exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 9 of 9 RSS Feed

CVE-2015-1420

Status Candidate

Overview

Race condition in the handle_to_path function in fs/fhandle.c in the Linux kernel through 3.19.1 allows local users to bypass intended size restrictions and trigger read operations on additional memory locations by changing the handle_bytes value of a file handle during the execution of this function.

Related Files

Ubuntu Security Notice USN-2666-1
Posted Jul 7, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2666-1 - A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensitive memory locations. A underflow error was discovered in the Linux kernel's Ozmo Devices USB over WiFi host controller driver. A remote attacker could exploit this flaw to cause a denial of service (system crash) or potentially execute arbitrary code via a specially crafted packet. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-1420, CVE-2015-4001, CVE-2015-4002, CVE-2015-4003, CVE-2015-4167, CVE-2015-4700
SHA-256 | 47d9b2874b908191ceb7d6cc05e67c129969a7a846612e0abf42f762272cf153
Ubuntu Security Notice USN-2667-1
Posted Jul 7, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2667-1 - A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensitive memory locations. A underflow error was discovered in the Linux kernel's Ozmo Devices USB over WiFi host controller driver. A remote attacker could exploit this flaw to cause a denial of service (system crash) or potentially execute arbitrary code via a specially crafted packet. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-1420, CVE-2015-4001, CVE-2015-4002, CVE-2015-4003
SHA-256 | 122e7a4e496bfa1708ef0318f8bb997c9f1c401557f2e3bc34b52513381ea323
Ubuntu Security Notice USN-2663-1
Posted Jul 7, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2663-1 - Alexandre Oliva reported a race condition flaw in the btrfs file system's handling of extended attributes (xattrs). A local attacker could exploit this flaw to bypass ACLs and potentially escalate privileges. A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensitive memory locations. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2014-9710, CVE-2015-1420, CVE-2015-4001, CVE-2015-4002, CVE-2015-4003, CVE-2015-4167
SHA-256 | 7d15aa2d77d66a412eb11604a0558247a40f8871ea54563f3265f6cf37232869
Ubuntu Security Notice USN-2664-1
Posted Jul 7, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2664-1 - A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensitive memory locations. A underflow error was discovered in the Linux kernel's Ozmo Devices USB over WiFi host controller driver. A remote attacker could exploit this flaw to cause a denial of service (system crash) or potentially execute arbitrary code via a specially crafted packet. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-1420, CVE-2015-4001, CVE-2015-4002, CVE-2015-4003, CVE-2015-4167, CVE-2015-4700
SHA-256 | fa189e6b6391daa79f6ab7ceb545b2f97b172e45e1ec80055aa050d2726b9e27
Ubuntu Security Notice USN-2665-1
Posted Jul 7, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2665-1 - A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensitive memory locations. A underflow error was discovered in the Linux kernel's Ozmo Devices USB over WiFi host controller driver. A remote attacker could exploit this flaw to cause a denial of service (system crash) or potentially execute arbitrary code via a specially crafted packet. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-1420, CVE-2015-4001, CVE-2015-4002, CVE-2015-4003
SHA-256 | 7fe5d45987e82d6beb0aa597ea875fbc6a50d820627071ddf51320c0b6d6db2e
Ubuntu Security Notice USN-2662-1
Posted Jul 7, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2662-1 - Alexandre Oliva reported a race condition flaw in the btrfs file system's handling of extended attributes (xattrs). A local attacker could exploit this flaw to bypass ACLs and potentially escalate privileges. A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensitive memory locations. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2014-9710, CVE-2015-1420, CVE-2015-4001, CVE-2015-4002, CVE-2015-4003, CVE-2015-4167
SHA-256 | fd94ef4c48a1bb7444100a0af1dc5c91028a7fce50fdaa1e423dcb48878649a3
Ubuntu Security Notice USN-2660-1
Posted Jul 7, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2660-1 - A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensitive memory locations.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-1420
SHA-256 | a7b057780c2a9c2c974c9d2ad831cb885a705477c84f727d40ba979a7e08c701
Ubuntu Security Notice USN-2661-1
Posted Jul 7, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2661-1 - A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensitive memory locations.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-1420
SHA-256 | ffb7e5a9faaa7d5d4aa3790f6cae60c6ac29ec24ba1853e3b7fec3cc4d2f3c94
Debian Security Advisory 3170-1
Posted Feb 26, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3170-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leaks or privilege escalation.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2013-7421, CVE-2014-7822, CVE-2014-8160, CVE-2014-8559, CVE-2014-9585, CVE-2014-9644, CVE-2014-9683, CVE-2015-0239, CVE-2015-1420, CVE-2015-1421, CVE-2015-1593
SHA-256 | bd8c99b2ab449bf19ff881a59d02a9213bd109f150a9ca0142efa66f7d734b69
Page 1 of 1
Back1Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close