Important: Red Hat Security Advisory: kernel-alt security, bug fix, and enhancement update

An update for kernel-alt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

hw: cpu: speculative execution bounds-check bypass

An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions a commonly used performance optimization. There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant...

Unbreakable Enterprise kernel security update

4.1.12-112.16.7 - mlx4: change the ICM table allocations to lowest needed size Daniel Jurgens Orabug: 27718305 - autofs: use dentry flags to block walks during expire Ian Kent Orabug: 26032471 Orabug: 27766149 - autofs races Al Viro Orabug: 27766149 Orabug: 27766149 - crypto: FIPS - allow tests t...

MGASA-2018-0187 Updated kernel packages fix security vulnerabilities

This kernel update is based on the upstream 4.14.30 and fixes at least the following security issues: The KPTI mitigation for Meltdown CVE-2017-5754 on 32bit x86 has been updated to revision 4. A flaw was found in the Linux kernel implementation of 32 bit syscall interface for bridging allowing a...

Updated kernel packages fix security vulnerabilities

This kernel update is based on the upstream 4.14.30 and fixes at least the following security issues: The KPTI mitigation for Meltdown CVE-2017-5754 on 32bit x86 has been updated to revision 4. A flaw was found in the Linux kernel implementation of 32 bit syscall interface for bridging allowing a...

Linux Kernel 4.4.0-116 (Ubuntu 16.04.4) - Local Privilege Escalation Exploit

Exploit for linux platform in category local exploits / Ubuntu 16.04.4 kernel priv esc all credits to @bleidl - vnik / // Tested on: // 4.4.0-116-generic 140-Ubuntu SMP Mon Feb 12 21:23:04 UTC 2018 x8664 // if different kernel adjust CRED offset + check kernel stack size include include include...

Design/Logic Flaw

A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory...

CVE-2018-1068

A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory...

DEBIAN-CVE-2018-1068

A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory...

CVE-2018-1068

A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory...

CVE-2018-1068

A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory...

CVE-2018-1068

A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory...

Important: kernel

Issue Overview: Out-of-bounds write via userland offsets in ebtentry struct in netfilter/ebtables.c: A flaw was found in the Linux kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory. CVE-2018-10...

CVE-2018-1068

A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory...

UBUNTU-CVE-2018-1068

A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory...

hw: cpu: speculative execution bounds-check bypass

An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions a commonly used performance optimization. There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant...

Sudohulk - Try Privilege Escalation Changing Sudo Command

This tool change sudo command, hooking the execve syscall using ptrace, tested under bash and zsh supported architectures: x8664 x86 arm How use: $ make cc -Wall -Wextra -O2 -c -o bin/shremotedata.o src/shremotedata.c cc -Wall -Wextra -O2 -c -o bin/shstring.o src/shstring.c cc -Wall -Wextra -O2 -...

Scientific Linux Security Update : kernel on SL7.x x86_64 (20180306)

Security Fixes : - Kernel: KVM: MMU potential stack buffer overrun during page walks CVE-2017-12188, Important - Kernel: KVM: debug exception via syscall emulation CVE-2017-7518, Moderate C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if...

Linux kernel denial of service vulnerability (CNVD-2018-06460)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A security vulnerability exists in the 'munlockpagevec' function in the mm/mlock.c file in Linux kernel versions prior to 4.11.4. A local attacker can exploit this...

Kernel: KVM: debug exception via syscall emulation

A flaw was found in the way the Linux KVM module processed the trap flagTF bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exceptionDB being raised in the guest stack. A user/process inside a guest could use this flaw to potentially escalate their privileges insi...