exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 13 of 13 RSS Feed

CVE-2013-7266

Status Candidate

Overview

The mISDN_sock_recvmsg function in drivers/isdn/mISDN/socket.c in the Linux kernel before 3.12.4 does not ensure that a certain length value is consistent with the size of an associated data structure, which allows local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.

Related Files

Ubuntu Security Notice USN-2139-1
Posted Mar 7, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2139-1 - Mathy Vanhoef discovered an error in the the way the ath9k driver was handling the BSSID masking. A remote attacker could exploit this error to discover the original MAC address after a spoofing attack. Andrew Honig reported a flaw in the Linux Kernel's kvm_vm_ioctl_create_vcpu function of the Kernel Virtual Machine (KVM) subsystem. A local user could exploit this flaw to gain privileges on the host machine. Andrew Honig reported a flaw in the apic_get_tmcct function of the Kernel Virtual Machine (KVM) subsystem if the Linux kernel. A guest OS user could exploit this flaw to cause a denial of service or host OS system crash. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local, spoof
systems | linux, ubuntu
advisories | CVE-2013-4579, CVE-2013-4587, CVE-2013-6367, CVE-2013-6368, CVE-2013-6382, CVE-2013-7263, CVE-2013-7264, CVE-2013-7265, CVE-2013-7266, CVE-2013-7267, CVE-2013-7268, CVE-2013-7269, CVE-2013-7270, CVE-2013-7271, CVE-2013-7281, CVE-2014-1438, CVE-2014-1446, CVE-2014-1874, CVE-2013-4579, CVE-2013-4587, CVE-2013-6367, CVE-2013-6368, CVE-2013-6382, CVE-2013-7263, CVE-2013-7264, CVE-2013-7265, CVE-2013-7266, CVE-2013-7267
SHA-256 | 20e4ad37ba3579154d082431d1ffc412dd404e4eb68894bd89f0293944cf258e
Ubuntu Security Notice USN-2138-1
Posted Mar 7, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2138-1 - Mathy Vanhoef discovered an error in the the way the ath9k driver was handling the BSSID masking. A remote attacker could exploit this error to discover the original MAC address after a spoofing attack. Andrew Honig reported a flaw in the Linux Kernel's kvm_vm_ioctl_create_vcpu function of the Kernel Virtual Machine (KVM) subsystem. A local user could exploit this flaw to gain privileges on the host machine. Andrew Honig reported a flaw in the apic_get_tmcct function of the Kernel Virtual Machine (KVM) subsystem if the Linux kernel. A guest OS user could exploit this flaw to cause a denial of service or host OS system crash. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local, spoof
systems | linux, ubuntu
advisories | CVE-2013-4579, CVE-2013-4587, CVE-2013-6367, CVE-2013-6368, CVE-2013-6382, CVE-2013-7263, CVE-2013-7264, CVE-2013-7265, CVE-2013-7266, CVE-2013-7267, CVE-2013-7268, CVE-2013-7269, CVE-2013-7270, CVE-2013-7271, CVE-2013-7281, CVE-2014-1438, CVE-2014-1446, CVE-2014-1874, CVE-2013-4579, CVE-2013-4587, CVE-2013-6367, CVE-2013-6368, CVE-2013-6382, CVE-2013-7263, CVE-2013-7264, CVE-2013-7265, CVE-2013-7266, CVE-2013-7267
SHA-256 | 91680cbbf5fdef2f8e07e5eabb29b6df8d014cbc0dc9ff61a243b2814aed15ba
Ubuntu Security Notice USN-2135-1
Posted Mar 7, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2135-1 - Mathy Vanhoef discovered an error in the the way the ath9k driver was handling the BSSID masking. A remote attacker could exploit this error to discover the original MAC address after a spoofing attack. Andrew Honig reported a flaw in the Linux Kernel's kvm_vm_ioctl_create_vcpu function of the Kernel Virtual Machine (KVM) subsystem. A local user could exploit this flaw to gain privileges on the host machine. Andrew Honig reported a flaw in the apic_get_tmcct function of the Kernel Virtual Machine (KVM) subsystem if the Linux kernel. A guest OS user could exploit this flaw to cause a denial of service or host OS system crash. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local, spoof
systems | linux, ubuntu
advisories | CVE-2013-4579, CVE-2013-4587, CVE-2013-6367, CVE-2013-6368, CVE-2013-6382, CVE-2013-7263, CVE-2013-7264, CVE-2013-7265, CVE-2013-7266, CVE-2013-7267, CVE-2013-7268, CVE-2013-7269, CVE-2013-7270, CVE-2013-7271, CVE-2013-7281, CVE-2014-1438, CVE-2014-1446, CVE-2014-1874, CVE-2013-4579, CVE-2013-4587, CVE-2013-6367, CVE-2013-6368, CVE-2013-6382, CVE-2013-7263, CVE-2013-7264, CVE-2013-7265, CVE-2013-7266, CVE-2013-7267
SHA-256 | 15f68ffbf56d0fd2be399e88e649a6de0dea4b63d397095fc8962cd729c5dca8
Ubuntu Security Notice USN-2136-1
Posted Mar 7, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2136-1 - Mathy Vanhoef discovered an error in the the way the ath9k driver was handling the BSSID masking. A remote attacker could exploit this error to discover the original MAC address after a spoofing attack. Andrew Honig reported a flaw in the Linux Kernel's kvm_vm_ioctl_create_vcpu function of the Kernel Virtual Machine (KVM) subsystem. A local user could exploit this flaw to gain privileges on the host machine. Andrew Honig reported a flaw in the apic_get_tmcct function of the Kernel Virtual Machine (KVM) subsystem if the Linux kernel. A guest OS user could exploit this flaw to cause a denial of service or host OS system crash. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local, spoof
systems | linux, ubuntu
advisories | CVE-2013-4579, CVE-2013-4587, CVE-2013-6367, CVE-2013-6368, CVE-2013-6376, CVE-2013-6380, CVE-2013-7263, CVE-2013-7264, CVE-2013-7265, CVE-2013-7266, CVE-2013-7267, CVE-2013-7268, CVE-2013-7269, CVE-2013-7270, CVE-2013-7271, CVE-2013-7281, CVE-2014-1438, CVE-2014-1446, CVE-2014-1874, CVE-2013-4579, CVE-2013-4587, CVE-2013-6367, CVE-2013-6368, CVE-2013-6376, CVE-2013-6380, CVE-2013-7263, CVE-2013-7264, CVE-2013-7265
SHA-256 | 537583a7f5fadb8ab459bd50b9fe322fbd3646055990d05a9976624652e123ec
Ubuntu Security Notice USN-2141-1
Posted Mar 7, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2141-1 - Mathy Vanhoef discovered an error in the the way the ath9k driver was handling the BSSID masking. A remote attacker could exploit this error to discover the original MAC address after a spoofing attack. Andrew Honig reported a flaw in the Linux Kernel's kvm_vm_ioctl_create_vcpu function of the Kernel Virtual Machine (KVM) subsystem. A local user could exploit this flaw to gain privileges on the host machine. Andrew Honig reported a flaw in the apic_get_tmcct function of the Kernel Virtual Machine (KVM) subsystem if the Linux kernel. A guest OS user could exploit this flaw to cause a denial of service or host OS system crash. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local, spoof
systems | linux, ubuntu
advisories | CVE-2013-4579, CVE-2013-4587, CVE-2013-6367, CVE-2013-6368, CVE-2013-6382, CVE-2013-7263, CVE-2013-7264, CVE-2013-7265, CVE-2013-7266, CVE-2013-7267, CVE-2013-7268, CVE-2013-7269, CVE-2013-7270, CVE-2013-7271, CVE-2013-7281, CVE-2014-1438, CVE-2014-1446, CVE-2014-1874, CVE-2013-4579, CVE-2013-4587, CVE-2013-6367, CVE-2013-6368, CVE-2013-6382, CVE-2013-7263, CVE-2013-7264, CVE-2013-7265, CVE-2013-7266, CVE-2013-7267
SHA-256 | 584bfbf9f9d2b522c1853ffa0d762221a3db105ad3b3f2a5b5ba98563a86f4bd
Ubuntu Security Notice USN-2129-1
Posted Mar 6, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2129-1 - An information leak was discovered in the Linux kernel when inotify is used to monitor the /dev/ptmx device. A local user could exploit this flaw to discover keystroke timing and potentially discover sensitive information like password length. Vasily Kulikov reported a flaw in the Linux kernel's implementation of ptrace. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-0160, CVE-2013-2929, CVE-2013-4587, CVE-2013-6367, CVE-2013-6380, CVE-2013-6382, CVE-2013-7027, CVE-2013-7266, CVE-2013-7267, CVE-2013-7268, CVE-2013-7269, CVE-2013-7270, CVE-2013-7271, CVE-2014-1444, CVE-2014-1445, CVE-2014-1446, CVE-2014-1874, CVE-2013-0160, CVE-2013-2929, CVE-2013-4587, CVE-2013-6367, CVE-2013-6380, CVE-2013-6382, CVE-2013-7027, CVE-2013-7266, CVE-2013-7267, CVE-2013-7268, CVE-2013-7269
SHA-256 | 26def1da51e3753541184bde4fad779091149899914c8225f8d51c895c375721
Ubuntu Security Notice USN-2128-1
Posted Mar 6, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2128-1 - An information leak was discovered in the Linux kernel when inotify is used to monitor the /dev/ptmx device. A local user could exploit this flaw to discover keystroke timing and potentially discover sensitive information like password length. Vasily Kulikov reported a flaw in the Linux kernel's implementation of ptrace. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-0160, CVE-2013-2929, CVE-2013-4587, CVE-2013-6367, CVE-2013-6380, CVE-2013-6382, CVE-2013-7027, CVE-2013-7266, CVE-2013-7267, CVE-2013-7268, CVE-2013-7269, CVE-2013-7270, CVE-2013-7271, CVE-2014-1444, CVE-2014-1445, CVE-2014-1446, CVE-2014-1874, CVE-2013-0160, CVE-2013-2929, CVE-2013-4587, CVE-2013-6367, CVE-2013-6380, CVE-2013-6382, CVE-2013-7027, CVE-2013-7266, CVE-2013-7267, CVE-2013-7268, CVE-2013-7269
SHA-256 | f93775724c74d2ee6adb72b9dce313cb6dc890d079d7d6ebdb872b101263d582
Ubuntu Security Notice USN-2113-1
Posted Feb 19, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2113-1 - Saran Neti reported a flaw in the ipv6 UDP Fragmentation Offload (UFI) in the Linux kernel. A remote attacker could exploit this flaw to cause a denial of service (panic). Mathy Vanhoef discovered an error in the the way the ath9k driver was handling the BSSID masking. A remote attacker could exploit this error to discover the original MAC address after a spoofing attack. Andrew Honig reported a flaw in the Linux Kernel's kvm_vm_ioctl_create_vcpu function of the Kernel Virtual Machine (KVM) subsystem. A local user could exploit this flaw to gain privileges on the host machine. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local, udp, spoof
systems | linux, ubuntu
advisories | CVE-2013-4563, CVE-2013-4579, CVE-2013-4587, CVE-2013-6367, CVE-2013-6368, CVE-2013-6376, CVE-2013-6382, CVE-2013-6432, CVE-2013-7263, CVE-2013-7264, CVE-2013-7265, CVE-2013-7266, CVE-2013-7267, CVE-2013-7268, CVE-2013-7269, CVE-2013-7270, CVE-2013-7271, CVE-2013-7281, CVE-2014-1438, CVE-2014-1446, CVE-2013-4563, CVE-2013-4579, CVE-2013-4587, CVE-2013-6367, CVE-2013-6368, CVE-2013-6376, CVE-2013-6382, CVE-2013-6432
SHA-256 | b4b98d6e24984870cfe76d2ee9c3764dde0cfada14d2de91292681590d95ce1e
Ubuntu Security Notice USN-2113-1
Posted Feb 19, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2113-1 - Saran Neti reported a flaw in the ipv6 UDP Fragmentation Offload (UFI) in the Linux kernel. A remote attacker could exploit this flaw to cause a denial of service (panic). Mathy Vanhoef discovered an error in the the way the ath9k driver was handling the BSSID masking. A remote attacker could exploit this error to discover the original MAC address after a spoofing attack. Andrew Honig reported a flaw in the Linux Kernel's kvm_vm_ioctl_create_vcpu function of the Kernel Virtual Machine (KVM) subsystem. A local user could exploit this flaw to gain privileges on the host machine. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local, udp, spoof
systems | linux, ubuntu
advisories | CVE-2013-4563, CVE-2013-4579, CVE-2013-4587, CVE-2013-6367, CVE-2013-6368, CVE-2013-6376, CVE-2013-6382, CVE-2013-6432, CVE-2013-7263, CVE-2013-7264, CVE-2013-7265, CVE-2013-7266, CVE-2013-7267, CVE-2013-7268, CVE-2013-7269, CVE-2013-7270, CVE-2013-7271, CVE-2013-7281, CVE-2014-1438, CVE-2014-1446, CVE-2013-4563, CVE-2013-4579, CVE-2013-4587, CVE-2013-6367, CVE-2013-6368, CVE-2013-6376, CVE-2013-6382, CVE-2013-6432
SHA-256 | b4b98d6e24984870cfe76d2ee9c3764dde0cfada14d2de91292681590d95ce1e
Ubuntu Security Notice USN-2117-1
Posted Feb 19, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2117-1 - Saran Neti reported a flaw in the ipv6 UDP Fragmentation Offload (UFI) in the Linux kernel. A remote attacker could exploit this flaw to cause a denial of service (panic). Mathy Vanhoef discovered an error in the the way the ath9k driver was handling the BSSID masking. A remote attacker could exploit this error to discover the original MAC address after a spoofing attack. Andrew Honig reported a flaw in the Linux Kernel's kvm_vm_ioctl_create_vcpu function of the Kernel Virtual Machine (KVM) subsystem. A local user could exploit this flaw to gain privileges on the host machine. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local, udp, spoof
systems | linux, ubuntu
advisories | CVE-2013-4563, CVE-2013-4579, CVE-2013-4587, CVE-2013-6367, CVE-2013-6368, CVE-2013-6376, CVE-2013-6382, CVE-2013-6432, CVE-2013-7263, CVE-2013-7264, CVE-2013-7265, CVE-2013-7266, CVE-2013-7267, CVE-2013-7268, CVE-2013-7269, CVE-2013-7270, CVE-2013-7271, CVE-2013-7281, CVE-2014-1438, CVE-2014-1446, CVE-2013-4563, CVE-2013-4579, CVE-2013-4587, CVE-2013-6367, CVE-2013-6368, CVE-2013-6376, CVE-2013-6382, CVE-2013-6432
SHA-256 | 988c359c9d2af2f86d73d91b71720fa19adc7f621c4b9b65867f1729c58bb05c
Ubuntu Security Notice USN-2110-1
Posted Feb 19, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2110-1 - Vasily Kulikov reported a flaw in the Linux kernel's implementation of ptrace. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory. Stephan Mueller reported an error in the Linux kernel's ansi cprng random number generator. This flaw makes it easier for a local attacker to break cryptographic protections. Andrew Honig reported a flaw in the Linux Kernel's kvm_vm_ioctl_create_vcpu function of the Kernel Virtual Machine (KVM) subsystem. A local user could exploit this flaw to gain privileges on the host machine. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-2929, CVE-2013-4345, CVE-2013-4587, CVE-2013-6367, CVE-2013-6380, CVE-2013-6382, CVE-2013-7263, CVE-2013-7264, CVE-2013-7265, CVE-2013-7266, CVE-2013-7267, CVE-2013-7268, CVE-2013-7269, CVE-2013-7270, CVE-2013-7271, CVE-2013-7281, CVE-2013-2929, CVE-2013-4345, CVE-2013-4587, CVE-2013-6367, CVE-2013-6380, CVE-2013-6382, CVE-2013-7263, CVE-2013-7264, CVE-2013-7265, CVE-2013-7266, CVE-2013-7267, CVE-2013-7268
SHA-256 | f5d5f017a1f978753da8eaddad5530e205560b414e1034f60631ed87c66c73ff
Ubuntu Security Notice USN-2109-1
Posted Feb 19, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2109-1 - Vasily Kulikov reported a flaw in the Linux kernel's implementation of ptrace. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory. Stephan Mueller reported an error in the Linux kernel's ansi cprng random number generator. This flaw makes it easier for a local attacker to break cryptographic protections. Andrew Honig reported a flaw in the Linux Kernel's kvm_vm_ioctl_create_vcpu function of the Kernel Virtual Machine (KVM) subsystem. A local user could exploit this flaw to gain privileges on the host machine. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-2929, CVE-2013-4345, CVE-2013-4587, CVE-2013-6367, CVE-2013-6380, CVE-2013-6382, CVE-2013-7263, CVE-2013-7264, CVE-2013-7265, CVE-2013-7266, CVE-2013-7267, CVE-2013-7268, CVE-2013-7269, CVE-2013-7270, CVE-2013-7271, CVE-2013-7281, CVE-2013-2929, CVE-2013-4345, CVE-2013-4587, CVE-2013-6367, CVE-2013-6380, CVE-2013-6382, CVE-2013-7263, CVE-2013-7264, CVE-2013-7265, CVE-2013-7266, CVE-2013-7267, CVE-2013-7268
SHA-256 | f9a9229f276d5732e342ff0e1d0acf9d5b773dd92e400f9e84538701ee334b3a
Mandriva Linux Security Advisory 2014-001
Posted Jan 13, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-001 - Multiple vulnerabilities has been found and corrected in the Linux kernel. The KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges or cause a denial of service via a VAPIC synchronization operation involving a page-end address. The apic_get_tmcct function in arch/x86/kvm/lapic.c in the KVM subsystem in the Linux kernel through 3.12.5 allows guest OS users to cause a denial of service via crafted modifications of the TMICT value. Multiple buffer underflows in the XFS implementation in the Linux kernel through 3.12.1 allow local users to cause a denial of service or possibly have unspecified other impact by leveraging the CAP_SYS_ADMIN capability for a XFS_IOC_ATTRLIST_BY_HANDLE or XFS_IOC_ATTRLIST_BY_HANDLE_32 ioctl call with a crafted length value, related to the xfs_attrlist_by_handle function in fs/xfs/xfs_ioctl.c and the xfs_compat_attrlist_by_handle function in fs/xfs/xfs_ioctl32.c. Various other issues have also been addressed.

tags | advisory, denial of service, x86, kernel, local, vulnerability
systems | linux, mandriva
advisories | CVE-2013-6368, CVE-2013-6367, CVE-2013-6382, CVE-2013-4587, CVE-2013-7266, CVE-2013-7267, CVE-2013-7268, CVE-2013-7269, CVE-2013-7270, CVE-2013-7271, CVE-2013-7263, CVE-2013-7264, CVE-2013-7265, CVE-2013-7281
SHA-256 | 6b69bde0893ff767d6c4a031c3974e5299f98484da5c93e76dddaff606637041
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close