Showing 26 - 28 of 28

Files Date: 2015-02-26 to 2015-02-27

Ubuntu Security Notice USN-2515-1: Posted Feb 26, 2015; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 2515-1 - A flaw was discovered in the Kernel Virtual Machine's (KVM) emulation of the SYSTENTER instruction when the guest OS does not initialize the SYSENTER MSRs. A guest OS user could exploit this flaw to cause a denial of service of the guest OS (crash) or potentially gain privileges on the guest OS. Andy Lutomirski discovered an information leak in the Linux kernel's Thread Local Storage (TLS) implementation allowing users to bypass the espfix to obtain information that could be used to bypass the Address Space Layout Randomization (ASLR) protection mechanism. A local user could exploit this flaw to obtain potentially sensitive information from kernel memory. Various other issues were also addressed.; tags | advisory, denial of service, kernel, local; systems | linux, ubuntu; advisories | CVE-2014-8133, CVE-2014-8160, CVE-2014-8559, CVE-2014-8989, CVE-2014-9419, CVE-2014-9420, CVE-2014-9428, CVE-2014-9529, CVE-2014-9584, CVE-2014-9585, CVE-2014-9683, CVE-2015-0239; SHA-256 | 689a6f122c96b236c5a992bb616f2e866816f6de37648ac2056305f5cc906c16; Download | Favorite | View

Ubuntu Security Notice USN-2513-1: Posted Feb 26, 2015; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 2513-1 - A flaw was discovered in the Kernel Virtual Machine's (KVM) emulation of the SYSTENTER instruction when the guest OS does not initialize the SYSENTER MSRs. A guest OS user could exploit this flaw to cause a denial of service of the guest OS (crash) or potentially gain privileges on the guest OS. A flaw was discovered in the automatic loading of modules in the crypto subsystem of the Linux kernel. A local user could exploit this flaw to load installed kernel modules, increasing the attack surface and potentially using this to gain administrative privileges. Various other issues were also addressed.; tags | advisory, denial of service, kernel, local, cryptography; systems | linux, ubuntu; advisories | CVE-2013-7421, CVE-2014-7970, CVE-2014-8160, CVE-2014-9529, CVE-2014-9584, CVE-2014-9585, CVE-2014-9644, CVE-2015-0239; SHA-256 | 090333da818d9efe2d99255c25d3ee5e595c7a4b7ba306896878f852a2267c18; Download | Favorite | View

Ubuntu Security Notice USN-2514-1: Posted Feb 26, 2015; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 2514-1 - A flaw was discovered in the Kernel Virtual Machine's (KVM) emulation of the SYSTENTER instruction when the guest OS does not initialize the SYSENTER MSRs. A guest OS user could exploit this flaw to cause a denial of service of the guest OS (crash) or potentially gain privileges on the guest OS. A flaw was discovered in the automatic loading of modules in the crypto subsystem of the Linux kernel. A local user could exploit this flaw to load installed kernel modules, increasing the attack surface and potentially using this to gain administrative privileges. Various other issues were also addressed.; tags | advisory, denial of service, kernel, local, cryptography; systems | linux, ubuntu; advisories | CVE-2013-7421, CVE-2014-7970, CVE-2014-8160, CVE-2014-9529, CVE-2014-9584, CVE-2014-9585, CVE-2014-9644, CVE-2015-0239; SHA-256 | 9b92eb86fe4e0614b2c520cbcd7e8f4527aa2adb4f11b3bf6462b6609606805f; Download | Favorite | View

Page 2 of 2 Back 1 2 Next

Top Authors In Last 30 Days