Red Hat Security Advisory 2013-1264-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A heap-based buffer overflow flaw was found in the Linux kernel's iSCSI target subsystem. A remote attacker could use a specially-crafted iSCSI request to cause a denial of service on a system or, potentially, escalate their privileges on that system. A flaw was found in the Linux kernel's Performance Events implementation. On systems with certain Intel processors, a local, unprivileged user could use this flaw to cause a denial of service by leveraging the perf subsystem to write into the reserved bits of the OFFCORE_RSP_0 and OFFCORE_RSP_1 model-specific registers.
9a5ec9f9c7d4781ea08fab5e5ddb59d96541a57787d7f358e43fe24a1469e30cRed Hat Security Advisory 2013-1080-01 - Red Hat OpenStack 3.0 includes a custom Red Hat Enterprise Linux 6.4 kernel. These custom kernel packages include support for network namespaces, this support is required to facilitate advanced OpenStack Networking deployments. A flaw was found in the tcp_read_sock() function in the Linux kernel's IPv4 TCP/IP protocol suite implementation in the way socket buffers were handled. A local, unprivileged user could trigger this issue via a call to splice(), leading to a denial of service.
1f6ec7f2b1348b3f77f691853c0661c2b6d8c71c0c15a9154155add5bdc0cc30Red Hat Security Advisory 2013-1051-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the tcp_read_sock() function in the Linux kernel's IPv4 TCP/IP protocol suite implementation in the way socket buffers were handled. A local, unprivileged user could trigger this issue via a call to splice(), leading to a denial of service.
a8237bc5b0d4bf99427f678d7db474dc77cb9ba7060a71275ad8e94debf18eb2Mandriva Linux Security Advisory 2013-194 - Multiple vulnerabilities has been found and corrected in the Linux kernel. net/ceph/auth_none.c in the Linux kernel through 3.10 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an auth_reply message that triggers an attempted build_request operation. The HP Smart Array controller disk-array driver and Compaq SMART2 controller disk-array driver in the Linux kernel through 3.9.4 do not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory via a crafted IDAGETPCIINFO command for a /dev/ida device, related to the ida_locked_ioctl function in drivers/block/cpqarray.c or a crafted CCISS_PASSTHRU32 command for a /dev/cciss device, related to the cciss_ioctl32_passthru function in drivers/block/cciss.c. Various other issues have also been addressed. The updated packages provides a solution for these security issues.
222e6a9b6c229fb8760fbf864b56dd9ad305b2f5b2210ae92ec97c2c2809405bUbuntu Security Notice 1839-1 - A flaw was discovered in the Linux kernel's perf_events interface. A local user could exploit this flaw to escalate privileges on the system. Andy Lutomirski discover an error in the Linux kernel's credential handling on unix sockets. A local user could exploit this flaw to gain administrative privileges. A buffer overflow vulnerability was discovered in the Broadcom tg3 ethernet driver for the Linux kernel. A local user could exploit this flaw to cause a denial of service (crash the system) or potentially escalate privileges on the system. Various other issues were also addressed.
86ed1e11ed9cf4931a18e84838efdd7f1f497b8d0f4b6080dd50c1bfa77d545dUbuntu Security Notice 1835-1 - A buffer overflow vulnerability was discovered in the Broadcom tg3 ethernet driver for the Linux kernel. A local user could exploit this flaw to cause a denial of service (crash the system) or potentially escalate privileges on the system. A flaw was discovered in the Linux kernel's ftrace subsystem interface. A local user could exploit this flaw to cause a denial of service (system crash). Various other issues were also addressed.
538cf179b4264bbeab428807f8490f8849cdc99819a39590b205530445984644Ubuntu Security Notice 1836-1 - An flaw was discovered in the Linux kernel's perf_events interface. A local user could exploit this flaw to escalate privileges on the system. A buffer overflow vulnerability was discovered in the Broadcom tg3 ethernet driver for the Linux kernel. A local user could exploit this flaw to cause a denial of service (crash the system) or potentially escalate privileges on the system. Various other issues were also addressed.
42d076c106745f487957ef7b40c9f50928e736a03fc9cad6e39cf873660a840eUbuntu Security Notice 1834-1 - A buffer overflow vulnerability was discovered in the Broadcom tg3 ethernet driver for the Linux kernel. A local user could exploit this flaw to cause a denial of service (crash the system) or potentially escalate privileges on the system. A flaw was discovered in the Linux kernel's ftrace subsystem interface. A local user could exploit this flaw to cause a denial of service (system crash). Various other issues were also addressed.
8e41d633140011cdf2b30daf96cf03e74a1fa2e124d4f2cea965b7093ae21e71Ubuntu Security Notice 1833-1 - Andy Lutomirski discover an error in the Linux kernel's credential handling on unix sockets. A local user could exploit this flaw to gain administrative privileges. A buffer overflow vulnerability was discovered in the Broadcom tg3 ethernet driver for the Linux kernel. A local user could exploit this flaw to cause a denial of service (crash the system) or potentially escalate privileges on the system. Various other issues were also addressed.
4d5293bf941b5722cc6d5edd9647abe268ec879cb11d85d2e92c470be2f80158Debian Linux Security Advisory 2669-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation.
bcfe3afbb4182656ff4cebf2d30b08f1bd994ad473bc4830c1ed33aa786d930e
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed