Red Hat Security Advisory 2017-2801-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable, the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID PIE binary could use this flaw to escalate their privileges on the system.
ba1c030ec21e814f6a1cd612c57efcdf9cf2e048e865ea5156413a3da7884c5fRed Hat Security Advisory 2017-2796-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable, the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID PIE binary could use this flaw to escalate their privileges on the system.
866324fca23747f69de4e8ef9551dad894b102df8aa49be3b5d059c922eb20ddRed Hat Security Advisory 2017-2793-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable, the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID PIE binary could use this flaw to escalate their privileges on the system.
c9fff4891a8921a1d680380df8587c02a6e20f76f5ee7eea18c9a1ddbd6e67beRed Hat Security Advisory 2017-2794-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable, the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID PIE binary could use this flaw to escalate their privileges on the system.
68ea50ab00f02a7b3ff4323f4ecd7472a907b5657bfbe53369a53538c4b95c33Red Hat Security Advisory 2017-2797-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable, the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID PIE binary could use this flaw to escalate their privileges on the system.
f02373e421ca9abcaa1761c1507fde90dcd1950ddf0498eae02ed610189b206fRed Hat Security Advisory 2017-2798-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable, the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID PIE binary could use this flaw to escalate their privileges on the system.
40f9f08efc1c1976c5e55dfb0092643a2f5f1f194edeff4cc6addf135da1cbddGentoo Linux Security Advisory 201709-27 - Multiple vulnerabilities have been found in LibTIFF, the worst of which could result in the execution of arbitrary code. Versions less than 4.0.8 are affected.
063099c971a240f228a2cccdc7a688d44d95300bcfd47b1fddd1ac9b8d180bddThis Microsoft bulletin summary lists a CVE that has undergone a major revision increment.
e281f889a7a07b745c1b41488515c3f3c2cd6505cb30f5abdb08ebf86166cbf7Red Hat Security Advisory 2017-2810-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.0.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.7, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.
188d12c115cdf70acf53a8c6c015857d0f7f729f6e285cf3d06172bf9b1241d9Red Hat Security Advisory 2017-2800-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable, the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID PIE binary could use this flaw to escalate their privileges on the system.
d8a9d0afd413fd3cff47b4b91f265b4ff434e1f1031486cfd195ab8aa5e4cf4dGentoo Linux Security Advisory 201709-26 - A vulnerability in libsoup might allow remote attackers to execute arbitrary code. Versions less than 2.56.1 are affected.
90b31b9d9cea9f8cbe8007c69e4741b088a4bd68896e32121610f754014b02caRed Hat Security Advisory 2017-2799-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable, the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID PIE binary could use this flaw to escalate their privileges on the system.
6e410605a90e5ae5dac226f1c1596223ce521c47926efe91a44e62dae507a90fHPE Security Bulletin HPESBGN03773 1 - A potential security vulnerability has been identified in Application Performance Management (BSM) Platform. The vulnerability could be remotely exploited to allow code execution. Revision 1 of this advisory.
e9c0d18cf651d50a4dee299bf48dc290afb61e9ac7f068fd772a3553a46b4e76Broadcom suffers from multiple overflow vulnerabilities when handling 802.11r (FT) Reassociation Response.
4e4363e0afff7c0a8c3e6b53d804a1172c36d104c17e2a3b7c6eebe8edf51451Broadcom suffers from a heap overflow vulnerability when handling 802.11v WNM Sleep Mode Response.
bfafe6c08335222f164c3154a1ec33d8b038b473faa28bc94fc7946a6d0e9bbaSoftware updates for Solarwinds products are packaged and delivered insecurely, leading to root compromise of Solarwinds devices.
2a9df79c742962870c74939e16e4499331d3b9dcdf53b4c3fe83b8d82173b94eGentoo Linux Security Advisory 201709-25 - Multiple vulnerabilities have been found in Chromium, the worst of which could result in the execution of arbitrary code. Versions less than 61.0.3163.100 are affected.
53805f9167f0c643f42e6afeb6fb2c162ec0afd65af2eb44aab53857b00d9850Gentoo Linux Security Advisory 201709-24 - Multiple vulnerabilities have been found in RAR and UnRAR, the worst of which may allow attackers to execute arbitrary code. Versions less than 5.5.0_p20170811 are affected.
838c44591a418642b96ecdd7a7d93fbc404538ebd0b5118d3d43df16535dc7bfUbuntu Security Notice 3429-1 - Wang Junjie discovered that Libplist incorrectly handled certain files. If a user were tricked into opening a crafted file, an attacker could possibly use this to cause a crash or denial or service.
e978097067972b300931520c84fb8a640606b0f7cc6c7744c52e61cf5f0fea8dGentoo Linux Security Advisory 201709-23 - Multiple vulnerabilities have been found in Tcpdump, the worst of which may allow execution of arbitrary code. Versions less than 4.9.2 are affected.
715558f6adb4faa8fec7d45efdb67a8b78c48d5649546e1643df6920765b7bbcRed Hat Security Advisory 2017-2792-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 61.0.3163.100. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim.
1919d3e29966912af824db60c14cc0bb9de0ad18873d80f32ef317ade8ca8e41Gentoo Linux Security Advisory 201709-22 - Multiple vulnerabilities have been found in Oracle's JRE and JDK software suites, and IcedTea, the worst of which may allow execution of arbitrary code. Versions less than 1.8.0.141 are affected.
277201977343e8ff9db604c8d0aa89235047a6c676dc1d8fc08485df7f6b2ebbGentoo Linux Security Advisory 201709-21 - Multiple vulnerabilities have been found in PHP, the worst of which could result in the execution of arbitrary code. Versions less than 5.6.31:5.6 are affected.
d141275b179501f4e8a5e6b7a0eafc716393e9b83ec4859f38d82d4b37729b7cGentoo Linux Security Advisory 201709-20 - A vulnerability in Postfix may allow local users to gain root privileges. Versions less than 3.1.6 are affected.
b600c1a5f95a2227e066f6351a63b9daa56e68a6202706f7df5318020198cbc7Gentoo Linux Security Advisory 201709-19 - A vulnerability in Exim may allow local users to gain root privileges. Versions less than 4.89-r1 are affected.
e4e8753acd88314f65a96fcfa803a6925a200130dc25cc90535c49d136149011
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed