Red Hat Security Advisory 2014-0771-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's futex subsystem handled the requeuing of certain Priority Inheritance futexes. A local, unprivileged user could use this flaw to escalate their privileges on the system. A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free (using the kfree() function) arbitrary kernel memory. Various other issues were also addressed.
045975b06f49ae62face7f508bfd20413516dac60cbe25c8914c866298aa5808Ubuntu Security Notice 2114-1 - Vasily Kulikov reported a flaw in the Linux kernel's implementation of ptrace. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory. A flaw in the handling of memory regions of the kernel virtual machine (KVM) subsystem was discovered. A local user with the ability to assign a device could exploit this flaw to cause a denial of service (memory consumption). Various other issues were also addressed.
3dd96bdcecedff36b66200fc61b8191fc4d74d8115ff7d0cdf1cdd21795ceabfUbuntu Security Notice 2116-1 - Vasily Kulikov reported a flaw in the Linux kernel's implementation of ptrace. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory. A flaw in the handling of memory regions of the kernel virtual machine (KVM) subsystem was discovered. A local user with the ability to assign a device could exploit this flaw to cause a denial of service (memory consumption). Various other issues were also addressed.
8aca15b11b05d09a1958325ba980f416a42c0236a468d96df6801c4520732d03Ubuntu Security Notice 2115-1 - Vasily Kulikov reported a flaw in the Linux kernel's implementation of ptrace. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory. A flaw in the handling of memory regions of the kernel virtual machine (KVM) subsystem was discovered. A local user with the ability to assign a device could exploit this flaw to cause a denial of service (memory consumption). Various other issues were also addressed.
1a42767751d96e7993524072d8c9e8663893074694d888e64e1cdd957c5fca55Ubuntu Security Notice 2112-1 - Vasily Kulikov reported a flaw in the Linux kernel's implementation of ptrace. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory. Dave Jones and Vince Weaver reported a flaw in the Linux kernel's perf event subsystem that allows normal users to enable function tracing. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from the kernel. Various other issues were also addressed.
6827121f197453ed37d115134dc43ec9451a9e885282143ee7b96c22caae473bUbuntu Security Notice 2111-1 - Vasily Kulikov reported a flaw in the Linux kernel's implementation of ptrace. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory. A flaw in the handling of memory regions of the kernel virtual machine (KVM) subsystem was discovered. A local user with the ability to assign a device could exploit this flaw to cause a denial of service (memory consumption). Various other issues were also addressed.
50735c3f85d8c85b72686bd54e07f574b066e940674b02c2771539fdec2e54f8Red Hat Security Advisory 2014-0100-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's TCP/IP protocol suite implementation handled sending of certain UDP packets over sockets that used the UDP_CORK option when the UDP Fragmentation Offload feature was enabled on the output device. A local, unprivileged user could use this flaw to cause a denial of service or, potentially, escalate their privileges on the system. A flaw was found in the way the perf_trace_event_perm() function in the Linux kernel checked permissions for the function tracer functionality. An unprivileged local user could use this flaw to enable function tracing and cause a denial of service on the system.
727398f9fbb6e96f7d037aef65ed857962d0af32a4a9cdc6be996dd37bd672bcUbuntu Security Notice 2075-1 - Vasily Kulikov reported a flaw in the Linux kernel's implementation of ptrace. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory. Dave Jones and Vince Weaver reported a flaw in the Linux kernel's per event subsystem that allows normal users to enable function tracing. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from the kernel. Various other issues were also addressed.
36e9f98726ff3916e206a9b84d5b8c8816cb7f08e016c1754ed8f67fe870c45dUbuntu Security Notice 2070-1 - Vasily Kulikov reported a flaw in the Linux kernel's implementation of ptrace. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory. Dave Jones and Vince Weaver reported a flaw in the Linux kernel's per event subsystem that allows normal users to enable function tracing. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from the kernel. Various other issues were also addressed.
1f5a40a0caee47f048366ec9a46fede7e05d0e0f8905e9ccb5b8744e93164d0eUbuntu Security Notice 2064-1 - Stephan Mueller reported an error in the Linux kernel's ansi cprng random number generator. This flaw makes it easier for a local attacker to break cryptographic protections. A flaw was discovered in the Linux kernel's IP Virtual Server (IP_VS) support. A local user with the CAP_NET_ADMIN capability could exploit this flaw to gain additional administrative privileges. Nico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's debugfs filesystem. An administrative local user could exploit this flaw to cause a denial of service (OOPS). Various other issues were also addressed.
9c3e9f2c814827e600fc7be7c08689fe9beec31c0d63eab9f40e273c13117877Ubuntu Security Notice 2067-1 - A flaw was discovered in the Linux kernel's dm snapshot facility. A remote authenticated user could exploit this flaw to obtain sensitive information or modify/corrupt data. Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP Fragmentation Offload (UFO). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or possibly gain administrative privileges. Various other issues were also addressed.
f026924acc26aeec8f7f134fa6517d8629dc2787dfd6d43f822b523543fcffd0Ubuntu Security Notice 2065-1 - Stephan Mueller reported an error in the Linux kernel's ansi cprng random number generator. This flaw makes it easier for a local attacker to break cryptographic protections. A flaw was discovered in the Linux kernel's IP Virtual Server (IP_VS) support. A local user with the CAP_NET_ADMIN capability could exploit this flaw to gain additional administrative privileges. Nico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's debugfs filesystem. An administrative local user could exploit this flaw to cause a denial of service (OOPS). Various other issues were also addressed.
ecca3dd977f3d14556b742142ec1bf4b04f66942d3f07a54444555a172a48973Ubuntu Security Notice 2066-1 - A flaw was discovered in the Linux kernel's dm snapshot facility. A remote authenticated user could exploit this flaw to obtain sensitive information or modify/corrupt data. Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP Fragmentation Offload (UFO). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or possibly gain administrative privileges. Various other issues were also addressed.
8c36dcc617fba5e580a95c0a946cd2ed38307f4107c63ecd9381c14a771a9437Mandriva Linux Security Advisory 2013-291 - Multiple vulnerabilities has been found and corrected in the Linux kernel. The Linux kernel before 3.12.2 does not properly use the get_dumpable function, which allows local users to bypass intended ptrace restrictions or obtain sensitive information from IA64 scratch registers via a crafted application, related to kernel/ptrace.c and arch/ia64/include/asm/processor.h. The perf_trace_event_perm function in kernel/trace/trace_event_perf.c in the Linux kernel before 3.12.2 does not properly restrict access to the perf subsystem, which allows local users to enable function tracing via a crafted application. Multiple integer overflows in Alchemy LCD frame-buffer drivers in the Linux kernel before 3.12 allow local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted mmap operations, related to the au1100fb_fb_mmap function in drivers/video/au1100fb.c and the au1200fb_fb_mmap function in drivers/video/au1200fb.c. Various other issues have also been addressed.
e4a9556722b4bee5720cc309bc992b81c4ac568a9f675f7f404694d9b54048e1Mandriva Linux Security Advisory 2013-291 - Multiple vulnerabilities has been found and corrected in the Linux kernel. The Linux kernel before 3.12.2 does not properly use the get_dumpable function, which allows local users to bypass intended ptrace restrictions or obtain sensitive information from IA64 scratch registers via a crafted application, related to kernel/ptrace.c and arch/ia64/include/asm/processor.h. The perf_trace_event_perm function in kernel/trace/trace_event_perf.c in the Linux kernel before 3.12.2 does not properly restrict access to the perf subsystem, which allows local users to enable function tracing via a crafted application. Various other issues have also been addressed.
e4a9556722b4bee5720cc309bc992b81c4ac568a9f675f7f404694d9b54048e1
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed