what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 13 of 13 RSS Feed

CVE-2021-3679

Status Candidate

Overview

A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.

Related Files

Ubuntu Security Notice USN-5299-1
Posted Feb 22, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5299-1 - Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation could reassemble mixed encrypted and plaintext fragments. A physically proximate attacker could possibly use this issue to inject packets or exfiltrate selected fragments. It was discovered that the bluetooth subsystem in the Linux kernel did not properly perform access control. An authenticated attacker could possibly use this to expose sensitive information.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2020-26147, CVE-2021-28972, CVE-2021-33034, CVE-2021-34693, CVE-2021-3483, CVE-2021-3564, CVE-2021-3612, CVE-2021-3679, CVE-2021-38204, CVE-2021-42008, CVE-2021-45485
SHA-256 | d8a0dffe787d4a58d1bd2849d246c1906fbde64a802ac79bc4262f763d9501ef
ETS5 Password Recovery Tool
Posted Dec 8, 2021
Authored by Robert Guetzkow | Site github.com

ETS Password Recovery Tool allows you to recover passwords for an ETS5 project. This is due to a significant design flaw as ETS5 uses a hard-coded password and salt to encrypt the project information.

tags | exploit, tool
advisories | CVE-2021-36799
SHA-256 | 0048a6e24d48b891df1f28e478108b0b90ea12cdd365263f7c2eb9e5b2dbed3f
Ubuntu Security Notice USN-5115-1
Posted Oct 21, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5115-1 - It was discovered that a race condition existed in the Atheros Ath9k WiFi driver in the Linux kernel. An attacker could possibly use this to expose sensitive information. Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk discovered that the BPF verifier in the Linux kernel missed possible mispredicted branches due to type confusion, allowing a side-channel attack. An attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2020-3702, CVE-2021-33624, CVE-2021-34556, CVE-2021-35477, CVE-2021-3679, CVE-2021-37159, CVE-2021-3732, CVE-2021-3739, CVE-2021-3743, CVE-2021-3753, CVE-2021-3759, CVE-2021-38166, CVE-2021-38204, CVE-2021-38205, CVE-2021-40490, CVE-2021-42008
SHA-256 | 123e5f4aa3de879d935abfb080a9134445af106fa262a01d71265623b346525a
Ubuntu Security Notice USN-5092-3
Posted Oct 19, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5092-3 - USN-5092-2 fixed vulnerabilities in Linux 5.11-based kernels. Unfortunately, for Linux kernels intended for use within Microsoft Azure environments, that update introduced a regression that could cause the kernel to fail to boot in large Azure instance types. This update fixes the problem. Various other issues were also addressed.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-33624, CVE-2021-34556, CVE-2021-35477, CVE-2021-3679, CVE-2021-37159, CVE-2021-37576, CVE-2021-38160, CVE-2021-38199, CVE-2021-38201, CVE-2021-38204, CVE-2021-38205, CVE-2021-41073
SHA-256 | 2f8462834b9c412b2c94caea0415569d6a8d0a25ce4c553b1643bb9766389a30
Ubuntu Security Notice USN-5091-3
Posted Oct 15, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5091-3 - USN-5091-1 fixed vulnerabilities in Linux 5.4-based kernels. Unfortunately, for Linux kernels intended for use within Microsoft Azure environments, that update introduced a regression that could cause the kernel to fail to boot in large Azure instance types. This update fixes the problem. Various other issues were also addressed.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-33624, CVE-2021-3679, CVE-2021-37576, CVE-2021-38160, CVE-2021-38199, CVE-2021-38204
SHA-256 | 24c408984ea4c4c10e651302744cddabd5b13c5cce9576cf919599003f060a83
Ubuntu Security Notice USN-5094-2
Posted Oct 1, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5094-2 - It was discovered that the KVM hypervisor implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. An attacker who could start and control a VM could possibly use this to expose sensitive information or execute arbitrary code. It was discovered that the tracing subsystem in the Linux kernel did not properly keep track of per-cpu ring buffer state. A privileged attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2021-22543, CVE-2021-3679, CVE-2021-3732, CVE-2021-38204, CVE-2021-38205
SHA-256 | d31622e283cd38f8cb186bd7afe5560894a41bd02dd928f9715cafc78b2e7e09
Ubuntu Security Notice USN-5091-2
Posted Oct 1, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5091-2 - Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk discovered that the BPF verifier in the Linux kernel missed possible mispredicted branches due to type confusion, allowing a side-channel attack. An attacker could use this to expose sensitive information. It was discovered that the tracing subsystem in the Linux kernel did not properly keep track of per-cpu ring buffer state. A privileged attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel
systems | linux, ubuntu
advisories | CVE-2021-33624, CVE-2021-3679, CVE-2021-38160, CVE-2021-38199, CVE-2021-38204
SHA-256 | 8a8a2e75ddbcda95809cae2b0daa43ffa458f1fb2f6eba2572ac767c9100c9b1
Ubuntu Security Notice USN-5096-1
Posted Sep 30, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5096-1 - Valentina Palmiotti discovered that the io_uring subsystem in the Linux kernel could be coerced to free adjacent memory. A local attacker could use this to execute arbitrary code. Benedict Schlueter discovered that the BPF subsystem in the Linux kernel did not properly protect against Speculative Store Bypass side- channel attacks in some situations. A local attacker could possibly use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-34556, CVE-2021-35477, CVE-2021-3612, CVE-2021-3679, CVE-2021-37159, CVE-2021-3732, CVE-2021-38160, CVE-2021-38166, CVE-2021-38199, CVE-2021-38201, CVE-2021-38202, CVE-2021-38203, CVE-2021-38204, CVE-2021-38205, CVE-2021-40490, CVE-2021-41073
SHA-256 | 98f615f379d8346abea7dc65ffd543f999a46dbda2ec8a72bcaac4dbaea40126
Ubuntu Security Notice USN-5092-2
Posted Sep 29, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5092-2 - Valentina Palmiotti discovered that the io_uring subsystem in the Linux kernel could be coerced to free adjacent memory. A local attacker could use this to execute arbitrary code. Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk discovered that the BPF verifier in the Linux kernel missed possible mispredicted branches due to type confusion, allowing a side-channel attack. An attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-33624, CVE-2021-34556, CVE-2021-35477, CVE-2021-3679, CVE-2021-37159, CVE-2021-37576, CVE-2021-38160, CVE-2021-38199, CVE-2021-38201, CVE-2021-38204, CVE-2021-38205, CVE-2021-41073
SHA-256 | fe6e6f7b890fe9c454e6d8b6981a93e9900e3e12cc8de38080233a23b6f9f395
Ubuntu Security Notice USN-5094-1
Posted Sep 29, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5094-1 - It was discovered that the KVM hypervisor implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. An attacker who could start and control a VM could possibly use this to expose sensitive information or execute arbitrary code. It was discovered that the tracing subsystem in the Linux kernel did not properly keep track of per-cpu ring buffer state. A privileged attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2021-22543, CVE-2021-3679, CVE-2021-3732, CVE-2021-37576, CVE-2021-38204, CVE-2021-38205
SHA-256 | 61410dbe4257dd87ae714e3f86a082bb3acae0802b9d7ce2e4fc034d086c4838
Debian Security Advisory 4978-1
Posted Sep 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4978-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2020-16119, CVE-2020-3702, CVE-2021-3653, CVE-2021-3656, CVE-2021-3679, CVE-2021-3732, CVE-2021-3739, CVE-2021-3743, CVE-2021-3753, CVE-2021-37576, CVE-2021-38160, CVE-2021-38166, CVE-2021-38199, CVE-2021-40490
SHA-256 | 58e6e00aeccd2d98b5f0fbd9438d9ad7fea0354cd2d4fc6a894c0d2ecc5f5d7f
Ubuntu Security Notice USN-5092-1
Posted Sep 28, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5092-1 - Valentina Palmiotti discovered that the io_uring subsystem in the Linux kernel could be coerced to free adjacent memory. A local attacker could use this to execute arbitrary code. Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk discovered that the BPF verifier in the Linux kernel missed possible mispredicted branches due to type confusion, allowing a side-channel attack. An attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-33624, CVE-2021-34556, CVE-2021-35477, CVE-2021-3679, CVE-2021-37159, CVE-2021-37576, CVE-2021-38160, CVE-2021-38199, CVE-2021-38201, CVE-2021-38204, CVE-2021-38205, CVE-2021-41073
SHA-256 | ebcf129926760acf6a8d3e98fe23c9b1ac0c8a4d82db537ed58774cee102bccf
Ubuntu Security Notice USN-5091-1
Posted Sep 28, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5091-1 - Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk discovered that the BPF verifier in the Linux kernel missed possible mispredicted branches due to type confusion, allowing a side-channel attack. An attacker could use this to expose sensitive information. It was discovered that the tracing subsystem in the Linux kernel did not properly keep track of per-cpu ring buffer state. A privileged attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel
systems | linux, ubuntu
advisories | CVE-2021-33624, CVE-2021-3679, CVE-2021-37576, CVE-2021-38160, CVE-2021-38199, CVE-2021-38204
SHA-256 | e091ef36b1fd7e00cec219aaafc4dbf41a9c32a20d118dea6371229fe281294a
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close