what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

CVE-2015-8569

Status Candidate

Overview

The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel through 4.3.3 do not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application.

Related Files

Ubuntu Security Notice USN-2910-2
Posted Feb 27, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2910-2 - USN-2910-1 fixed vulnerabilities in the Ubuntu 15.04 Linux kernel backported to Ubuntu 14.04 LTS. An incorrect locking fix caused a regression that broke graphics displays for Ubuntu 14.04 LTS guests running the Ubuntu 15.04 backport kernel within VMWare virtual machines. This update fixes the problem. Various other issues were also addressed.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2015-7550, CVE-2015-8543, CVE-2015-8569, CVE-2015-8575, CVE-2015-8785, CVE-2016-1575, CVE-2016-1576
SHA-256 | 1c5860f7d5e5f701a0618aa045b06de9bedc1bdeb2417d42f72a17ed4039636b
Ubuntu Security Notice USN-2910-1
Posted Feb 23, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2910-1 - halfdog discovered that OverlayFS, when mounting on top of a FUSE mount, incorrectly propagated file attributes, including setuid. A local unprivileged attacker could use this to gain privileges. halfdog discovered that OverlayFS in the Linux kernel incorrectly propagated security sensitive extended attributes, such as POSIX ACLs. A local unprivileged attacker could use this to gain privileges. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, osx, ubuntu
advisories | CVE-2015-7550, CVE-2015-8543, CVE-2015-8569, CVE-2015-8575, CVE-2015-8785, CVE-2016-1575, CVE-2016-1576
SHA-256 | d315767d6b74fc5875e1959ee3b8350c03d865880496c94d9e5829712fcd69a4
Ubuntu Security Notice USN-2907-2
Posted Feb 23, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2907-2 - halfdog discovered that OverlayFS, when mounting on top of a FUSE mount, incorrectly propagated file attributes, including setuid. A local unprivileged attacker could use this to gain privileges. halfdog discovered that OverlayFS in the Linux kernel incorrectly propagated security sensitive extended attributes, such as POSIX ACLs. A local unprivileged attacker could use this to gain privileges. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, osx, ubuntu
advisories | CVE-2015-7550, CVE-2015-8543, CVE-2015-8569, CVE-2015-8575, CVE-2015-8785, CVE-2016-1575, CVE-2016-1576
SHA-256 | 963e536d218f0e81e41ebb8a8147fbedb301ff6538499599412b9b5c1093f890
Ubuntu Security Notice USN-2907-1
Posted Feb 23, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2907-1 - halfdog discovered that OverlayFS, when mounting on top of a FUSE mount, incorrectly propagated file attributes, including setuid. A local unprivileged attacker could use this to gain privileges. halfdog discovered that OverlayFS in the Linux kernel incorrectly propagated security sensitive extended attributes, such as POSIX ACLs. A local unprivileged attacker could use this to gain privileges. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, osx, ubuntu
advisories | CVE-2015-7550, CVE-2015-8543, CVE-2015-8569, CVE-2015-8575, CVE-2015-8785, CVE-2016-1575, CVE-2016-1576
SHA-256 | fdac4052fa0c407475c40375a8f0dfb58fed0c920779bbb4203e890183fb094e
Ubuntu Security Notice USN-2890-2
Posted Feb 2, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2890-2 - It was discovered that a use-after-free vulnerability existed in the AF_UNIX implementation in the Linux kernel. A local attacker could use crafted epoll_ctl calls to cause a denial of service (system crash) or expose sensitive information. It was discovered that the KVM implementation in the Linux kernel did not properly restore the values of the Programmable Interrupt Timer (PIT). A user-assisted attacker in a KVM guest could cause a denial of service in the host (system crash). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-7446, CVE-2015-7513, CVE-2015-7550, CVE-2015-7990, CVE-2015-8374, CVE-2015-8543, CVE-2015-8569, CVE-2015-8575, CVE-2015-8787
SHA-256 | 3017b113d92983c899f5afeb5d0837516181dd39dc3b825adc1dc5398c097593
Ubuntu Security Notice USN-2890-1
Posted Feb 2, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2890-1 - It was discovered that a use-after-free vulnerability existed in the AF_UNIX implementation in the Linux kernel. A local attacker could use crafted epoll_ctl calls to cause a denial of service (system crash) or expose sensitive information. It was discovered that the KVM implementation in the Linux kernel did not properly restore the values of the Programmable Interrupt Timer (PIT). A user-assisted attacker in a KVM guest could cause a denial of service in the host (system crash). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-7446, CVE-2015-7513, CVE-2015-7550, CVE-2015-7990, CVE-2015-8374, CVE-2015-8543, CVE-2015-8569, CVE-2015-8575, CVE-2015-8787
SHA-256 | 7e32a7f6bd16cb21244db5518db99454b3180703f06d5108438bd7cd22d6b567
Ubuntu Security Notice USN-2888-1
Posted Feb 2, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2888-1 - It was discovered that a use-after-free vulnerability existed in the AF_UNIX implementation in the Linux kernel. A local attacker could use crafted epoll_ctl calls to cause a denial of service (system crash) or expose sensitive information. It was discovered that the KVM implementation in the Linux kernel did not properly restore the values of the Programmable Interrupt Timer (PIT). A user-assisted attacker in a KVM guest could cause a denial of service in the host (system crash). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-7446, CVE-2015-7513, CVE-2015-7550, CVE-2015-7990, CVE-2015-8374, CVE-2015-8543, CVE-2015-8569, CVE-2015-8575
SHA-256 | 8dcda68c9a619fd87faff8f074fba6ebbf378808c7a0d0aad614c4a46fbe15ee
Ubuntu Security Notice USN-2886-1
Posted Feb 2, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2886-1 - It was discovered that a use-after-free vulnerability existed in the AF_UNIX implementation in the Linux kernel. A local attacker could use crafted epoll_ctl calls to cause a denial of service (system crash) or expose sensitive information. It was discovered that the KVM implementation in the Linux kernel did not properly restore the values of the Programmable Interrupt Timer (PIT). A user-assisted attacker in a KVM guest could cause a denial of service in the host (system crash). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-7446, CVE-2015-7513, CVE-2015-7799, CVE-2015-7990, CVE-2015-8374, CVE-2015-8543, CVE-2015-8569, CVE-2015-8575, CVE-2015-8785
SHA-256 | 24d6d7ae8c64e0028b98928f5ea1fa07cc6257b83053299993d4ac0a54e5d3e1
Ubuntu Security Notice USN-2890-3
Posted Feb 2, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2890-3 - It was discovered that a use-after-free vulnerability existed in the AF_UNIX implementation in the Linux kernel. A local attacker could use crafted epoll_ctl calls to cause a denial of service (system crash) or expose sensitive information. It was discovered that the KVM implementation in the Linux kernel did not properly restore the values of the Programmable Interrupt Timer (PIT). A user-assisted attacker in a KVM guest could cause a denial of service in the host (system crash). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-7446, CVE-2015-7513, CVE-2015-7550, CVE-2015-7990, CVE-2015-8374, CVE-2015-8543, CVE-2015-8569, CVE-2015-8575, CVE-2015-8787
SHA-256 | 3c1fd9107abb37a2665cc487b029ad27a16d374ef098661f586ea50924991389
Ubuntu Security Notice USN-2886-2
Posted Feb 2, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2886-2 - It was discovered that a use-after-free vulnerability existed in the AF_UNIX implementation in the Linux kernel. A local attacker could use crafted epoll_ctl calls to cause a denial of service (system crash) or expose sensitive information. It was discovered that the KVM implementation in the Linux kernel did not properly restore the values of the Programmable Interrupt Timer (PIT). A user-assisted attacker in a KVM guest could cause a denial of service in the host (system crash). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-7446, CVE-2015-7513, CVE-2015-7799, CVE-2015-7990, CVE-2015-8374, CVE-2015-8543, CVE-2015-8550, CVE-2015-8569, CVE-2015-8575, CVE-2015-8785
SHA-256 | f224ae824b3b14b9ca929cf40a2e3f6f5db08bd558114527506befeea164e26a
Debian Security Advisory 3434-1
Posted Jan 5, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3434-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2015-7513, CVE-2015-7550, CVE-2015-8543, CVE-2015-8550, CVE-2015-8551, CVE-2015-8552, CVE-2015-8569, CVE-2015-8575, CVE-2015-8709
SHA-256 | f1141a8de6449e71f448b35c2f5555c825d9e8cd9ccb92406b4982ef5187cd2b
Page 1 of 1
Back1Next

File Archive:

July 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    52 Files
  • 2
    Jul 2nd
    0 Files
  • 3
    Jul 3rd
    0 Files
  • 4
    Jul 4th
    0 Files
  • 5
    Jul 5th
    0 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close