Red Hat Security Advisory 2015-0284-03 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A race condition flaw was found in the way the Linux kernel's KVM subsystem handled PIT emulation. A guest user who has access to the PIT I/O ports could use this flaw to crash the host. A flaw was found in the way the Linux kernel's SCTP implementation validated INIT chunks when performing Address Configuration Change. A remote attacker could use this flaw to crash the system by sending a specially crafted SCTP packet to trigger a NULL pointer dereference on the system.
965ec57c89dca6401eab1ad61522189aRed Hat Security Advisory 2014-1392-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A NULL pointer dereference flaw was found in the way the Linux kernel's Stream Control Transmission Protocol implementation handled simultaneous connections between the same hosts. A remote attacker could use this flaw to crash the system. An integer overflow flaw was found in the way the Linux kernel's Frame Buffer device implementation mapped kernel memory to user space via the mmap syscall. A local user able to access a frame buffer device file could possibly use this flaw to escalate their privileges on the system.
ce5c011782e060871393e1f94bb4027dUbuntu Security Notice 2238-1 - Pinkie Pie discovered a flaw in the Linux kernel's futex subsystem. An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or gain administrative privileges. A flaw was discovered in the Linux kernel's IPC reference counting. An unprivileged local user could exploit this flaw to cause a denial of service (OOM system crash).
7b7d016620ec671246d7cd29be3cb9bdUbuntu Security Notice 2234-1 - Pinkie Pie discovered a flaw in the Linux kernel's futex subsystem. An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or gain administrative privileges. Dmitry Vyukov reported a flaw in the Linux kernel's handling of IPv6 UDP Fragmentation Offload (UFO) processing. A remote attacker could leverage this flaw to cause a denial of service (system crash). Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP Fragmentation Offload (UFO). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or possibly gain administrative privileges. Various other issues were also addressed.
6ac9c3cdc8b3de532e9e49afef61f5dfUbuntu Security Notice 2233-1 - Pinkie Pie discovered a flaw in the Linux kernel's futex subsystem. An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or gain administrative privileges. Dmitry Vyukov reported a flaw in the Linux kernel's handling of IPv6 UDP Fragmentation Offload (UFO) processing. A remote attacker could leverage this flaw to cause a denial of service (system crash). Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP Fragmentation Offload (UFO). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or possibly gain administrative privileges. Various other issues were also addressed.
51414a02cdb5a314c7157dc3e001e2a5Ubuntu Security Notice 2227-1 - A flaw was discovered in the Linux kernel's pseudo tty (pty) device. An unprivileged user could exploit this flaw to cause a denial of service (system crash) or potentially gain administrator privileges. Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. Various other issues were also addressed.
60a61ce3b46f20c368154ead75b6bd25Ubuntu Security Notice 2223-1 - Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. Matthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. Various other issues were also addressed.
926dd07c2dbe263e954629db8b007f24Ubuntu Security Notice 2221-1 - Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. Matthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. Various other issues were also addressed.
06317741fa5c1817e5ca52b6e78a1131Red Hat Security Advisory 2014-0285-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A buffer overflow flaw was found in the way the qeth_snmp_command() function in the Linux kernel's QETH network device driver implementation handled SNMP IOCTL requests with an out-of-bounds length. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system. A flaw was found in the way the ipc_rcu_putref() function in the Linux kernel's IPC implementation handled reference counter decrementing. A local, unprivileged user could use this flaw to trigger an Out of Memory condition and, potentially, crash the system.
302f0e4f68804abdc33596d17985a27cMandriva Linux Security Advisory 2013-265 - Multiple vulnerabilities has been found and corrected in the Linux kernel. The ipc_rcu_putref function in ipc/util.c in the Linux kernel before 3.10 does not properly manage a reference count, which allows local users to cause a denial of service via a crafted application. The skb_flow_dissect function in net/core/flow_dissector.c in the Linux kernel through 3.12 allows remote attackers to cause a denial of service via a small value in the IHL field of a packet with IPIP encapsulation. Various other issues have also been addressed.
ba0cd2c4450658f0c7635cbf6ad37b76
© 2016 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed