If the vmwgfx driver fails to copy the fence_rep object to userland, it tries to recover by deallocating the (already populated) file descriptor. This is wrong, as the fd gets released via put_unused_fd() which shouldn't be used, as the fd table slot was already populated via the previous call to fd_install(). This leaves userland with a valid fd table entry pointing to a freed file object. The authors use this bug to overwrite a SUID binary with their payload and gain root. Linux kernel versions 4.14-rc1 - 5.17-rc1 are vulnerable. Successfully tested against Ubuntu 22.04.01 with kernel 5.13.12-051312-generic.
6360a81de99a383330c5955ece5414f2f3b254143f1a5b9246e669769aa929fcRed Hat Security Advisory 2022-1373-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.
f57c5b22cef3163af1c33c2e82dbe6b00782a303fe5a5f924bc6584e6a35967bRed Hat Security Advisory 2022-1324-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.
f3f9284cf1bc21bb7a95874ee074c18fe28b6177e869e7d37775b4f41b0f333eRed Hat Security Advisory 2022-1263-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include buffer overflow, code execution, integer overflow, privilege escalation, and use-after-free vulnerabilities.
8099208ae1c6aef8c286b95bb11ce25104d7ea396a4083c6ef51ad9bcd09650aUbuntu Security Notice 5362-1 - Nick Gregory discovered that the Linux kernel incorrectly handled network offload functionality. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Enrico Barberis, Pietro Frigo, Marius Muench, Herbert Bos, and Cristiano Giuffrida discovered that hardware mitigations added by ARM to their processors to address Spectre-BTI were insufficient. A local attacker could potentially use this to expose sensitive information.
15aee9355fdfa4005c244c11432f609c7d439bd4c9e2bb1fc22da50bd8c0cbbdRed Hat Security Advisory 2022-1107-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.
548b5969a215b63408fc1ce2bb76de0939dc126576a8bb0a74acf9244630ce2bRed Hat Security Advisory 2022-1103-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.
cd3da72f66a9d3620802f57598d3a1225d845ad596f9cc707e08f89d7fbccd8cDebian Linux Security Advisory 5092-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
f552af15f42a43d3bd0ed3cf4abd129ea2e3af33a492249e58c49290a8e65d87Red Hat Security Advisory 2022-0958-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.
9beb6e392ff5610d64056a391fbce786ec02c468a9da9985a7ea90ed21f4bcb8Red Hat Security Advisory 2022-0925-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.
f949b1965a1e3b036d9406147fcdb7963214330cbd5427b2f99a92c543ca0fa7Red Hat Security Advisory 2022-0841-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include denial of service, privilege escalation, and use-after-free vulnerabilities.
d8e691511ec95c6712d5b2ac8c7111abb2e3b0ca1e1e4ad849509a36d93009f7Red Hat Security Advisory 2022-0849-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include denial of service, privilege escalation, and use-after-free vulnerabilities.
7d884788b05abd4a2b6a60bc812ed1a5f8309c33180d125e5ddcd7c5c0bcb9eaRed Hat Security Advisory 2022-0851-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.
20936ed56440d9255c743c01f214a0ea6ebb400369bd6f3ef8c893527cab6940Red Hat Security Advisory 2022-0821-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include privilege escalation and use-after-free vulnerabilities.
8f41f8ad52dc356b0e7b8b759a7812d1ffd1da736c34eb2fee4b1469bb8bbcf0Red Hat Security Advisory 2022-0823-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.
2dc0babe89e52b532d1bec806d8732281457a31f2c3a3371bcedc2acf82182e1Red Hat Security Advisory 2022-0820-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.
a6b8233b9ffbe93e159b3cd0ab93db97120972df8603080b6689b78bba054393Red Hat Security Advisory 2022-0825-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service, double free, memory leak, privilege escalation, and use-after-free vulnerabilities.
cd051e2031af30a587c15745a78e420087827cc43e9816ee9464a705769fe3fcRed Hat Security Advisory 2022-0819-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include denial of service, privilege escalation, and use-after-free vulnerabilities.
6c22f59ce55a46e592201df43c337f26bfb2fadec28c6e89b3f37a34c7213005Red Hat Security Advisory 2022-0771-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include denial of service, privilege escalation, and use-after-free vulnerabilities.
1100e18ba1b84b8cfd7bbaf1ce3db0e2cdac4732621c3d5ed4294d5fc7ac6459Red Hat Security Advisory 2022-0772-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include denial of service, privilege escalation, and use-after-free vulnerabilities.
a0f3d2e4a0ded63d5e1dcf00a3df90c792696c4d2327ff8014f42a6c5e93aaafRed Hat Security Advisory 2022-0777-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service, double free, privilege escalation, and use-after-free vulnerabilities.
d7facb8cf9f19a1e1eb19f51fbd133172869386079a759a4c1f247f4bd8a6026Red Hat Security Advisory 2022-0620-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include double free, out of bounds write, privilege escalation, and use-after-free vulnerabilities.
63324cce18db8d1f06bc8d01cde1688dfbe96f1be29a3d711888a743dee833d0Red Hat Security Advisory 2022-0622-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include double free, out of bounds write, privilege escalation, and use-after-free vulnerabilities.
1abf9ccc7a6610c1e2f76510441d10c8276850c7233a64d96784a8a539ab2872Red Hat Security Advisory 2022-0592-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.
309b102eb4c93fc5c0e75351bfa6ae9f099da900cb14257534fb1df97107605fUbuntu Security Notice 5298-1 - It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. J
09c5b3fccd425392b5367e56e1a647931c3ab62c1011ad7cd2bfc5d674d117af
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed