what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 9 of 9 RSS Feed

CVE-2015-1333

Status Candidate

Overview

Memory leak in the __key_link_end function in security/keys/keyring.c in the Linux kernel before 4.1.4 allows local users to cause a denial of service (memory consumption) via many add_key system calls that refer to existing keys.

Related Files

Red Hat Security Advisory 2015-1788-01
Posted Sep 17, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1788-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the kernel's implementation of the Berkeley Packet Filter. A local attacker could craft BPF code to crash the system by creating a situation in which the JIT compiler would fail to correctly optimize the JIT image on the last pass. This would lead to the CPU executing instructions that were not part of the JIT code. Two flaws were found in the way the Linux kernel's networking implementation handled UDP packets with incorrect checksum values. A remote attacker could potentially use these flaws to trigger an infinite loop in the kernel, resulting in a denial of service on the system, or cause a denial of service in applications using the edge triggered epoll functionality.

tags | advisory, remote, denial of service, kernel, local, udp
systems | linux, redhat
advisories | CVE-2014-9585, CVE-2015-0275, CVE-2015-1333, CVE-2015-3212, CVE-2015-4700, CVE-2015-5364, CVE-2015-5366
SHA-256 | 25d0c7614c07675f849c3b6d3284745ade70ce6f99faadcd640f7598d955b66c
Red Hat Security Advisory 2015-1778-01
Posted Sep 17, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1778-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the kernel's implementation of the Berkeley Packet Filter. A local attacker could craft BPF code to crash the system by creating a situation in which the JIT compiler would fail to correctly optimize the JIT image on the last pass. This would lead to the CPU executing instructions that were not part of the JIT code. Two flaws were found in the way the Linux kernel's networking implementation handled UDP packets with incorrect checksum values. A remote attacker could potentially use these flaws to trigger an infinite loop in the kernel, resulting in a denial of service on the system, or cause a denial of service in applications using the edge triggered epoll functionality.

tags | advisory, remote, denial of service, kernel, local, udp
systems | linux, redhat
advisories | CVE-2014-9585, CVE-2015-0275, CVE-2015-1333, CVE-2015-3212, CVE-2015-4700, CVE-2015-5364, CVE-2015-5366
SHA-256 | 6931087e4966ef5af97d58d33a14d67431f59be2eca9c49d74bab95c4b9e66ae
Red Hat Security Advisory 2015-1787-01
Posted Sep 17, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1787-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. Two flaws were found in the way the Linux kernel's networking implementation handled UDP packets with incorrect checksum values. A remote attacker could potentially use these flaws to trigger an infinite loop in the kernel, resulting in a denial of service on the system, or cause a denial of service in applications using the edge triggered epoll functionality. A flaw was found in the way the Linux kernel's ext4 file system handled the "page size > block size" condition when the fallocate zero range functionality was used. A local attacker could use this flaw to crash the system.

tags | advisory, remote, denial of service, kernel, local, udp
systems | linux, redhat
advisories | CVE-2014-9585, CVE-2015-0275, CVE-2015-1333, CVE-2015-3212, CVE-2015-5364, CVE-2015-5366
SHA-256 | f0b5d577a1722a4499ab101e9890afb3978e9fdaacc73e56678021c7283bdb72
Debian Security Advisory 3329-1
Posted Aug 7, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3329-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2015-1333, CVE-2015-3212, CVE-2015-4692, CVE-2015-4700, CVE-2015-5364, CVE-2015-5366, CVE-2015-5697, CVE-2015-5706, CVE-2015-5707
SHA-256 | 032d7754d15daf5a42e6f9f97780a9dd8431d502054c7f15a05b87b1417f2da4
Ubuntu Security Notice USN-2691-1
Posted Jul 29, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2691-1 - Andy Lutomirski discovered a flaw in the Linux kernel's handling of nested NMIs (non-maskable interrupts). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges. Colin King discovered a flaw in the add_key function of the Linux kernel's keyring subsystem. A local user could exploit this flaw to cause a denial of service (memory exhaustion). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-1333, CVE-2015-3290, CVE-2015-3291, CVE-2015-5157
SHA-256 | 233afb4582ee78a50a8facdf30a35b42c990f6ff998cb27bce0cb8f4bf394da2
Ubuntu Security Notice USN-2688-1
Posted Jul 29, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2688-1 - Andy Lutomirski discovered a flaw in the Linux kernel's handling of nested NMIs (non-maskable interrupts). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges. Colin King discovered a flaw in the add_key function of the Linux kernel's keyring subsystem. A local user could exploit this flaw to cause a denial of service (memory exhaustion). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-1333, CVE-2015-3290, CVE-2015-3291, CVE-2015-5157
SHA-256 | ce58db6ac1ce225659c4f2333916e039746c0fa760849b8e9016fdecb8a8fd66
Ubuntu Security Notice USN-2687-1
Posted Jul 29, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2687-1 - Andy Lutomirski discovered a flaw in the Linux kernel's handling of nested NMIs (non-maskable interrupts). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges. Colin King discovered a flaw in the add_key function of the Linux kernel's keyring subsystem. A local user could exploit this flaw to cause a denial of service (memory exhaustion). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-1333, CVE-2015-3290, CVE-2015-3291, CVE-2015-5157
SHA-256 | 49ab85c196aa855b9ebaf838b0b9f7a16754a5118979c620b131d4167753d1d1
Ubuntu Security Notice USN-2689-1
Posted Jul 29, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2689-1 - Andy Lutomirski discovered a flaw in the Linux kernel's handling of nested NMIs (non-maskable interrupts). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges. Colin King discovered a flaw in the add_key function of the Linux kernel's keyring subsystem. A local user could exploit this flaw to cause a denial of service (memory exhaustion). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-1333, CVE-2015-3290, CVE-2015-3291, CVE-2015-5157
SHA-256 | 8bc536d144528d06e731bc5365cad7af2d099cf3c5d399449213870149ab6b19
Ubuntu Security Notice USN-2690-1
Posted Jul 29, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2690-1 - Andy Lutomirski discovered a flaw in the Linux kernel's handling of nested NMIs (non-maskable interrupts). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges. Colin King discovered a flaw in the add_key function of the Linux kernel's keyring subsystem. A local user could exploit this flaw to cause a denial of service (memory exhaustion). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-1333, CVE-2015-3290, CVE-2015-3291, CVE-2015-5157
SHA-256 | aa51a0821d1a02548dc2de024d18926f5f95a5bc133a2d69ec6f69a16f43f629
Page 1 of 1
Back1Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close