what you don't know can hurt you
Showing 1 - 9 of 9 RSS Feed

CVE-2015-1420

Status Candidate

Overview

Race condition in the handle_to_path function in fs/fhandle.c in the Linux kernel through 3.19.1 allows local users to bypass intended size restrictions and trigger read operations on additional memory locations by changing the handle_bytes value of a file handle during the execution of this function.

Related Files

Ubuntu Security Notice USN-2666-1
Posted Jul 7, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2666-1 - A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensitive memory locations. A underflow error was discovered in the Linux kernel's Ozmo Devices USB over WiFi host controller driver. A remote attacker could exploit this flaw to cause a denial of service (system crash) or potentially execute arbitrary code via a specially crafted packet. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-1420, CVE-2015-4001, CVE-2015-4002, CVE-2015-4003, CVE-2015-4167, CVE-2015-4700
MD5 | 201a361d8f4da2b576e0c9755364b9e1
Ubuntu Security Notice USN-2667-1
Posted Jul 7, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2667-1 - A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensitive memory locations. A underflow error was discovered in the Linux kernel's Ozmo Devices USB over WiFi host controller driver. A remote attacker could exploit this flaw to cause a denial of service (system crash) or potentially execute arbitrary code via a specially crafted packet. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-1420, CVE-2015-4001, CVE-2015-4002, CVE-2015-4003
MD5 | c8750104b996f794fc4cfd7fbf1cd465
Ubuntu Security Notice USN-2663-1
Posted Jul 7, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2663-1 - Alexandre Oliva reported a race condition flaw in the btrfs file system's handling of extended attributes (xattrs). A local attacker could exploit this flaw to bypass ACLs and potentially escalate privileges. A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensitive memory locations. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2014-9710, CVE-2015-1420, CVE-2015-4001, CVE-2015-4002, CVE-2015-4003, CVE-2015-4167
MD5 | 553c805e30360d815f4bfc8613663385
Ubuntu Security Notice USN-2664-1
Posted Jul 7, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2664-1 - A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensitive memory locations. A underflow error was discovered in the Linux kernel's Ozmo Devices USB over WiFi host controller driver. A remote attacker could exploit this flaw to cause a denial of service (system crash) or potentially execute arbitrary code via a specially crafted packet. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-1420, CVE-2015-4001, CVE-2015-4002, CVE-2015-4003, CVE-2015-4167, CVE-2015-4700
MD5 | bd99a36ce8f2c9e2d4256bac885bde2f
Ubuntu Security Notice USN-2665-1
Posted Jul 7, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2665-1 - A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensitive memory locations. A underflow error was discovered in the Linux kernel's Ozmo Devices USB over WiFi host controller driver. A remote attacker could exploit this flaw to cause a denial of service (system crash) or potentially execute arbitrary code via a specially crafted packet. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-1420, CVE-2015-4001, CVE-2015-4002, CVE-2015-4003
MD5 | dc664107d152c7b55821628a6f04f559
Ubuntu Security Notice USN-2662-1
Posted Jul 7, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2662-1 - Alexandre Oliva reported a race condition flaw in the btrfs file system's handling of extended attributes (xattrs). A local attacker could exploit this flaw to bypass ACLs and potentially escalate privileges. A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensitive memory locations. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2014-9710, CVE-2015-1420, CVE-2015-4001, CVE-2015-4002, CVE-2015-4003, CVE-2015-4167
MD5 | 35ff0d826d13daf55a94cf200068053c
Ubuntu Security Notice USN-2660-1
Posted Jul 7, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2660-1 - A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensitive memory locations.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-1420
MD5 | df6550d0213022876fa9157828496d8b
Ubuntu Security Notice USN-2661-1
Posted Jul 7, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2661-1 - A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensitive memory locations.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-1420
MD5 | 69667835bc58acb656d44d427aee604b
Debian Security Advisory 3170-1
Posted Feb 26, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3170-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leaks or privilege escalation.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2013-7421, CVE-2014-7822, CVE-2014-8160, CVE-2014-8559, CVE-2014-9585, CVE-2014-9644, CVE-2014-9683, CVE-2015-0239, CVE-2015-1420, CVE-2015-1421, CVE-2015-1593
MD5 | 027f0aa2e94634ffb4a7876370d57d9d
Page 1 of 1
Back1Next

File Archive:

April 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    60 Files
  • 2
    Apr 2nd
    20 Files
  • 3
    Apr 3rd
    15 Files
  • 4
    Apr 4th
    5 Files
  • 5
    Apr 5th
    5 Files
  • 6
    Apr 6th
    27 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    0 Files
  • 9
    Apr 9th
    0 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    0 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close