Mandriva Linux Security Advisory 2014-155 - Multiple vulnerabilities have been found and corrected in the Linux kernel. The updated packages provides a solution for these security issues.
6933b6a5b4497c29f0f7974ac259e33c762ddd57109d3af0dfff4e246b46004cRed Hat Security Advisory 2014-0949-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the Linux kernel's ptrace subsystem allowed a traced process' instruction pointer to be set to a non-canonical memory address without forcing the non-sysret code path when returning to user space. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system. Note: The CVE-2014-4699 issue only affected systems using an Intel CPU.
f9777ca1631aa2e4c1e414fb55781fb71e7081b5f670f58256119195823e51daRed Hat Security Advisory 2014-0925-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the Linux kernel's ptrace subsystem allowed a traced process' instruction pointer to be set to a non-canonical memory address without forcing the non-sysret code path when returning to user space. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system. Note: The CVE-2014-4699 issue only affected systems using an Intel CPU.
7a4b98cc6162c0bbcf1ed682d4479d010efef9351b16d2d8aaec4c5b5754f6b5Red Hat Security Advisory 2014-0923-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the Linux kernel's ptrace subsystem allowed a traced process' instruction pointer to be set to a non-canonical memory address without forcing the non-sysret code path when returning to user space. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system. Note: The CVE-2014-4699 issue only affected systems using an Intel CPU.
4d9fa3565ece76fb9ea52e62fb528ffab94970fb7731beb9d410ef7eee5e04f9Red Hat Security Advisory 2014-0924-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the Linux kernel's ptrace subsystem allowed a traced process' instruction pointer to be set to a non-canonical memory address without forcing the non-sysret code path when returning to user space. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system. Note: The CVE-2014-4699 issue only affected systems using an Intel CPU.
c438375570283d51bded0b1728d4f457f686151478e25dac149c079f49e029f5Red Hat Security Advisory 2014-0913-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's futex subsystem handled the requeuing of certain Priority Inheritance futexes. A local, unprivileged user could use this flaw to escalate their privileges on the system. It was found that the Linux kernel's ptrace subsystem allowed a traced process' instruction pointer to be set to a non-canonical memory address without forcing the non-sysret code path when returning to user space. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system.
c05d77b8bb0fb6653e702993e25b62f141d1901c64377ea8e2757ba943646f2bLinux Kernel ptrace/sysret local privilege escalation proof of concept exploit.
04e87b1d1e570f2581bc3083d954116e4b2fc926c256c35dc54b9c7aaff76c86Debian Linux Security Advisory 2972-1 - Andy Lutomirski discovered that the ptrace syscall was not verifying the RIP register to be valid in the ptrace API on x86_64 processors. An unprivileged user could use this flaw to crash the kernel (resulting in denial of service) or for privilege escalation.
abd13212bb911b20678d315d29c2d8d434dfae706531fe23b757f8e6a1abb52dUbuntu Security Notice 2274-1 - Andy Lutomirski discovered a flaw with the Linux kernel's ptrace syscall on x86_64 processors. An attacker could exploit this flaw to cause a denial of service (System Crash) or potential gain administrative privileges.
82281da049376f2b4579ebfff00e44cde4d9cb934d302f82e7d8df85220c0588Ubuntu Security Notice 2272-1 - Andy Lutomirski discovered a flaw with the Linux kernel's ptrace syscall on x86_64 processors. An attacker could exploit this flaw to cause a denial of service (System Crash) or potential gain administrative privileges.
44327dad1fdf47dc2cf7e9f604cb82153f4c4adf9d28e736005aee9f4224691aUbuntu Security Notice 2271-1 - Andy Lutomirski discovered a flaw with the Linux kernel's ptrace syscall on x86_64 processors. An attacker could exploit this flaw to cause a denial of service (System Crash) or potential gain administrative privileges.
391f400f2d6c88c3fd6a45ff28747b979c1947046f719cb6a2b82515e80a1fcfUbuntu Security Notice 2266-1 - Andy Lutomirski discovered a flaw with the Linux kernel's ptrace syscall on x86_64 processors. An attacker could exploit this flaw to cause a denial of service (System Crash) or potential gain administrative privileges.
142f502be70a5e886a0913def179f15a4abea7fe2f842568dc9e9b7c25ff73faUbuntu Security Notice 2270-1 - Andy Lutomirski discovered a flaw with the Linux kernel's ptrace syscall on x86_64 processors. An attacker could exploit this flaw to cause a denial of service (System Crash) or potential gain administrative privileges.
e11797f1e149c888fb650c5e724455b9f47bac4c006b0641edfba2d325e0e1edUbuntu Security Notice 2268-1 - Andy Lutomirski discovered a flaw with the Linux kernel's ptrace syscall on x86_64 processors. An attacker could exploit this flaw to cause a denial of service (System Crash) or potential gain administrative privileges.
379099c1152a566c490f83d2f4e3ae2a499d95a18f629ccc8f78ac6833da9c2bUbuntu Security Notice 2269-1 - Andy Lutomirski discovered a flaw with the Linux kernel's ptrace syscall on x86_64 processors. An attacker could exploit this flaw to cause a denial of service (System Crash) or potential gain administrative privileges.
79af0f736f1b7dbb0b23ef72d6c263ae918043f1cb2a93f5fe9f0638ed34a714Ubuntu Security Notice 2267-1 - Andy Lutomirski discovered a flaw with the Linux kernel's ptrace syscall on x86_64 processors. An attacker could exploit this flaw to cause a denial of service (System Crash) or potential gain administrative privileges.
6149333518dd2aba6c776e0737b5975de8e3fa4b08d862777c2779eb38bb3844
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed