exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

CVE-2015-0275

Status Candidate

Overview

The ext4_zero_range function in fs/ext4/extents.c in the Linux kernel before 4.1 allows local users to cause a denial of service (BUG) via a crafted fallocate zero-range request.

Related Files

Red Hat Security Advisory 2015-1788-01
Posted Sep 17, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1788-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the kernel's implementation of the Berkeley Packet Filter. A local attacker could craft BPF code to crash the system by creating a situation in which the JIT compiler would fail to correctly optimize the JIT image on the last pass. This would lead to the CPU executing instructions that were not part of the JIT code. Two flaws were found in the way the Linux kernel's networking implementation handled UDP packets with incorrect checksum values. A remote attacker could potentially use these flaws to trigger an infinite loop in the kernel, resulting in a denial of service on the system, or cause a denial of service in applications using the edge triggered epoll functionality.

tags | advisory, remote, denial of service, kernel, local, udp
systems | linux, redhat
advisories | CVE-2014-9585, CVE-2015-0275, CVE-2015-1333, CVE-2015-3212, CVE-2015-4700, CVE-2015-5364, CVE-2015-5366
SHA-256 | 25d0c7614c07675f849c3b6d3284745ade70ce6f99faadcd640f7598d955b66c
Red Hat Security Advisory 2015-1778-01
Posted Sep 17, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1778-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the kernel's implementation of the Berkeley Packet Filter. A local attacker could craft BPF code to crash the system by creating a situation in which the JIT compiler would fail to correctly optimize the JIT image on the last pass. This would lead to the CPU executing instructions that were not part of the JIT code. Two flaws were found in the way the Linux kernel's networking implementation handled UDP packets with incorrect checksum values. A remote attacker could potentially use these flaws to trigger an infinite loop in the kernel, resulting in a denial of service on the system, or cause a denial of service in applications using the edge triggered epoll functionality.

tags | advisory, remote, denial of service, kernel, local, udp
systems | linux, redhat
advisories | CVE-2014-9585, CVE-2015-0275, CVE-2015-1333, CVE-2015-3212, CVE-2015-4700, CVE-2015-5364, CVE-2015-5366
SHA-256 | 6931087e4966ef5af97d58d33a14d67431f59be2eca9c49d74bab95c4b9e66ae
Red Hat Security Advisory 2015-1787-01
Posted Sep 17, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1787-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. Two flaws were found in the way the Linux kernel's networking implementation handled UDP packets with incorrect checksum values. A remote attacker could potentially use these flaws to trigger an infinite loop in the kernel, resulting in a denial of service on the system, or cause a denial of service in applications using the edge triggered epoll functionality. A flaw was found in the way the Linux kernel's ext4 file system handled the "page size > block size" condition when the fallocate zero range functionality was used. A local attacker could use this flaw to crash the system.

tags | advisory, remote, denial of service, kernel, local, udp
systems | linux, redhat
advisories | CVE-2014-9585, CVE-2015-0275, CVE-2015-1333, CVE-2015-3212, CVE-2015-5364, CVE-2015-5366
SHA-256 | f0b5d577a1722a4499ab101e9890afb3978e9fdaacc73e56678021c7283bdb72
Ubuntu Security Notice USN-2638-1
Posted Jun 10, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2638-1 - Xiong Zhou discovered a bug in the way the EXT4 filesystem handles fallocate zero range functionality when the page size is greater than the block size. A local attacker could exploit this flaw to cause a denial of service (system crash). Wen Xu discovered a use-after-free flaw in the Linux kernel's ipv4 ping support. A local user could exploit this flaw to cause a denial of service (system crash) or gain administrative privileges on the system. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-0275, CVE-2015-3636, CVE-2015-4036
SHA-256 | 6942662bbc2cf4e39a28196fa2be2e88a0c52615e70e44cc00752fd789290733
Ubuntu Security Notice USN-2637-1
Posted Jun 10, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2637-1 - Xiong Zhou discovered a bug in the way the EXT4 filesystem handles fallocate zero range functionality when the page size is greater than the block size. A local attacker could exploit this flaw to cause a denial of service (system crash). Wen Xu discovered a use-after-free flaw in the Linux kernel's ipv4 ping support. A local user could exploit this flaw to cause a denial of service (system crash) or gain administrative privileges on the system. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-0275, CVE-2015-3636
SHA-256 | 4e1e1f887e80da6543fabb8678249142a514c1579b76e665fb11950144e98f67
Ubuntu Security Notice USN-2635-1
Posted Jun 10, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2635-1 - Xiong Zhou discovered a bug in the way the EXT4 filesystem handles fallocate zero range functionality when the page size is greater than the block size. A local attacker could exploit this flaw to cause a denial of service (system crash). Wen Xu discovered a use-after-free flaw in the Linux kernel's ipv4 ping support. A local user could exploit this flaw to cause a denial of service (system crash) or gain administrative privileges on the system. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-0275, CVE-2015-3636
SHA-256 | 8eb3f8978ff14d623d6e1288082230f137fbcf13c00e7e4162587e2623df9b8f
Ubuntu Security Notice USN-2636-1
Posted Jun 10, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2636-1 - Xiong Zhou discovered a bug in the way the EXT4 filesystem handles fallocate zero range functionality when the page size is greater than the block size. A local attacker could exploit this flaw to cause a denial of service (system crash). Wen Xu discovered a use-after-free flaw in the Linux kernel's ipv4 ping support. A local user could exploit this flaw to cause a denial of service (system crash) or gain administrative privileges on the system. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-0275, CVE-2015-3636, CVE-2015-4036
SHA-256 | 3be06843caf5c63588549fe3a96b94810645e9d0efc26779131f51e2c0c64f64
Page 1 of 1
Back1Next

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close