accept no compromises
Showing 1 - 11 of 11 RSS Feed

CVE-2014-2672

Status Candidate

Overview

Race condition in the ath_tx_aggr_sleep function in drivers/net/wireless/ath/ath9k/xmit.c in the Linux kernel before 3.13.7 allows remote attackers to cause a denial of service (system crash) via a large amount of network traffic that triggers certain list deletions.

Related Files

Red Hat Security Advisory 2014-1101-01
Posted Aug 27, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1101-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A use-after-free flaw was found in the way the ping_init_sock() function of the Linux kernel handled the group_info reference counter. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system. A NULL pointer dereference flaw was found in the rds_ib_laddr_check() function in the Linux kernel's implementation of Reliable Datagram Sockets. A local, unprivileged user could use this flaw to crash the system.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2013-7339, CVE-2014-2672, CVE-2014-2678, CVE-2014-2706, CVE-2014-2851
MD5 | d833b20ba0b8d3beffdd49cfb456405f
Red Hat Security Advisory 2014-1023-01
Posted Aug 7, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1023-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that Linux kernel's ptrace subsystem did not properly sanitize the address-space-control bits when the program-status word was being set. On IBM S/390 systems, a local, unprivileged user could use this flaw to set address-space-control bits to the kernel space, and thus gain read and write access to kernel memory. It was found that the permission checks performed by the Linux kernel when a netlink message was received were not sufficient. A local, unprivileged user could potentially bypass these restrictions by passing a netlink socket as stdout or stderr to a more privileged process and altering the output of this process.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2014-0181, CVE-2014-2672, CVE-2014-2673, CVE-2014-2706, CVE-2014-3534, CVE-2014-4667
MD5 | 01e969fd67244835fe47c8a369a50f50
Red Hat Security Advisory 2014-0981-01
Posted Jul 29, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0981-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A use-after-free flaw was found in the way the ping_init_sock() function of the Linux kernel handled the group_info reference counter. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system. A NULL pointer dereference flaw was found in the way the futex_wait_requeue_pi() function of the Linux kernel's futex subsystem handled the requeuing of certain Priority Inheritance futexes. A local, unprivileged user could use this flaw to crash the system.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2012-6647, CVE-2013-7339, CVE-2014-2672, CVE-2014-2678, CVE-2014-2706, CVE-2014-2851, CVE-2014-3144, CVE-2014-3145
MD5 | 406d9d95aa0c6d16ab6277500d72283d
Mandriva Linux Security Advisory 2014-124
Posted Jun 15, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-124 - Multiple vulnerabilities has been found and corrected in the Linux kernel. The updated packages provides a solution for these security issues.

tags | advisory, kernel, vulnerability
systems | linux, mandriva
advisories | CVE-2012-2137, CVE-2013-2897, CVE-2014-0069, CVE-2014-0077, CVE-2014-0101, CVE-2014-0196, CVE-2014-1737, CVE-2014-1738, CVE-2014-1874, CVE-2014-2039, CVE-2014-2309, CVE-2014-2523, CVE-2014-2672, CVE-2014-2678, CVE-2014-2706, CVE-2014-2851, CVE-2014-3144, CVE-2014-3145, CVE-2014-3153, CVE-2014-3917
MD5 | d4173e7b22628d26c1c257c521cb1593
Red Hat Security Advisory 2014-0557-01
Posted May 28, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0557-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A race condition leading to a use-after-free flaw was found in the way the Linux kernel's TCP/IP protocol suite implementation handled the addition of fragments to the LRU list under certain conditions. A remote attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system by sending a large amount of specially crafted fragmented packets to that system.

tags | advisory, remote, kernel, tcp, protocol
systems | linux, redhat
advisories | CVE-2014-0100, CVE-2014-0196, CVE-2014-1737, CVE-2014-1738, CVE-2014-2672, CVE-2014-2678, CVE-2014-2706, CVE-2014-2851, CVE-2014-3122
MD5 | 92ffb61f18bc3e90b948a3bb43daf85e
Ubuntu Security Notice USN-2227-1
Posted May 27, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2227-1 - A flaw was discovered in the Linux kernel's pseudo tty (pty) device. An unprivileged user could exploit this flaw to cause a denial of service (system crash) or potentially gain administrator privileges. Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-4483, CVE-2014-0069, CVE-2014-0077, CVE-2014-0101, CVE-2014-0196, CVE-2014-1737, CVE-2014-1738, CVE-2014-2309, CVE-2014-2523, CVE-2014-2672, CVE-2014-2678, CVE-2014-2706, CVE-2014-2851
MD5 | 60a61ce3b46f20c368154ead75b6bd25
Ubuntu Security Notice USN-2228-1
Posted May 27, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2228-1 - Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. Matthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2014-0055, CVE-2014-0077, CVE-2014-0100, CVE-2014-0101, CVE-2014-1737, CVE-2014-1738, CVE-2014-2309, CVE-2014-2523, CVE-2014-2672, CVE-2014-2673, CVE-2014-2678, CVE-2014-2706, CVE-2014-2851
MD5 | 8657fa7816fc8962d6d5b0f0dce9d49e
Ubuntu Security Notice USN-2225-1
Posted May 27, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2225-1 - Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. Matthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2014-0055, CVE-2014-0077, CVE-2014-0100, CVE-2014-0101, CVE-2014-1737, CVE-2014-1738, CVE-2014-2309, CVE-2014-2523, CVE-2014-2672, CVE-2014-2673, CVE-2014-2678, CVE-2014-2706, CVE-2014-2851
MD5 | 892849329aa71027a9eb418669961a59
Ubuntu Security Notice USN-2223-1
Posted May 27, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2223-1 - Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. Matthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-4483, CVE-2014-0055, CVE-2014-0077, CVE-2014-0101, CVE-2014-1737, CVE-2014-1738, CVE-2014-2309, CVE-2014-2523, CVE-2014-2672, CVE-2014-2678, CVE-2014-2706, CVE-2014-2851, CVE-2014-3122
MD5 | 926dd07c2dbe263e954629db8b007f24
Ubuntu Security Notice USN-2224-1
Posted May 27, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2224-1 - Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. Matthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2014-0055, CVE-2014-0077, CVE-2014-0101, CVE-2014-1737, CVE-2014-1738, CVE-2014-2309, CVE-2014-2523, CVE-2014-2672, CVE-2014-2678, CVE-2014-2706, CVE-2014-2851, CVE-2014-3122
MD5 | 154de874989b707dfdb795630e05dcef
Ubuntu Security Notice USN-2221-1
Posted May 27, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2221-1 - Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. Matthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-4483, CVE-2014-0069, CVE-2014-0077, CVE-2014-0101, CVE-2014-1737, CVE-2014-1738, CVE-2014-2309, CVE-2014-2523, CVE-2014-2672, CVE-2014-2678, CVE-2014-2706, CVE-2014-2851
MD5 | 06317741fa5c1817e5ca52b6e78a1131
Page 1 of 1
Back1Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    9 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close