HP Security Bulletin HPSBMU03612 1 - Multiple potential security vulnerabilities have been identified with HPE Insight Control (IC) on Windows which could be exploited remotely resulting in Denial of Service (DoS), Unauthorized Access, Cross-site scripting (XSS), Execution of Arbitrary code, Disclosure of Sensitive Information,Remote Code Execution and locally resulting in Cross-site Request Forgery (CSRF). Revision 1 of this advisory.
55b881f2a237e07f9560dcebcf5f78996c72fe03931da60fb9afbd2da087871dHP Security Bulletin HPSBMU03591 1 - Several potential security vulnerabilities have been identified in HPE Server Migration Pack (SMP) on Windows and Linux. The vulnerabilities could be exploited remotely resulting in Denial of Service (DoS). Revision 1 of this advisory.
958138fc11dd9e53ea6b98de78d16ced9c354a2c2997cb0b10965023053cabb7HP Security Bulletin HPSBHF03436 1 - A potential security vulnerability has been identified with certain HP Thin Clients running ThinPro OS. The vulnerability could be exploited exploited locally resulting in elevated privileges. Revision 1 of this advisory.
5695aa787fe5e82c2be6c82f544299746f5ce21e3320dcdf97f877efbdd9c76fRed Hat Security Advisory 2016-0103-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the x86 ISA is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way delivering of benign exceptions such as #DB is handled. A privileged user inside a guest could use this flaw to create denial of service conditions on the host kernel. A use-after-free flaw was found in the way the Linux kernel's key management subsystem handled keyring object reference counting in certain error path of the join_session_keyring() function. A local, unprivileged user could use this flaw to escalate their privileges on the system.
9927db3d6722b1df950202392e8bc511c9d1a2eb779e99e2d270206e4e63aa86Red Hat Security Advisory 2016-0068-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A use-after-free flaw was found in the way the Linux kernel's key management subsystem handled keyring object reference counting in certain error path of the join_session_keyring() function. A local, unprivileged user could use this flaw to escalate their privileges on the system.
a07b4108920a1a2338a16ff91d6e7e04a130bd0cf8a5cba9c45831962774c097Red Hat Security Advisory 2016-0065-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A use-after-free flaw was found in the way the Linux kernel's key management subsystem handled keyring object reference counting in certain error path of the join_session_keyring() function. A local, unprivileged user could use this flaw to escalate their privileges on the system.
e06a6f3cf7b7997f1003f2eab8522a00f4a3ea8980f9362438c772dbe0e2962bRed Hat Security Advisory 2016-0064-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A use-after-free flaw was found in the way the Linux kernel's key management subsystem handled keyring object reference counting in certain error path of the join_session_keyring() function. A local, unprivileged user could use this flaw to escalate their privileges on the system.
55a4411f3400ee4bc51ac2c4135b411e4643233cf8671e676fb7682df32dd5feLinux kernel REFCOUNT overflow / use-after-free in keyrings exploit.
6accf132dc4160f346048e277203e24deea0687a873e81ce785f196eeab60952Ubuntu Security Notice 2870-2 - Yevgeny Pats discovered that the session keyring implementation in the Linux kernel did not properly reference count when joining an existing session keyring. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges.
3610ef605000c04f677c3c4ac488ad8a75ddc8a7baff5d9152f54fa50319c7adDebian Linux Security Advisory 3448-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation or denial-of-service.
92d9dc5f46cce8160c917d742228cd00883eb1fbd5f64a996d9195961e057ce9Ubuntu Security Notice 2872-3 - Yevgeny Pats discovered that the session keyring implementation in the Linux kernel did not properly reference count when joining an existing session keyring. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges.
9b6da8e055e2f01caa06a1153d87be5e9162f671ab52a39caf3ef14ebea7802eUbuntu Security Notice 2872-2 - Yevgeny Pats discovered that the session keyring implementation in the Linux kernel did not properly reference count when joining an existing session keyring. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges.
805d25d03d4d7a875b7f40ab35f3536b5029d72d4aec9d716b6f493b1a27d92eUbuntu Security Notice 2871-2 - Yevgeny Pats discovered that the session keyring implementation in the Linux kernel did not properly reference count when joining an existing session keyring. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges.
eca19f277cd38c12794d7899d8c2cc0f11d038ce2b5f8d8d9a19c24229e1f067Ubuntu Security Notice 2873-1 - Yevgeny Pats discovered that the session keyring implementation in the Linux kernel did not properly reference count when joining an existing session keyring. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges.
61fe9ea0746f597322c3dbefd9178d76b7bf0a86078da7eca28158d2599f1a09Ubuntu Security Notice 2872-1 - Yevgeny Pats discovered that the session keyring implementation in the Linux kernel did not properly reference count when joining an existing session keyring. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges.
17258ba5d0faed5f886e581eac04ac3d1833b2d1a31b5cb0b247284c20b1da67Ubuntu Security Notice 2871-1 - Yevgeny Pats discovered that the session keyring implementation in the Linux kernel did not properly reference count when joining an existing session keyring. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges.
501ed51a6721237df848ea649c0e18ce7f231c00cd6ce10e71e27e1032f404dcUbuntu Security Notice 2870-1 - Yevgeny Pats discovered that the session keyring implementation in the Linux kernel did not properly reference count when joining an existing session keyring. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges.
7437ce6f5bb6fc7b2fdbe2230a7541a45a47a73c0a56ee24515c9445c29dc3e8Linux kernel versions 4.4.1 and below REFCOUNT overflow / use-after free keyrings local root exploit.
ff28a80090cf606fd0d4f578152d8d24cafca71bf951cb58596dc39c575c5aae
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed