Debian Linux Security Advisory 2906-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation.
336839d986f877d0c9633d42e6961fa76ae807751676c40199ee1f7de18091c3Red Hat Security Advisory 2013-1520-01 - Red Hat OpenStack 3.0 includes a custom Red Hat Enterprise Linux 6.4 kernel. These custom kernel packages include support for network namespaces; this support is required to facilitate advanced OpenStack Networking deployments. A flaw was found in the way the Linux kernel's TCP/IP protocol suite implementation handled IPv6 sockets that used the UDP_CORK option. A local, unprivileged user could use this flaw to cause a denial of service. An information leak flaw was found in the way the Linux kernel's device mapper subsystem, under certain conditions, interpreted data written to snapshot block devices. An attacker could use this flaw to read data from disk blocks in free space, which are normally inaccessible.
7008a13256f2ff111c9742864c6951d05dc88eb72924ebacdbb0c1381a4ed58aRed Hat Security Advisory 2013-1436-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's TCP/IP protocol suite implementation handled IPv6 sockets that used the UDP_CORK option. A local, unprivileged user could use this flaw to cause a denial of service. An information leak flaw was found in the way Linux kernel's device mapper subsystem, under certain conditions, interpreted data written to snapshot block devices. An attacker could use this flaw to read data from disk blocks in free space, which are normally inaccessible.
303872e8ff5bca61e067a12a40cd346fa1185e503c1cbaaf1dfc656936a4a6a4Red Hat Security Advisory 2013-1292-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A use-after-free flaw was found in the madvise() system call implementation in the Linux kernel. A local, unprivileged user could use this flaw to cause a denial of service or, potentially, escalate their privileges. A flaw was found in the way the Linux kernel's TCP/IP protocol suite implementation handled IPv6 sockets that used the UDP_CORK option. A local, unprivileged user could use this flaw to cause a denial of service.
bb34fbaf34b1e2d0617595612c429058d891776d85b070142cca272b51e1610aMandriva Linux Security Advisory 2013-242 - Multiple vulnerabilities has been found and corrected in the Linux kernel. Multiple array index errors in drivers/hid/hid-core.c in the Human Interface Device subsystem in the Linux kernel through 3.11 allow physically proximate attackers to execute arbitrary code or cause a denial of service via a crafted device that provides an invalid Report ID. drivers/hid/hid-zpff.c in the Human Interface Device subsystem in the Linux kernel through 3.11, when CONFIG_HID_ZEROPLUS is enabled, allows physically proximate attackers to cause a denial of service via a crafted device. drivers/hid/hid-pl.c in the Human Interface Device subsystem in the Linux kernel through 3.11, when CONFIG_HID_PANTHERLORD is enabled, allows physically proximate attackers to cause a denial of service via a crafted device. Various other issues were also addressed. The updated packages provides a solution for these security issues.
293756ed7837559d6b59c73b10281e441cc79100240203c0f546001f31ee5c5fRed Hat Security Advisory 2013-1264-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A heap-based buffer overflow flaw was found in the Linux kernel's iSCSI target subsystem. A remote attacker could use a specially-crafted iSCSI request to cause a denial of service on a system or, potentially, escalate their privileges on that system. A flaw was found in the Linux kernel's Performance Events implementation. On systems with certain Intel processors, a local, unprivileged user could use this flaw to cause a denial of service by leveraging the perf subsystem to write into the reserved bits of the OFFCORE_RSP_0 and OFFCORE_RSP_1 model-specific registers.
9a5ec9f9c7d4781ea08fab5e5ddb59d96541a57787d7f358e43fe24a1469e30cUbuntu Security Notice 1947-1 - A denial of service flaw was discovered in the Btrfs file system in the Linux kernel. A local user could cause a denial of service by creating a large number of files with names that have the same CRC32 hash value. A denial of service flaw was discovered in the Btrfs file system in the Linux kernel. A local user could cause a denial of service (prevent file creation) for a victim, by creating a file with a specific CRC32C hash value in a directory important to the victim. Various other issues were also addressed.
19b6c149ebe3b2088d52c98d0772c8e2b25e649872dce2eb412f23aeeb5cf8eeUbuntu Security Notice 1946-1 - A denial of service flaw was discovered in the Btrfs file system in the Linux kernel. A local user could cause a denial of service by creating a large number of files with names that have the same CRC32 hash value. A denial of service flaw was discovered in the Btrfs file system in the Linux kernel. A local user could cause a denial of service (prevent file creation) for a victim, by creating a file with a specific CRC32C hash value in a directory important to the victim. Various other issues were also addressed.
dd974f010bbff440313942f7c9ba339449ecb01b534d8f4e20722e8282e34496Ubuntu Security Notice 1945-1 - A denial of service flaw was discovered in the Btrfs file system in the Linux kernel. A local user could cause a denial of service by creating a large number of files with names that have the same CRC32 hash value. A denial of service flaw was discovered in the Btrfs file system in the Linux kernel. A local user could cause a denial of service (prevent file creation) for a victim, by creating a file with a specific CRC32C hash value in a directory important to the victim. Various other issues were also addressed.
ad55b1cde311e93b165a194fa06c48b83dae5ca0f254120b3f02686b4b5c4ad0Ubuntu Security Notice 1944-1 - A denial of service flaw was discovered in the Btrfs file system in the Linux kernel. A local user could cause a denial of service by creating a large number of files with names that have the same CRC32 hash value. A denial of service flaw was discovered in the Btrfs file system in the Linux kernel. A local user could cause a denial of service (prevent file creation) for a victim, by creating a file with a specific CRC32C hash value in a directory important to the victim. Various other issues were also addressed.
554901691a20482f825e28f1547beee044c4f79424f652805a6a705b37f9c767Ubuntu Security Notice 1943-1 - Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that allows for privilege escalation. A local user could exploit this flaw to run commands as root when using the perf tool. A flaw was discovered in the Xen subsystem of the Linux kernel when it provides read-only access to a disk that supports TRIM or SCSI UNMAP to a guest OS. A privileged user in the guest OS could exploit this flaw to destroy data on the disk, even though the guest OS should not be able to write to the disk. Various other issues were also addressed.
f8bf7e00d636ea267827b60fa9176f568afd88b241794cfe80bd74e8fa05b71bUbuntu Security Notice 1942-1 - Chanam Park reported a Null pointer flaw in the Linux kernel's Ceph client. A remote attacker could exploit this flaw to cause a denial of service (system crash). Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that allows for privilege escalation. A local user could exploit this flaw to run commands as root when using the perf tool. Jonathan Salwan discovered an information leak in the Linux kernel's cdrom driver. A local user can exploit this leak to obtain sensitive information from kernel memory if the CD-ROM drive is malfunctioning. Various other issues were also addressed.
663792b692690dc74ab6966fa33d32c2ea17678527fd462774dbc61a68eda2c2Ubuntu Security Notice 1941-1 - Chanam Park reported a Null pointer flaw in the Linux kernel's Ceph client. A remote attacker could exploit this flaw to cause a denial of service (system crash). Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that allows for privilege escalation. A local user could exploit this flaw to run commands as root when using the perf tool. Jonathan Salwan discovered an information leak in the Linux kernel's cdrom driver. A local user can exploit this leak to obtain sensitive information from kernel memory if the CD-ROM drive is malfunctioning. Various other issues were also addressed.
4feeacb550bdc2b887356a4b6e0ce71d9c8ffafbf05fb28b48330d1b5dbff3b5Ubuntu Security Notice 1940-1 - Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that allows for privilege escalation. A local user could exploit this flaw to run commands as root when using the perf tool. Michael S. Tsirkin discovered a flaw in how the Linux kernel's KVM subsystem allocates memory slots for the guest's address space. A local user could exploit this flaw to gain system privileges or obtain sensitive information from kernel memory. Various other issues were also addressed.
8c59646e4e53fb3534c048dfb45e7c1eed97a9ec7d2f86a5573f81bea49edf56Ubuntu Security Notice 1939-1 - Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that allows for privilege escalation. A local user could exploit this flaw to run commands as root when using the perf tool. Michael S. Tsirkin discovered a flaw in how the Linux kernel's KVM subsystem allocates memory slots for the guest's address space. A local user could exploit this flaw to gain system privileges or obtain sensitive information from kernel memory. Various other issues were also addressed.
3996695f9dff779a55c98d2edff73eb7307289b64e122923d7ce9b80cf0acc6dUbuntu Security Notice 1938-1 - Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that allows for privilege escalation. A local could exploit this flaw to run commands as root when using the perf tool. A flaw was discovered in the Xen subsystem of the Linux kernel when it provides a guest OS read-only access to disks that support TRIM or SCSI UNMAP. A privileged user in the guest OS could exploit this flaw to destroy data on the disk. Various other issues were also addressed.
afe36f13a2eaef4039f3038361af8af976969799076e1bf1d46016a9a0a92664Debian Linux Security Advisory 2745-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation.
3eec460e99a9f554b7bc89f94799ac98b40ec17e5325c416c1ece8a5c548e48f
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed