jasper: incorrect component number check in COC, RGN and QCC marker segment decoders (oCERT-2014-009)

Multiple off-by-one flaws, leading to heap-based buffer overflows, were found in the way JasPer decoded JPEG 2000 files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code...

DEBIAN-CVE-2015-2151

The x86 emulator in Xen 3.2.x through 4.5.x does not properly ignore segment overrides for instructions with register operands, which allows local guest users to obtain sensitive information, cause a denial of service memory corruption, or possibly execute arbitrary code via unspecified vectors...

UBUNTU-CVE-2015-2151

The x86 emulator in Xen 3.2.x through 4.5.x does not properly ignore segment overrides for instructions with register operands, which allows local guest users to obtain sensitive information, cause a denial of service memory corruption, or possibly execute arbitrary code via unspecified vectors...

Linux Kernel IRET Instruction #SS Fault Handling - Crash PoC

Exploit for linux platform in category dos / poc / ---------------------------------------------------------------------------------------------------- cve-2014-9322poc.c arch/x86/kernel/entry64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment ...

Linux Kernel 3.17.5 - IRET Instruction #SS Fault Handling Crash (PoC)

Linux Kernel 3.17.5 - IRET Instruction SS Fault Handling Crash PoC / ---------------------------------------------------------------------------------------------------- cve-2014-9322poc.c arch/x86/kernel/entry64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with...

DEBIAN-CVE-2015-0239

The emsysenter function in arch/x86/kvm/emulate.c in the Linux kernel before 3.18.5, when the guest OS lacks SYSENTER MSR initialization, allows guest OS users to gain guest OS privileges or cause a denial of service guest OS crash by triggering use of a 16-bit code segment for emulation of a...

Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on upstream -longterm 3.14.32 and fixes the following security issues: The microcode on AMD 16h 00h through 0Fh processors does not properly handle the interaction between locked instructions and write-combined memory types, which allows local users to cause a...

USN-2491-1: Linux kernel (EC2) vulnerabilities

Andy Lutomirski discovered that the Linux kernel does not properly handle faults associated with the Stack Segment SS register in the x86 architecture. A local attacker could exploit this flaw to gain administrative privileges. CVE-2014-9322 Lars Bull reported a race condition in the PIT...

CVE-2014-8828

Sandbox in Apple OS X before 10.10 allows attackers to write to the sandbox-profile cache via a sandboxed app that includes a com.apple.sandbox segment in a path...

CVE-2014-4495

The kernel in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 does not enforce the read-only attribute of a shared memory segment during use of a custom cache mode, which allows attackers to bypass intended access restrictions via a crafted app...

ASUS router exposure remote command execution vulnerability-vulnerability warning-the black bar safety net

The ASUS router firmware is detected a serious vulnerability that can be made without the authentication of an attacker in the router to remotely execute any command that could affect the ASUS all versions of the router firmware. Security researcher Joshua Drake in several ASUS router firmware...

kernel: x86: local privesc due to bad_iret and paranoid entry incompatibility

A flaw was found in the way the Linux kernel handled GS segment register base switching when recovering from a SS stack segment fault on an erroneous return to user space. A local, unprivileged user could use this flaw to escalate their privileges on the system...

kernel: x86: local privesc due to bad_iret and paranoid entry incompatibility

A flaw was found in the way the Linux kernel handled GS segment register base switching when recovering from a SS stack segment fault on an erroneous return to user space. A local, unprivileged user could use this flaw to escalate their privileges on the system...

Important: Red Hat Security Advisory: kernel security update

Updated kernel packages that fix one security issue are now available for Red Hat Enterprise Linux 5.6 Long Life. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

kernel: x86: local privesc due to bad_iret and paranoid entry incompatibility

A flaw was found in the way the Linux kernel handled GS segment register base switching when recovering from a SS stack segment fault on an erroneous return to user space. A local, unprivileged user could use this flaw to escalate their privileges on the system...

Important: Red Hat Security Advisory: kernel security update

Updated kernel packages that fix one security issue are now available for Red Hat Enterprise Linux 6.2 Advanced Update Support. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severit...

Ubuntu 14.04 LTS : Linux kernel (Utopic HWE) regression (USN-2447-2)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-2447-2 advisory. USN-2447-1 fixed vulnerabilities in the Linux kernel. Due to an unrelated regression TCP Throughput drops to zero for several drivers after upgrading. This update...

USN-2447-2: Linux kernel (Utopic HWE) regression

USN-2447-1 fixed vulnerabilities in the Linux kernel. Due to an unrelated regression TCP Throughput drops to zero for several drivers after upgrading. This update fixes the problem. We apologize for the inconvenience. Original advisory details: An information leak in the Linux kernel was discover...

USN-2448-2: Linux kernel regression

USN-2448-1 fixed vulnerabilities in the Linux kernel. Due to an unrelated regression TCP Throughput drops to zero for several drivers after upgrading. This update fixes the problem. We apologize for the inconvenience. Original advisory details: An information leak in the Linux kernel was discover...

jasper: incorrect component number check in COC, RGN and QCC marker segment decoders (oCERT-2014-009)

Multiple off-by-one flaws, leading to heap-based buffer overflows, were found in the way JasPer decoded JPEG 2000 files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code...