489 matches found
UBUNTU-CVE-2016-8655
Race condition in net/packet/afpacket.c in the Linux kernel through 4.8.12 allows local users to gain privileges or cause a denial of service use-after-free by leveraging the CAPNETRAW capability to change a socket version, related to the packetsetring and packetsetsockopt functions...
PT-2016-2922 · Linux +5 · Linux Kernel +5
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.8.12 Description: The issue exists due to insufficient checking of a resource's state when it can be shared, allowing a local attacker to potentially gain privileges or cause a denial of service use-after-free...
Linux Kernel 4.6.2 (Ubuntu 16.04.1) - IP6T_SO_SET_REPLACE Local Privilege Escalation
Linux Kernel 4.6.2 Ubuntu 16.04.1 - IP6TSOSETREPLACE Local Privilege Escalation Exploit Title: Linux kernel = 4.6.2 - Local Privileges Escalation via IP6TSOSETREPLACE compat setsockopt call Date: 2016.10.8 Exploit Author: Qian Zhang@MarvelTeam Qihoo 360 Version: Linux kernel = 4.6.2 Tested on:...
Linux kernel 4.6.2 - IP6T_SO_SET_REPLACE Privilege Escalation
Exploit for linux platform in category local exploits Exploit Title: Linux kernel = 4.6.2 - Local Privileges Escalation via IP6TSOSETREPLACE compat setsockopt call Date: 2016.10.8 Exploit Author: Qian email protected Qihoo 360 Version: Linux kernel = 4.6.2 Tested on: Ubuntu 16.04.1 LTS Linux...
Linux Kernel 4.6.2 (Ubuntu 16.04.1) - 'IP6T_SO_SET_REPLACE' Local Privilege Escalation
Exploit Title: Linux kernel = 4.6.2 - Local Privileges Escalation via IP6TSOSETREPLACE compat setsockopt call Date: 2016.10.8 Exploit Author: Qian Zhang@MarvelTeam Qihoo 360 Version: Linux kernel = 4.6.2 Tested on: Ubuntu 16.04.1 LTS Linux 4.4.0-21-generic CVE: CVE-2016-4997...
kernel, perf, python security update
CentOS Errata and Security Advisory CESA-2016:1847 An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
kernel: out of bounds reads when processing IPT_SO_SET_REPLACE setsockopt
An out-of-bounds heap memory access leading to a Denial of Service, heap disclosure, or further impact was found in setsockopt. The function call is normally restricted to root, however some processes with capsysadmin may also be able to trigger this flaw in privileged container environments...
kernel: compat IPT_SO_SET_REPLACE setsockopt
A flaw was discovered in processing setsockopt for 32 bit processes on 64 bit systems. This flaw will allow attackers to alter arbitrary kernel memory when unloading a kernel module. This action is usually restricted to root-privileged users but can also be leveraged if the kernel is compiled wit...
kernel: out of bounds reads when processing IPT_SO_SET_REPLACE setsockopt
An out-of-bounds heap memory access leading to a Denial of Service, heap disclosure, or further impact was found in setsockopt. The function call is normally restricted to root, however some processes with capsysadmin may also be able to trigger this flaw in privileged container environments...
kernel: compat IPT_SO_SET_REPLACE setsockopt
A flaw was discovered in processing setsockopt for 32 bit processes on 64 bit systems. This flaw will allow attackers to alter arbitrary kernel memory when unloading a kernel module. This action is usually restricted to root-privileged users but can also be leveraged if the kernel is compiled wit...
kernel: compat IPT_SO_SET_REPLACE setsockopt
A flaw was discovered in processing setsockopt for 32 bit processes on 64 bit systems. This flaw will allow attackers to alter arbitrary kernel memory when unloading a kernel module. This action is usually restricted to root-privileged users but can also be leveraged if the kernel is compiled wit...
kernel: out of bounds reads when processing IPT_SO_SET_REPLACE setsockopt
An out-of-bounds heap memory access leading to a Denial of Service, heap disclosure, or further impact was found in setsockopt. The function call is normally restricted to root, however some processes with capsysadmin may also be able to trigger this flaw in privileged container environments...
CVE-2016-3134
The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gain privileges or cause a denial of service heap memory corruption via an IPTSOSETREPLACE setsockopt call...
Linux netfilter OOB root mention the right vulnerability analysis-vulnerability warning-the black bar safety net
Famous ExploitDatabase website www.exploit-db.com recently posted a netfilter module. the right to the POC, the author is Vitaly Nikolenko on. OOB it! Netfilter is! Meal a sense of curiosity, decision analysis, analysis of process and outcomes to share as follows. 0×0 extraordinaire mention the...
DEBIAN-CVE-2016-4998
The IPTSOSETREPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel before 4.6 allows local users to cause a denial of service out-of-bounds read or possibly obtain sensitive information from kernel heap memory by leveraging in-container root access to provide a crafted...
Memory corruption
The compat IPTSOSETREPLACE and IP6TSOSETREPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before 4.6.3 allow local users to gain privileges or cause a denial of service memory corruption by leveraging in-container root access to provide a crafted offset value that...
Linux kernel 'compat_setsockopt()' function arbitrary code execution vulnerability
The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A security vulnerability exists in the IPTSOSETREPLACE parameter in the 'compatsetsockopt' function of the Linux kernel. A local attacker could exploit this vulnerability to...
Linux kernel denial of service vulnerability (CNVD-2016-04388)
The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel. A local attacker can exploit this vulnerability to cause a denial of service out-of-bounds memory access and system cras...
CVE-2016-4998
An out-of-bounds heap memory access leading to a Denial of Service, heap disclosure, or further impact was found in setsockopt. The function call is normally restricted to root, however some processes with capsysadmin may also be able to trigger this flaw in privileged container environments...
CVE-2016-4997
A flaw was discovered in processing setsockopt for 32 bit processes on 64 bit systems. This flaw will allow attackers to alter arbitrary kernel memory when unloading a kernel module. This action is usually restricted to root-privileged users but can also be leveraged if the kernel is compiled wit...