. CVE-2013-6383 mpd reported an information leak in the recvfrom,...
Ubuntu 13.10 : linux vulnerabilities (USN-2117-1)
Saran Neti reported a flaw in the ipv6 UDP Fragmentation Offload UFI in the Linux kernel. A remote attacker could exploit this flaw to cause a denial of service panic. CVE-2013-4563 Mathy Vanhoef discovered an error in the the way the ath9k driver was handling the BSSID masking. A remote attacker...
USN-2108-1: Linux kernel (EC2) vulnerabilities
A flaw was discovered in the Linux kernel's compat ioctls for Adaptec AACRAID scsi raid devices. An unprivileged local user could send administrative commands to these devices potentially compromising the data stored on the device. CVE-2013-6383 mpd reported an information leak in the recvfrom,...
USN-2107-1: Linux kernel vulnerabilities
A flaw was discovered in the Linux kernel's compat ioctls for Adaptec AACRAID scsi raid devices. An unprivileged local user could send administrative commands to these devices potentially compromising the data stored on the device. CVE-2013-6383 mpd reported an information leak in the recvfrom,...