what you don't know can hurt you
Showing 1 - 8 of 8 RSS Feed

CVE-2014-9900

Status Candidate

Overview

The ethtool_get_wol function in net/core/ethtool.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not initialize a certain data structure, which allows local users to obtain sensitive information via a crafted application, aka Android internal bug 28803952 and Qualcomm internal bug CR570754.

Related Files

Ubuntu Security Notice USN-3371-1
Posted Jul 28, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3371-1 - It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive information. Alexander Potapenko discovered a race condition in the Advanced Linux Sound Architecture subsystem in the Linux kernel. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2014-9900, CVE-2017-1000380, CVE-2017-7346, CVE-2017-9605
MD5 | 5391562066bac61b8e2c8c8b2110eced
Ubuntu Security Notice USN-3364-3
Posted Jul 26, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3364-3 - It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive information. It was discovered that the Linux kernel did not properly restrict access to /proc/iomem. A local attacker could use this to expose sensitive information. Alexander Potapenko discovered a race condition in the Advanced Linux Sound Architecture subsystem in the Linux kernel. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2014-9900, CVE-2015-8944, CVE-2017-1000380, CVE-2017-7346, CVE-2017-9150, CVE-2017-9605
MD5 | 6d424501523a4eae735e5215177c70f3
Ubuntu Security Notice USN-3364-2
Posted Jul 24, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3364-2 - USN-3364-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2014-9900, CVE-2015-8944, CVE-2017-1000380, CVE-2017-7346, CVE-2017-9150, CVE-2017-9605
MD5 | 8cc7102ebe0dfa9c4cdc3ad1e61b6e7d
Ubuntu Security Notice USN-3364-1
Posted Jul 24, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3364-1 - It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive information. It was discovered that the Linux kernel did not properly restrict access to /proc/iomem. A local attacker could use this to expose sensitive information. Alexander Potapenko discovered a race condition in the Advanced Linux Sound Architecture subsystem in the Linux kernel. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2014-9900, CVE-2015-8944, CVE-2017-1000380, CVE-2017-7346, CVE-2017-9150, CVE-2017-9605
MD5 | 9b8186309d84493ebc44898641dc9bf4
Ubuntu Security Notice USN-3360-1
Posted Jul 21, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3360-1 - It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive information. It was discovered that the Linux kernel did not properly restrict access to /proc/iomem. A local attacker could use this to expose sensitive information. It was discovered that a use-after-free vulnerability existed in the performance events and counters subsystem of the Linux kernel for ARM64. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2014-9900, CVE-2015-8944, CVE-2015-8955, CVE-2015-8962, CVE-2015-8963, CVE-2015-8964, CVE-2015-8966, CVE-2015-8967, CVE-2016-10088, CVE-2017-1000380, CVE-2017-7346, CVE-2017-7895, CVE-2017-8924, CVE-2017-8925, CVE-2017-9605
MD5 | 4b837ac472f4020e28f8436305442660
Ubuntu Security Notice USN-3360-2
Posted Jul 21, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3360-2 - USN-3360-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2014-9900, CVE-2015-8944, CVE-2015-8955, CVE-2015-8962, CVE-2015-8963, CVE-2015-8964, CVE-2015-8966, CVE-2015-8967, CVE-2016-10088, CVE-2017-1000380, CVE-2017-7346, CVE-2017-7895, CVE-2017-8924, CVE-2017-8925, CVE-2017-9074, CVE-2017-9605
MD5 | a52c36d22ff0b5f4c7d35c0b403f353c
Ubuntu Security Notice USN-3359-1
Posted Jul 20, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3359-1 - It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive information. Dmitry Vyukov, Andrey Konovalov, Florian Westphal, and Eric Dumazet discovered that the netfiler subsystem in the Linux kernel mishandled IPv6 packet reassembly. A local user could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2014-9900, CVE-2016-9755, CVE-2017-1000380, CVE-2017-5551, CVE-2017-5576, CVE-2017-7346, CVE-2017-7895, CVE-2017-8924, CVE-2017-8925, CVE-2017-9150, CVE-2017-9605
MD5 | ac5a8bf8e487737dba8522c164aac232
Ubuntu Security Notice USN-3358-1
Posted Jul 20, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3358-1 - It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive information. Alexander Potapenko discovered a race condition in the Advanced Linux Sound Architecture subsystem in the Linux kernel. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2014-9900, CVE-2017-1000380, CVE-2017-7346, CVE-2017-9605
MD5 | e382e603da4aed5892b8ad16c64fa4a4
Page 1 of 1
Back1Next

File Archive:

September 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    1 Files
  • 2
    Sep 2nd
    38 Files
  • 3
    Sep 3rd
    30 Files
  • 4
    Sep 4th
    15 Files
  • 5
    Sep 5th
    12 Files
  • 6
    Sep 6th
    17 Files
  • 7
    Sep 7th
    3 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    24 Files
  • 10
    Sep 10th
    22 Files
  • 11
    Sep 11th
    22 Files
  • 12
    Sep 12th
    15 Files
  • 13
    Sep 13th
    5 Files
  • 14
    Sep 14th
    2 Files
  • 15
    Sep 15th
    1 Files
  • 16
    Sep 16th
    11 Files
  • 17
    Sep 17th
    16 Files
  • 18
    Sep 18th
    8 Files
  • 19
    Sep 19th
    14 Files
  • 20
    Sep 20th
    20 Files
  • 21
    Sep 21st
    3 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close