exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

CVE-2013-4483

Status Candidate

Overview

The ipc_rcu_putref function in ipc/util.c in the Linux kernel before 3.10 does not properly manage a reference count, which allows local users to cause a denial of service (memory consumption or system crash) via a crafted application.

Related Files

Red Hat Security Advisory 2015-0284-03
Posted Mar 3, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0284-03 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A race condition flaw was found in the way the Linux kernel's KVM subsystem handled PIT emulation. A guest user who has access to the PIT I/O ports could use this flaw to crash the host. A flaw was found in the way the Linux kernel's SCTP implementation validated INIT chunks when performing Address Configuration Change. A remote attacker could use this flaw to crash the system by sending a specially crafted SCTP packet to trigger a NULL pointer dereference on the system.

tags | advisory, remote, kernel
systems | linux, redhat
advisories | CVE-2013-4483, CVE-2014-3185, CVE-2014-3611, CVE-2014-3645, CVE-2014-3646, CVE-2014-7841, CVE-2014-8160
SHA-256 | 3a23bafa7ff0984a430f6377352c08ac1cc9765d54947d73d20afde3035fbc0c
Red Hat Security Advisory 2014-1392-01
Posted Oct 14, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1392-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A NULL pointer dereference flaw was found in the way the Linux kernel's Stream Control Transmission Protocol implementation handled simultaneous connections between the same hosts. A remote attacker could use this flaw to crash the system. An integer overflow flaw was found in the way the Linux kernel's Frame Buffer device implementation mapped kernel memory to user space via the mmap syscall. A local user able to access a frame buffer device file could possibly use this flaw to escalate their privileges on the system.

tags | advisory, remote, overflow, kernel, local, protocol
systems | linux, redhat
advisories | CVE-2013-2596, CVE-2013-4483, CVE-2014-0181, CVE-2014-3122, CVE-2014-3601, CVE-2014-4608, CVE-2014-4653, CVE-2014-4654, CVE-2014-4655, CVE-2014-5045, CVE-2014-5077
SHA-256 | 2d379835f8d8b30d2d5205e57ee447ccaebb299a17dcdeb38aa229c1a1b8d376
Ubuntu Security Notice USN-2238-1
Posted Jun 6, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2238-1 - Pinkie Pie discovered a flaw in the Linux kernel's futex subsystem. An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or gain administrative privileges. A flaw was discovered in the Linux kernel's IPC reference counting. An unprivileged local user could exploit this flaw to cause a denial of service (OOM system crash).

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-4483, CVE-2014-3153
SHA-256 | 70fb20c757d7aab8aad26aa886ad9b69b70f92f55d8b50260d08a304901d4768
Ubuntu Security Notice USN-2234-1
Posted Jun 6, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2234-1 - Pinkie Pie discovered a flaw in the Linux kernel's futex subsystem. An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or gain administrative privileges. Dmitry Vyukov reported a flaw in the Linux kernel's handling of IPv6 UDP Fragmentation Offload (UFO) processing. A remote attacker could leverage this flaw to cause a denial of service (system crash). Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP Fragmentation Offload (UFO). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or possibly gain administrative privileges. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local, udp
systems | linux, ubuntu
advisories | CVE-2013-4387, CVE-2013-4470, CVE-2013-4483, CVE-2014-1438, CVE-2014-3122, CVE-2014-3153
SHA-256 | a93c4dad0670abab855ed08d6ba04f65b5dd4b888b0d22e9e68426fca77a4f1d
Ubuntu Security Notice USN-2233-1
Posted Jun 6, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2233-1 - Pinkie Pie discovered a flaw in the Linux kernel's futex subsystem. An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or gain administrative privileges. Dmitry Vyukov reported a flaw in the Linux kernel's handling of IPv6 UDP Fragmentation Offload (UFO) processing. A remote attacker could leverage this flaw to cause a denial of service (system crash). Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP Fragmentation Offload (UFO). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or possibly gain administrative privileges. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local, udp
systems | linux, ubuntu
advisories | CVE-2013-4387, CVE-2013-4470, CVE-2013-4483, CVE-2014-1438, CVE-2014-3122, CVE-2014-3153
SHA-256 | b254623a74545b5c66708396dc56fd6e8302db1a965a8fc69f3ad3c62f7b363e
Ubuntu Security Notice USN-2227-1
Posted May 27, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2227-1 - A flaw was discovered in the Linux kernel's pseudo tty (pty) device. An unprivileged user could exploit this flaw to cause a denial of service (system crash) or potentially gain administrator privileges. Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-4483, CVE-2014-0069, CVE-2014-0077, CVE-2014-0101, CVE-2014-0196, CVE-2014-1737, CVE-2014-1738, CVE-2014-2309, CVE-2014-2523, CVE-2014-2672, CVE-2014-2678, CVE-2014-2706, CVE-2014-2851
SHA-256 | 030f8dbdef1c111fe4bbe4103734f72cb888f3ba4144f7241099df3eede3cb21
Ubuntu Security Notice USN-2223-1
Posted May 27, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2223-1 - Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. Matthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-4483, CVE-2014-0055, CVE-2014-0077, CVE-2014-0101, CVE-2014-1737, CVE-2014-1738, CVE-2014-2309, CVE-2014-2523, CVE-2014-2672, CVE-2014-2678, CVE-2014-2706, CVE-2014-2851, CVE-2014-3122
SHA-256 | c386b44476309ae7dac47eb0a8d7cc0a26662f0c3adc3b24f480afe3edd7f15c
Ubuntu Security Notice USN-2221-1
Posted May 27, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2221-1 - Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. Matthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-4483, CVE-2014-0069, CVE-2014-0077, CVE-2014-0101, CVE-2014-1737, CVE-2014-1738, CVE-2014-2309, CVE-2014-2523, CVE-2014-2672, CVE-2014-2678, CVE-2014-2706, CVE-2014-2851
SHA-256 | 5616975f2fb4dd39c84f62c8002d7351e1f5dddc09b837aabc10d511eb920b67
Red Hat Security Advisory 2014-0285-01
Posted Mar 12, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0285-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A buffer overflow flaw was found in the way the qeth_snmp_command() function in the Linux kernel's QETH network device driver implementation handled SNMP IOCTL requests with an out-of-bounds length. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system. A flaw was found in the way the ipc_rcu_putref() function in the Linux kernel's IPC implementation handled reference counter decrementing. A local, unprivileged user could use this flaw to trigger an Out of Memory condition and, potentially, crash the system.

tags | advisory, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2013-2929, CVE-2013-4483, CVE-2013-4554, CVE-2013-6381, CVE-2013-6383, CVE-2013-6885, CVE-2013-7263
SHA-256 | a11eda61dbcf728addd1377584ae2b396b052364c5d94383cdb60ead21539012
Mandriva Linux Security Advisory 2013-265
Posted Nov 11, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-265 - Multiple vulnerabilities has been found and corrected in the Linux kernel. The ipc_rcu_putref function in ipc/util.c in the Linux kernel before 3.10 does not properly manage a reference count, which allows local users to cause a denial of service via a crafted application. The skb_flow_dissect function in net/core/flow_dissector.c in the Linux kernel through 3.12 allows remote attackers to cause a denial of service via a small value in the IHL field of a packet with IPIP encapsulation. Various other issues have also been addressed.

tags | advisory, remote, denial of service, kernel, local, vulnerability
systems | linux, mandriva
advisories | CVE-2013-4483, CVE-2013-4348, CVE-2013-4470, CVE-2013-2015, CVE-2013-4387, CVE-2013-4350
SHA-256 | e2830471bcc8e7e6df1c6e5b34dfd41726e01285869d01bb9ed74386acc56edd
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    0 Files
  • 8
    Nov 8th
    0 Files
  • 9
    Nov 9th
    0 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close