exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 14 of 14 RSS Feed

CVE-2013-6380

Status Candidate

Overview

The aac_send_raw_srb function in drivers/scsi/aacraid/commctrl.c in the Linux kernel through 3.12.1 does not properly validate a certain size value, which allows local users to cause a denial of service (invalid pointer dereference) or possibly have unspecified other impact via an FSACTL_SEND_RAW_SRB ioctl call that triggers a crafted SRB command.

Related Files

Debian Security Advisory 2906-1
Posted Apr 25, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2906-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2013-0343, CVE-2013-2147, CVE-2013-2889, CVE-2013-2893, CVE-2013-4162, CVE-2013-4299, CVE-2013-4345, CVE-2013-4512, CVE-2013-4587, CVE-2013-6367, CVE-2013-6380, CVE-2013-6381, CVE-2013-6382, CVE-2013-6383, CVE-2013-7263, CVE-2013-7264, CVE-2013-7265, CVE-2013-7339, CVE-2014-0101, CVE-2014-1444, CVE-2014-1445, CVE-2014-1446, CVE-2014-1874, CVE-2014-2039, CVE-2014-2523, CVE-2103-2929
SHA-256 | 336839d986f877d0c9633d42e6961fa76ae807751676c40199ee1f7de18091c3
Ubuntu Security Notice USN-2136-1
Posted Mar 7, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2136-1 - Mathy Vanhoef discovered an error in the the way the ath9k driver was handling the BSSID masking. A remote attacker could exploit this error to discover the original MAC address after a spoofing attack. Andrew Honig reported a flaw in the Linux Kernel's kvm_vm_ioctl_create_vcpu function of the Kernel Virtual Machine (KVM) subsystem. A local user could exploit this flaw to gain privileges on the host machine. Andrew Honig reported a flaw in the apic_get_tmcct function of the Kernel Virtual Machine (KVM) subsystem if the Linux kernel. A guest OS user could exploit this flaw to cause a denial of service or host OS system crash. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local, spoof
systems | linux, ubuntu
advisories | CVE-2013-4579, CVE-2013-4587, CVE-2013-6367, CVE-2013-6368, CVE-2013-6376, CVE-2013-6380, CVE-2013-7263, CVE-2013-7264, CVE-2013-7265, CVE-2013-7266, CVE-2013-7267, CVE-2013-7268, CVE-2013-7269, CVE-2013-7270, CVE-2013-7271, CVE-2013-7281, CVE-2014-1438, CVE-2014-1446, CVE-2014-1874, CVE-2013-4579, CVE-2013-4587, CVE-2013-6367, CVE-2013-6368, CVE-2013-6376, CVE-2013-6380, CVE-2013-7263, CVE-2013-7264, CVE-2013-7265
SHA-256 | 537583a7f5fadb8ab459bd50b9fe322fbd3646055990d05a9976624652e123ec
Ubuntu Security Notice USN-2129-1
Posted Mar 6, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2129-1 - An information leak was discovered in the Linux kernel when inotify is used to monitor the /dev/ptmx device. A local user could exploit this flaw to discover keystroke timing and potentially discover sensitive information like password length. Vasily Kulikov reported a flaw in the Linux kernel's implementation of ptrace. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-0160, CVE-2013-2929, CVE-2013-4587, CVE-2013-6367, CVE-2013-6380, CVE-2013-6382, CVE-2013-7027, CVE-2013-7266, CVE-2013-7267, CVE-2013-7268, CVE-2013-7269, CVE-2013-7270, CVE-2013-7271, CVE-2014-1444, CVE-2014-1445, CVE-2014-1446, CVE-2014-1874, CVE-2013-0160, CVE-2013-2929, CVE-2013-4587, CVE-2013-6367, CVE-2013-6380, CVE-2013-6382, CVE-2013-7027, CVE-2013-7266, CVE-2013-7267, CVE-2013-7268, CVE-2013-7269
SHA-256 | 26def1da51e3753541184bde4fad779091149899914c8225f8d51c895c375721
Ubuntu Security Notice USN-2128-1
Posted Mar 6, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2128-1 - An information leak was discovered in the Linux kernel when inotify is used to monitor the /dev/ptmx device. A local user could exploit this flaw to discover keystroke timing and potentially discover sensitive information like password length. Vasily Kulikov reported a flaw in the Linux kernel's implementation of ptrace. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-0160, CVE-2013-2929, CVE-2013-4587, CVE-2013-6367, CVE-2013-6380, CVE-2013-6382, CVE-2013-7027, CVE-2013-7266, CVE-2013-7267, CVE-2013-7268, CVE-2013-7269, CVE-2013-7270, CVE-2013-7271, CVE-2014-1444, CVE-2014-1445, CVE-2014-1446, CVE-2014-1874, CVE-2013-0160, CVE-2013-2929, CVE-2013-4587, CVE-2013-6367, CVE-2013-6380, CVE-2013-6382, CVE-2013-7027, CVE-2013-7266, CVE-2013-7267, CVE-2013-7268, CVE-2013-7269
SHA-256 | f93775724c74d2ee6adb72b9dce313cb6dc890d079d7d6ebdb872b101263d582
Ubuntu Security Notice USN-2114-1
Posted Feb 19, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2114-1 - Vasily Kulikov reported a flaw in the Linux kernel's implementation of ptrace. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory. A flaw in the handling of memory regions of the kernel virtual machine (KVM) subsystem was discovered. A local user with the ability to assign a device could exploit this flaw to cause a denial of service (memory consumption). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-2929, CVE-2013-4592, CVE-2013-6378, CVE-2013-6380, CVE-2013-2929, CVE-2013-4592, CVE-2013-6378, CVE-2013-6380
SHA-256 | 3dd96bdcecedff36b66200fc61b8191fc4d74d8115ff7d0cdf1cdd21795ceabf
Ubuntu Security Notice USN-2116-1
Posted Feb 19, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2116-1 - Vasily Kulikov reported a flaw in the Linux kernel's implementation of ptrace. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory. A flaw in the handling of memory regions of the kernel virtual machine (KVM) subsystem was discovered. A local user with the ability to assign a device could exploit this flaw to cause a denial of service (memory consumption). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-2929, CVE-2013-4592, CVE-2013-6378, CVE-2013-6380, CVE-2013-2929, CVE-2013-4592, CVE-2013-6378, CVE-2013-6380
SHA-256 | 8aca15b11b05d09a1958325ba980f416a42c0236a468d96df6801c4520732d03
Ubuntu Security Notice USN-2115-1
Posted Feb 19, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2115-1 - Vasily Kulikov reported a flaw in the Linux kernel's implementation of ptrace. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory. A flaw in the handling of memory regions of the kernel virtual machine (KVM) subsystem was discovered. A local user with the ability to assign a device could exploit this flaw to cause a denial of service (memory consumption). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-2929, CVE-2013-4592, CVE-2013-6378, CVE-2013-6380, CVE-2013-2929, CVE-2013-4592, CVE-2013-6378, CVE-2013-6380
SHA-256 | 1a42767751d96e7993524072d8c9e8663893074694d888e64e1cdd957c5fca55
Ubuntu Security Notice USN-2111-1
Posted Feb 19, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2111-1 - Vasily Kulikov reported a flaw in the Linux kernel's implementation of ptrace. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory. A flaw in the handling of memory regions of the kernel virtual machine (KVM) subsystem was discovered. A local user with the ability to assign a device could exploit this flaw to cause a denial of service (memory consumption). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-2929, CVE-2013-4592, CVE-2013-6378, CVE-2013-6380, CVE-2013-2929, CVE-2013-4592, CVE-2013-6378, CVE-2013-6380
SHA-256 | 50735c3f85d8c85b72686bd54e07f574b066e940674b02c2771539fdec2e54f8
Ubuntu Security Notice USN-2110-1
Posted Feb 19, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2110-1 - Vasily Kulikov reported a flaw in the Linux kernel's implementation of ptrace. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory. Stephan Mueller reported an error in the Linux kernel's ansi cprng random number generator. This flaw makes it easier for a local attacker to break cryptographic protections. Andrew Honig reported a flaw in the Linux Kernel's kvm_vm_ioctl_create_vcpu function of the Kernel Virtual Machine (KVM) subsystem. A local user could exploit this flaw to gain privileges on the host machine. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-2929, CVE-2013-4345, CVE-2013-4587, CVE-2013-6367, CVE-2013-6380, CVE-2013-6382, CVE-2013-7263, CVE-2013-7264, CVE-2013-7265, CVE-2013-7266, CVE-2013-7267, CVE-2013-7268, CVE-2013-7269, CVE-2013-7270, CVE-2013-7271, CVE-2013-7281, CVE-2013-2929, CVE-2013-4345, CVE-2013-4587, CVE-2013-6367, CVE-2013-6380, CVE-2013-6382, CVE-2013-7263, CVE-2013-7264, CVE-2013-7265, CVE-2013-7266, CVE-2013-7267, CVE-2013-7268
SHA-256 | f5d5f017a1f978753da8eaddad5530e205560b414e1034f60631ed87c66c73ff
Ubuntu Security Notice USN-2109-1
Posted Feb 19, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2109-1 - Vasily Kulikov reported a flaw in the Linux kernel's implementation of ptrace. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory. Stephan Mueller reported an error in the Linux kernel's ansi cprng random number generator. This flaw makes it easier for a local attacker to break cryptographic protections. Andrew Honig reported a flaw in the Linux Kernel's kvm_vm_ioctl_create_vcpu function of the Kernel Virtual Machine (KVM) subsystem. A local user could exploit this flaw to gain privileges on the host machine. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-2929, CVE-2013-4345, CVE-2013-4587, CVE-2013-6367, CVE-2013-6380, CVE-2013-6382, CVE-2013-7263, CVE-2013-7264, CVE-2013-7265, CVE-2013-7266, CVE-2013-7267, CVE-2013-7268, CVE-2013-7269, CVE-2013-7270, CVE-2013-7271, CVE-2013-7281, CVE-2013-2929, CVE-2013-4345, CVE-2013-4587, CVE-2013-6367, CVE-2013-6380, CVE-2013-6382, CVE-2013-7263, CVE-2013-7264, CVE-2013-7265, CVE-2013-7266, CVE-2013-7267, CVE-2013-7268
SHA-256 | f9a9229f276d5732e342ff0e1d0acf9d5b773dd92e400f9e84538701ee334b3a
Ubuntu Security Notice USN-2075-1
Posted Jan 3, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2075-1 - Vasily Kulikov reported a flaw in the Linux kernel's implementation of ptrace. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory. Dave Jones and Vince Weaver reported a flaw in the Linux kernel's per event subsystem that allows normal users to enable function tracing. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from the kernel. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-2929, CVE-2013-2930, CVE-2013-4345, CVE-2013-4348, CVE-2013-4511, CVE-2013-4513, CVE-2013-4514, CVE-2013-4515, CVE-2013-4516, CVE-2013-6378, CVE-2013-6380, CVE-2013-6383, CVE-2013-6763, CVE-2013-7026, CVE-2013-2929, CVE-2013-2930, CVE-2013-4345, CVE-2013-4348, CVE-2013-4511, CVE-2013-4513, CVE-2013-4514, CVE-2013-4515, CVE-2013-4516, CVE-2013-6378, CVE-2013-6380, CVE-2013-6383, CVE-2013-6763, CVE-2013-7026
SHA-256 | 36e9f98726ff3916e206a9b84d5b8c8816cb7f08e016c1754ed8f67fe870c45d
Ubuntu Security Notice USN-2070-1
Posted Jan 3, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2070-1 - Vasily Kulikov reported a flaw in the Linux kernel's implementation of ptrace. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory. Dave Jones and Vince Weaver reported a flaw in the Linux kernel's per event subsystem that allows normal users to enable function tracing. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from the kernel. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-2929, CVE-2013-2930, CVE-2013-4345, CVE-2013-4348, CVE-2013-4511, CVE-2013-4513, CVE-2013-4514, CVE-2013-4515, CVE-2013-4516, CVE-2013-6378, CVE-2013-6380, CVE-2013-6383, CVE-2013-6763, CVE-2013-7026, CVE-2013-2929, CVE-2013-2930, CVE-2013-4345, CVE-2013-4348, CVE-2013-4511, CVE-2013-4513, CVE-2013-4514, CVE-2013-4515, CVE-2013-4516, CVE-2013-6378, CVE-2013-6380, CVE-2013-6383, CVE-2013-6763, CVE-2013-7026
SHA-256 | 1f5a40a0caee47f048366ec9a46fede7e05d0e0f8905e9ccb5b8744e93164d0e
Mandriva Linux Security Advisory 2013-291
Posted Dec 19, 2013
Site mandriva.com

Mandriva Linux Security Advisory 2013-291 - Multiple vulnerabilities has been found and corrected in the Linux kernel. The Linux kernel before 3.12.2 does not properly use the get_dumpable function, which allows local users to bypass intended ptrace restrictions or obtain sensitive information from IA64 scratch registers via a crafted application, related to kernel/ptrace.c and arch/ia64/include/asm/processor.h. The perf_trace_event_perm function in kernel/trace/trace_event_perf.c in the Linux kernel before 3.12.2 does not properly restrict access to the perf subsystem, which allows local users to enable function tracing via a crafted application. Multiple integer overflows in Alchemy LCD frame-buffer drivers in the Linux kernel before 3.12 allow local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted mmap operations, related to the au1100fb_fb_mmap function in drivers/video/au1100fb.c and the au1200fb_fb_mmap function in drivers/video/au1200fb.c. Various other issues have also been addressed.

advisories | CVE-2013-2929, CVE-2013-2930, CVE-2013-4511, CVE-2013-4512, CVE-2013-4514, CVE-2013-4515, CVE-2013-4592, CVE-2013-6378, CVE-2013-6380, CVE-2013-6381, CVE-2013-6383, CVE-2013-6763
SHA-256 | e4a9556722b4bee5720cc309bc992b81c4ac568a9f675f7f404694d9b54048e1
Mandriva Linux Security Advisory 2013-291
Posted Dec 19, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-291 - Multiple vulnerabilities has been found and corrected in the Linux kernel. The Linux kernel before 3.12.2 does not properly use the get_dumpable function, which allows local users to bypass intended ptrace restrictions or obtain sensitive information from IA64 scratch registers via a crafted application, related to kernel/ptrace.c and arch/ia64/include/asm/processor.h. The perf_trace_event_perm function in kernel/trace/trace_event_perf.c in the Linux kernel before 3.12.2 does not properly restrict access to the perf subsystem, which allows local users to enable function tracing via a crafted application. Various other issues have also been addressed.

tags | advisory, kernel, local, vulnerability
systems | linux, mandriva
advisories | CVE-2013-2929, CVE-2013-2930, CVE-2013-4511, CVE-2013-4512, CVE-2013-4514, CVE-2013-4515, CVE-2013-4592, CVE-2013-6378, CVE-2013-6380, CVE-2013-6381, CVE-2013-6383, CVE-2013-6763
SHA-256 | e4a9556722b4bee5720cc309bc992b81c4ac568a9f675f7f404694d9b54048e1
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    0 Files
  • 5
    Nov 5th
    0 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    0 Files
  • 8
    Nov 8th
    0 Files
  • 9
    Nov 9th
    0 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close