exploit the possibilities
Showing 1 - 15 of 15 RSS Feed

CVE-2014-2851

Status Candidate

Overview

Integer overflow in the ping_init_sock function in net/ipv4/ping.c in the Linux kernel through 3.14.1 allows local users to cause a denial of service (use-after-free and system crash) or possibly gain privileges via a crafted application that leverages an improperly managed reference counter.

Related Files

Red Hat Security Advisory 2014-1101-01
Posted Aug 27, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1101-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A use-after-free flaw was found in the way the ping_init_sock() function of the Linux kernel handled the group_info reference counter. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system. A NULL pointer dereference flaw was found in the rds_ib_laddr_check() function in the Linux kernel's implementation of Reliable Datagram Sockets. A local, unprivileged user could use this flaw to crash the system.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2013-7339, CVE-2014-2672, CVE-2014-2678, CVE-2014-2706, CVE-2014-2851
MD5 | d833b20ba0b8d3beffdd49cfb456405f
Red Hat Security Advisory 2014-0981-01
Posted Jul 29, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0981-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A use-after-free flaw was found in the way the ping_init_sock() function of the Linux kernel handled the group_info reference counter. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system. A NULL pointer dereference flaw was found in the way the futex_wait_requeue_pi() function of the Linux kernel's futex subsystem handled the requeuing of certain Priority Inheritance futexes. A local, unprivileged user could use this flaw to crash the system.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2012-6647, CVE-2013-7339, CVE-2014-2672, CVE-2014-2678, CVE-2014-2706, CVE-2014-2851, CVE-2014-3144, CVE-2014-3145
MD5 | 406d9d95aa0c6d16ab6277500d72283d
Ubuntu Security Notice USN-2260-1
Posted Jun 27, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2260-1 - A flaw was discovered in the Linux kernel's pseudo tty (pty) device. An unprivileged user could exploit this flaw to cause a denial of service (system crash) or potentially gain administrator privileges. Pinkie Pie discovered a flaw in the Linux kernel's futex subsystem. An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or gain administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2014-0077, CVE-2014-0196, CVE-2014-1737, CVE-2014-1738, CVE-2014-2568, CVE-2014-2851, CVE-2014-3122, CVE-2014-3153
MD5 | 8193a7a1ebc21413d662ea710632ba74
Red Hat Security Advisory 2014-0786-01
Posted Jun 25, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0786-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's futex subsystem handled the requeuing of certain Priority Inheritance futexes. A local, unprivileged user could use this flaw to escalate their privileges on the system. A use-after-free flaw was found in the way the ping_init_sock() function of the Linux kernel handled the group_info reference counter. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2014-0206, CVE-2014-1737, CVE-2014-1738, CVE-2014-2568, CVE-2014-2851, CVE-2014-3144, CVE-2014-3145, CVE-2014-3153
MD5 | ee05cedcfe8ec9fc83e2d832e1f5e231
Mandriva Linux Security Advisory 2014-124
Posted Jun 15, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-124 - Multiple vulnerabilities has been found and corrected in the Linux kernel. The updated packages provides a solution for these security issues.

tags | advisory, kernel, vulnerability
systems | linux, mandriva
advisories | CVE-2012-2137, CVE-2013-2897, CVE-2014-0069, CVE-2014-0077, CVE-2014-0101, CVE-2014-0196, CVE-2014-1737, CVE-2014-1738, CVE-2014-1874, CVE-2014-2039, CVE-2014-2309, CVE-2014-2523, CVE-2014-2672, CVE-2014-2678, CVE-2014-2706, CVE-2014-2851, CVE-2014-3144, CVE-2014-3145, CVE-2014-3153, CVE-2014-3917
MD5 | d4173e7b22628d26c1c257c521cb1593
Red Hat Security Advisory 2014-0557-01
Posted May 28, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0557-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A race condition leading to a use-after-free flaw was found in the way the Linux kernel's TCP/IP protocol suite implementation handled the addition of fragments to the LRU list under certain conditions. A remote attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system by sending a large amount of specially crafted fragmented packets to that system.

tags | advisory, remote, kernel, tcp, protocol
systems | linux, redhat
advisories | CVE-2014-0100, CVE-2014-0196, CVE-2014-1737, CVE-2014-1738, CVE-2014-2672, CVE-2014-2678, CVE-2014-2706, CVE-2014-2851, CVE-2014-3122
MD5 | 92ffb61f18bc3e90b948a3bb43daf85e
Ubuntu Security Notice USN-2227-1
Posted May 27, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2227-1 - A flaw was discovered in the Linux kernel's pseudo tty (pty) device. An unprivileged user could exploit this flaw to cause a denial of service (system crash) or potentially gain administrator privileges. Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-4483, CVE-2014-0069, CVE-2014-0077, CVE-2014-0101, CVE-2014-0196, CVE-2014-1737, CVE-2014-1738, CVE-2014-2309, CVE-2014-2523, CVE-2014-2672, CVE-2014-2678, CVE-2014-2706, CVE-2014-2851
MD5 | 60a61ce3b46f20c368154ead75b6bd25
Ubuntu Security Notice USN-2228-1
Posted May 27, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2228-1 - Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. Matthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2014-0055, CVE-2014-0077, CVE-2014-0100, CVE-2014-0101, CVE-2014-1737, CVE-2014-1738, CVE-2014-2309, CVE-2014-2523, CVE-2014-2672, CVE-2014-2673, CVE-2014-2678, CVE-2014-2706, CVE-2014-2851
MD5 | 8657fa7816fc8962d6d5b0f0dce9d49e
Ubuntu Security Notice USN-2225-1
Posted May 27, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2225-1 - Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. Matthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2014-0055, CVE-2014-0077, CVE-2014-0100, CVE-2014-0101, CVE-2014-1737, CVE-2014-1738, CVE-2014-2309, CVE-2014-2523, CVE-2014-2672, CVE-2014-2673, CVE-2014-2678, CVE-2014-2706, CVE-2014-2851
MD5 | 892849329aa71027a9eb418669961a59
Ubuntu Security Notice USN-2226-1
Posted May 27, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2226-1 - Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. Matthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2014-0077, CVE-2014-1737, CVE-2014-1738, CVE-2014-2851
MD5 | 4e33b640562a50ab03ae2d35e6344eab
Ubuntu Security Notice USN-2223-1
Posted May 27, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2223-1 - Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. Matthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-4483, CVE-2014-0055, CVE-2014-0077, CVE-2014-0101, CVE-2014-1737, CVE-2014-1738, CVE-2014-2309, CVE-2014-2523, CVE-2014-2672, CVE-2014-2678, CVE-2014-2706, CVE-2014-2851, CVE-2014-3122
MD5 | 926dd07c2dbe263e954629db8b007f24
Ubuntu Security Notice USN-2224-1
Posted May 27, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2224-1 - Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. Matthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2014-0055, CVE-2014-0077, CVE-2014-0101, CVE-2014-1737, CVE-2014-1738, CVE-2014-2309, CVE-2014-2523, CVE-2014-2672, CVE-2014-2678, CVE-2014-2706, CVE-2014-2851, CVE-2014-3122
MD5 | 154de874989b707dfdb795630e05dcef
Ubuntu Security Notice USN-2221-1
Posted May 27, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2221-1 - Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. Matthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-4483, CVE-2014-0069, CVE-2014-0077, CVE-2014-0101, CVE-2014-1737, CVE-2014-1738, CVE-2014-2309, CVE-2014-2523, CVE-2014-2672, CVE-2014-2678, CVE-2014-2706, CVE-2014-2851
MD5 | 06317741fa5c1817e5ca52b6e78a1131
Debian Security Advisory 2926-1
Posted May 12, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2926-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leaks or privilege escalation.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2014-0196, CVE-2014-1737, CVE-2014-1738, CVE-2014-2851, CVE-2014-3122
MD5 | 836873067313a312340f5083aaf5efb0
Linux group_info Denial Of Service
Posted Apr 18, 2014
Authored by Thomas Pollet

Linux group_info refcounter overflow memory corruption denial of service exploit.

tags | exploit, denial of service, overflow
systems | linux
advisories | CVE-2014-2851
MD5 | b25ac9259a1538d9590d50fb23556843
Page 1 of 1
Back1Next

File Archive:

July 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    34 Files
  • 2
    Jul 2nd
    15 Files
  • 3
    Jul 3rd
    9 Files
  • 4
    Jul 4th
    8 Files
  • 5
    Jul 5th
    2 Files
  • 6
    Jul 6th
    3 Files
  • 7
    Jul 7th
    1 Files
  • 8
    Jul 8th
    15 Files
  • 9
    Jul 9th
    15 Files
  • 10
    Jul 10th
    20 Files
  • 11
    Jul 11th
    17 Files
  • 12
    Jul 12th
    16 Files
  • 13
    Jul 13th
    2 Files
  • 14
    Jul 14th
    1 Files
  • 15
    Jul 15th
    20 Files
  • 16
    Jul 16th
    27 Files
  • 17
    Jul 17th
    7 Files
  • 18
    Jul 18th
    5 Files
  • 19
    Jul 19th
    12 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close