exploit the possibilities
Showing 1 - 10 of 10 RSS Feed

CVE-2013-2141

Status Candidate

Overview

The do_tkill function in kernel/signal.c in the Linux kernel before 3.8.9 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via a crafted application that makes a (1) tkill or (2) tgkill system call.

Related Files

Red Hat Security Advisory 2013-1801-01
Posted Dec 14, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1801-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's TCP/IP protocol suite implementation handled sending of certain UDP packets over sockets that used the UDP_CORK option when the UDP Fragmentation Offload feature was enabled on the output device. A local, unprivileged user could use this flaw to cause a denial of service or, potentially, escalate their privileges on the system. A divide-by-zero flaw was found in the apic_get_tmcct() function in KVM's Local Advanced Programmable Interrupt Controller implementation. A privileged guest user could use this flaw to crash the host.

tags | advisory, denial of service, kernel, local, udp, tcp, protocol
systems | linux, redhat
advisories | CVE-2013-2141, CVE-2013-4470, CVE-2013-6367, CVE-2013-6368
MD5 | 1af132fdcf7c424f280c901b55f82dec
Debian Security Advisory 2766-1
Posted Sep 30, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2766-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2013-2141, CVE-2013-2164, CVE-2013-2206, CVE-2013-2232, CVE-2013-2234, CVE-2013-2237, CVE-2013-2239, CVE-2013-2851, CVE-2013-2852, CVE-2013-2888, CVE-2013-2892
MD5 | 24180ab9a5fa022aa5001bc9779ccf9b
Red Hat Security Advisory 2013-1292-01
Posted Sep 26, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1292-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A use-after-free flaw was found in the madvise() system call implementation in the Linux kernel. A local, unprivileged user could use this flaw to cause a denial of service or, potentially, escalate their privileges. A flaw was found in the way the Linux kernel's TCP/IP protocol suite implementation handled IPv6 sockets that used the UDP_CORK option. A local, unprivileged user could use this flaw to cause a denial of service.

tags | advisory, denial of service, kernel, local, tcp, protocol
systems | linux, redhat
advisories | CVE-2012-3511, CVE-2013-2141, CVE-2013-4162
MD5 | 431af5caa713d02a87c8868f96420d36
Red Hat Security Advisory 2013-1264-01
Posted Sep 16, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1264-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A heap-based buffer overflow flaw was found in the Linux kernel's iSCSI target subsystem. A remote attacker could use a specially-crafted iSCSI request to cause a denial of service on a system or, potentially, escalate their privileges on that system. A flaw was found in the Linux kernel's Performance Events implementation. On systems with certain Intel processors, a local, unprivileged user could use this flaw to cause a denial of service by leveraging the perf subsystem to write into the reserved bits of the OFFCORE_RSP_0 and OFFCORE_RSP_1 model-specific registers.

tags | advisory, remote, denial of service, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2013-2058, CVE-2013-2141, CVE-2013-2146, CVE-2013-2147, CVE-2013-2148, CVE-2013-2164, CVE-2013-2232, CVE-2013-2234, CVE-2013-2237, CVE-2013-2850, CVE-2013-2851, CVE-2013-2852, CVE-2013-3301, CVE-2013-4162, CVE-2013-4163
MD5 | 5eea9d3ce982c34da176b92519e344f2
Ubuntu Security Notice USN-1900-1
Posted Jul 5, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1900-1 - Dmitry Monakhov reported a race condition flaw the Linux ext4 filesystem that can expose stale data. An unprivileged user could exploit this flaw to cause an information leak. An information leak was discovered in the Linux kernel's tkill and tgkill system calls when used from compat processes. A local user could exploit this flaw to examine potentially sensitive kernel memory. A format string vulnerability was discovered in Broadcom B43 wireless driver for the Linux kernel. A local user could exploit this flaw to gain administrative privileges. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2012-4508, CVE-2013-2141, CVE-2013-2852, CVE-2012-4508, CVE-2013-2141, CVE-2013-2852
MD5 | 4248cdb5374d0b8f58403ee24c28487d
Ubuntu Security Notice USN-1899-1
Posted Jul 5, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1899-1 - Dmitry Monakhov reported a race condition flaw the Linux ext4 filesystem that can expose stale data. An unprivileged user could exploit this flaw to cause an information leak. An information leak was discovered in the Linux kernel's tkill and tgkill system calls when used from compat processes. A local user could exploit this flaw to examine potentially sensitive kernel memory. A format string vulnerability was discovered in Broadcom B43 wireless driver for the Linux kernel. A local user could exploit this flaw to gain administrative privileges. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2012-4508, CVE-2013-2141, CVE-2013-2852, CVE-2012-4508, CVE-2013-2141, CVE-2013-2852
MD5 | 0dc268d390c5d5febe9f6a8aff3807bc
Mandriva Linux Security Advisory 2013-176
Posted Jun 24, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-176 - Multiple vulnerabilities has been found and corrected in the Linux kernel. The updated packages provides a solution for these security issues.

tags | advisory, kernel, vulnerability
systems | linux, mandriva
advisories | CVE-2012-5532, CVE-2012-6548, CVE-2012-6549, CVE-2013-0216, CVE-2013-0217, CVE-2013-0228, CVE-2013-0290, CVE-2013-0311, CVE-2013-0914, CVE-2013-1763, CVE-2013-1767, CVE-2013-1792, CVE-2013-1796, CVE-2013-1797, CVE-2013-1798, CVE-2013-1848, CVE-2013-1860, CVE-2013-1929, CVE-2013-1979, CVE-2013-2094, CVE-2013-2141, CVE-2013-2146, CVE-2013-2546, CVE-2013-2547, CVE-2013-2548, CVE-2013-2596, CVE-2013-2634, CVE-2013-2635
MD5 | 72b5903a6234e4593ad51c196b8ea2fd
Ubuntu Security Notice USN-1882-1
Posted Jun 14, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1882-1 - Kees Cook discovered a flaw in the Linux kernel's iSCSI subsystem. A remote unauthenticated attacker could exploit this flaw to cause a denial of service (system crash) or potentially gain administrative privileges. An information leak was discovered in the Linux kernel when inotify is used to monitor the /dev/ptmx device. A local user could exploit this flaw to discover keystroke timing and potentially discover sensitive information like password length. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-2850, CVE-2013-0160, CVE-2013-2141, CVE-2013-2146, CVE-2013-3076, CVE-2013-3222, CVE-2013-3223, CVE-2013-3224, CVE-2013-3225, CVE-2013-3227, CVE-2013-3228, CVE-2013-3229, CVE-2013-3230, CVE-2013-3231, CVE-2013-3232, CVE-2013-3233, CVE-2013-3234, CVE-2013-3235, CVE-2013-0160, CVE-2013-2141, CVE-2013-2146, CVE-2013-2850, CVE-2013-3076, CVE-2013-3222, CVE-2013-3223, CVE-2013-3224, CVE-2013-3225, CVE-2013-3227
MD5 | 7c792dfc092a7b89310f088463bdcd3d
Ubuntu Security Notice USN-1881-1
Posted Jun 14, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1881-1 - An information leak was discovered in the Linux kernel when inotify is used to monitor the /dev/ptmx device. A local user could exploit this flaw to discover keystroke timing and potentially discover sensitive information like password length. An information leak was discovered in the Linux kernel's tkill and tgkill system calls when used from compat processes. A local user could exploit this flaw to examine potentially sensitive kernel memory. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-0160, CVE-2013-2141, CVE-2013-2146, CVE-2013-3076, CVE-2013-3222, CVE-2013-3223, CVE-2013-3224, CVE-2013-3225, CVE-2013-3227, CVE-2013-3228, CVE-2013-3229, CVE-2013-3230, CVE-2013-3231, CVE-2013-3232, CVE-2013-3233, CVE-2013-3234, CVE-2013-3235, CVE-2013-0160, CVE-2013-2141, CVE-2013-2146, CVE-2013-3076, CVE-2013-3222, CVE-2013-3223, CVE-2013-3224, CVE-2013-3225, CVE-2013-3227, CVE-2013-3228, CVE-2013-3229
MD5 | 5f744916b5072d10faf4526a075c5c9d
Ubuntu Security Notice USN-1880-1
Posted Jun 14, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1880-1 - An information leak was discovered in the Linux kernel when inotify is used to monitor the /dev/ptmx device. A local user could exploit this flaw to discover keystroke timing and potentially discover sensitive information like password length. An information leak was discovered in the Linux kernel's tkill and tgkill system calls when used from compat processes. A local user could exploit this flaw to examine potentially sensitive kernel memory. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-0160, CVE-2013-2141, CVE-2013-2146, CVE-2013-3076, CVE-2013-3222, CVE-2013-3223, CVE-2013-3224, CVE-2013-3225, CVE-2013-3227, CVE-2013-3228, CVE-2013-3229, CVE-2013-3230, CVE-2013-3231, CVE-2013-3232, CVE-2013-3233, CVE-2013-3234, CVE-2013-3235, CVE-2013-0160, CVE-2013-2141, CVE-2013-2146, CVE-2013-3076, CVE-2013-3222, CVE-2013-3223, CVE-2013-3224, CVE-2013-3225, CVE-2013-3227, CVE-2013-3228, CVE-2013-3229
MD5 | 09566fa6410aa4e527449a7655e109e9
Page 1 of 1
Back1Next

File Archive:

February 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    1 Files
  • 2
    Feb 2nd
    2 Files
  • 3
    Feb 3rd
    17 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    16 Files
  • 7
    Feb 7th
    19 Files
  • 8
    Feb 8th
    1 Files
  • 9
    Feb 9th
    2 Files
  • 10
    Feb 10th
    15 Files
  • 11
    Feb 11th
    20 Files
  • 12
    Feb 12th
    12 Files
  • 13
    Feb 13th
    18 Files
  • 14
    Feb 14th
    17 Files
  • 15
    Feb 15th
    4 Files
  • 16
    Feb 16th
    4 Files
  • 17
    Feb 17th
    34 Files
  • 18
    Feb 18th
    15 Files
  • 19
    Feb 19th
    19 Files
  • 20
    Feb 20th
    20 Files
  • 21
    Feb 21st
    15 Files
  • 22
    Feb 22nd
    2 Files
  • 23
    Feb 23rd
    2 Files
  • 24
    Feb 24th
    16 Files
  • 25
    Feb 25th
    37 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close