1072 matches found
USN-3208-1: Linux kernel vulnerabilities
It was discovered that the generic SCSI block layer in the Linux kernel did not properly restrict write operations in certain situations. A local attacker could use this to cause a denial of service system crash or possibly gain administrative privileges. CVE-2016-10088 CAI Qian discovered that t...
Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-3208-1)
The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3208-1 advisory. It was discovered that the generic SCSI block layer in the Linux kernel did not properly restrict write operations in certain situations. A local attacke...
Debian DLA-772-1 : linux security update
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2012-6704, CVE-2016-9793 Eric Dumazet found that a local user with CAPNETADMIN capability could set a socket's buffer size to be negative, leading ...
Linux Kernel 4.4.0 AF_PACKET Race Condition / Privilege Escalation Exploit
Linux AFPACKET race condition exploit for Ubuntu 16.04 x8664. / chocoboroot.c linux AFPACKET race condition exploit exploit for Ubuntu 16.04 x8664 vroom vroom ============================== email protected:$ uname -a Linux ubuntu 4.4.0-51-generic 72-Ubuntu SMP Thu Nov 24 18:29:54 UTC 2016 x8664...
Linux BPF Local Privilege Escalation
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Linux BPF Local Privilege Escalation', 'Description' = %q Linux kernel =4.4 with CONFIGBPFSYSCALL and...
DSA-3659-1 linux - security update
Bulletin has no description...
TCP Flaw in Linux Extends to 80 Percent of Android Devices
Eight out of 10 Android devices are affected by a critical Linux vulnerability disclosed last week that allows attackers to identify hosts communicating over the Transmission Control Protocol TCP and either terminate connections or attack traffic. The flaw has been present in the TCP implementati...
CVE-2016-6213
fs/namespace.c in the Linux kernel before 4.9 does not restrict how many mounts may exist in a mount namespace, which allows local users to cause a denial of service memory consumption and deadlock via MSBIND mount system calls, as demonstrated by a loop that triggers exponential growth in the...
MGASA-2015-0172 Updated kernel-linus package fixes security vulnerabilities
This kernel-linus update is based on upstream -longterm 3.14.39 and fixes the following security issues: It was found that the Linux kernel's Infiniband subsystem did not properly sanitize input parameters while registering memory regions from user space via the uverbs API. A local user with acce...
CVE-2015-2042
net/rds/sysctl.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry...
DEBIAN-CVE-2015-2042
net/rds/sysctl.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry...
CVE-2015-2042
net/rds/sysctl.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry...
DEBIAN-CVE-2015-2041
net/llc/sysctlnetllc.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry...
CVE-2015-2041
net/llc/sysctlnetllc.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry...
CVE-2015-2041
net/llc/sysctlnetllc.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry...
Code injection
net/llc/sysctlnetllc.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry...
Code injection
net/rds/sysctl.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry...
CVE-2015-2041
net/llc/sysctlnetllc.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry...
CVE-2015-2041
CVE-2015-2041 affects Unity Linux kernels (20.1050e/20.1060e/20.1070e) where the Linux kernel before 3.19 contains an error in net/llc/sysctl_net_llc.c using an incorrect data type in a sysctl table. This local information-disclosure flaw allows an unprivileged local user to read potentially sens...
CVE-2015-2041
net/llc/sysctlnetllc.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry...