exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

CVE-2015-8575

Status Candidate

Overview

The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel before 4.3.4 does not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application.

Related Files

Ubuntu Security Notice USN-2910-2
Posted Feb 27, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2910-2 - USN-2910-1 fixed vulnerabilities in the Ubuntu 15.04 Linux kernel backported to Ubuntu 14.04 LTS. An incorrect locking fix caused a regression that broke graphics displays for Ubuntu 14.04 LTS guests running the Ubuntu 15.04 backport kernel within VMWare virtual machines. This update fixes the problem. Various other issues were also addressed.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2015-7550, CVE-2015-8543, CVE-2015-8569, CVE-2015-8575, CVE-2015-8785, CVE-2016-1575, CVE-2016-1576
SHA-256 | 1c5860f7d5e5f701a0618aa045b06de9bedc1bdeb2417d42f72a17ed4039636b
Ubuntu Security Notice USN-2910-1
Posted Feb 23, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2910-1 - halfdog discovered that OverlayFS, when mounting on top of a FUSE mount, incorrectly propagated file attributes, including setuid. A local unprivileged attacker could use this to gain privileges. halfdog discovered that OverlayFS in the Linux kernel incorrectly propagated security sensitive extended attributes, such as POSIX ACLs. A local unprivileged attacker could use this to gain privileges. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, osx, ubuntu
advisories | CVE-2015-7550, CVE-2015-8543, CVE-2015-8569, CVE-2015-8575, CVE-2015-8785, CVE-2016-1575, CVE-2016-1576
SHA-256 | d315767d6b74fc5875e1959ee3b8350c03d865880496c94d9e5829712fcd69a4
Ubuntu Security Notice USN-2907-2
Posted Feb 23, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2907-2 - halfdog discovered that OverlayFS, when mounting on top of a FUSE mount, incorrectly propagated file attributes, including setuid. A local unprivileged attacker could use this to gain privileges. halfdog discovered that OverlayFS in the Linux kernel incorrectly propagated security sensitive extended attributes, such as POSIX ACLs. A local unprivileged attacker could use this to gain privileges. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, osx, ubuntu
advisories | CVE-2015-7550, CVE-2015-8543, CVE-2015-8569, CVE-2015-8575, CVE-2015-8785, CVE-2016-1575, CVE-2016-1576
SHA-256 | 963e536d218f0e81e41ebb8a8147fbedb301ff6538499599412b9b5c1093f890
Ubuntu Security Notice USN-2907-1
Posted Feb 23, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2907-1 - halfdog discovered that OverlayFS, when mounting on top of a FUSE mount, incorrectly propagated file attributes, including setuid. A local unprivileged attacker could use this to gain privileges. halfdog discovered that OverlayFS in the Linux kernel incorrectly propagated security sensitive extended attributes, such as POSIX ACLs. A local unprivileged attacker could use this to gain privileges. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, osx, ubuntu
advisories | CVE-2015-7550, CVE-2015-8543, CVE-2015-8569, CVE-2015-8575, CVE-2015-8785, CVE-2016-1575, CVE-2016-1576
SHA-256 | fdac4052fa0c407475c40375a8f0dfb58fed0c920779bbb4203e890183fb094e
Ubuntu Security Notice USN-2890-2
Posted Feb 2, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2890-2 - It was discovered that a use-after-free vulnerability existed in the AF_UNIX implementation in the Linux kernel. A local attacker could use crafted epoll_ctl calls to cause a denial of service (system crash) or expose sensitive information. It was discovered that the KVM implementation in the Linux kernel did not properly restore the values of the Programmable Interrupt Timer (PIT). A user-assisted attacker in a KVM guest could cause a denial of service in the host (system crash). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-7446, CVE-2015-7513, CVE-2015-7550, CVE-2015-7990, CVE-2015-8374, CVE-2015-8543, CVE-2015-8569, CVE-2015-8575, CVE-2015-8787
SHA-256 | 3017b113d92983c899f5afeb5d0837516181dd39dc3b825adc1dc5398c097593
Ubuntu Security Notice USN-2890-1
Posted Feb 2, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2890-1 - It was discovered that a use-after-free vulnerability existed in the AF_UNIX implementation in the Linux kernel. A local attacker could use crafted epoll_ctl calls to cause a denial of service (system crash) or expose sensitive information. It was discovered that the KVM implementation in the Linux kernel did not properly restore the values of the Programmable Interrupt Timer (PIT). A user-assisted attacker in a KVM guest could cause a denial of service in the host (system crash). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-7446, CVE-2015-7513, CVE-2015-7550, CVE-2015-7990, CVE-2015-8374, CVE-2015-8543, CVE-2015-8569, CVE-2015-8575, CVE-2015-8787
SHA-256 | 7e32a7f6bd16cb21244db5518db99454b3180703f06d5108438bd7cd22d6b567
Ubuntu Security Notice USN-2888-1
Posted Feb 2, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2888-1 - It was discovered that a use-after-free vulnerability existed in the AF_UNIX implementation in the Linux kernel. A local attacker could use crafted epoll_ctl calls to cause a denial of service (system crash) or expose sensitive information. It was discovered that the KVM implementation in the Linux kernel did not properly restore the values of the Programmable Interrupt Timer (PIT). A user-assisted attacker in a KVM guest could cause a denial of service in the host (system crash). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-7446, CVE-2015-7513, CVE-2015-7550, CVE-2015-7990, CVE-2015-8374, CVE-2015-8543, CVE-2015-8569, CVE-2015-8575
SHA-256 | 8dcda68c9a619fd87faff8f074fba6ebbf378808c7a0d0aad614c4a46fbe15ee
Ubuntu Security Notice USN-2886-1
Posted Feb 2, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2886-1 - It was discovered that a use-after-free vulnerability existed in the AF_UNIX implementation in the Linux kernel. A local attacker could use crafted epoll_ctl calls to cause a denial of service (system crash) or expose sensitive information. It was discovered that the KVM implementation in the Linux kernel did not properly restore the values of the Programmable Interrupt Timer (PIT). A user-assisted attacker in a KVM guest could cause a denial of service in the host (system crash). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-7446, CVE-2015-7513, CVE-2015-7799, CVE-2015-7990, CVE-2015-8374, CVE-2015-8543, CVE-2015-8569, CVE-2015-8575, CVE-2015-8785
SHA-256 | 24d6d7ae8c64e0028b98928f5ea1fa07cc6257b83053299993d4ac0a54e5d3e1
Ubuntu Security Notice USN-2890-3
Posted Feb 2, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2890-3 - It was discovered that a use-after-free vulnerability existed in the AF_UNIX implementation in the Linux kernel. A local attacker could use crafted epoll_ctl calls to cause a denial of service (system crash) or expose sensitive information. It was discovered that the KVM implementation in the Linux kernel did not properly restore the values of the Programmable Interrupt Timer (PIT). A user-assisted attacker in a KVM guest could cause a denial of service in the host (system crash). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-7446, CVE-2015-7513, CVE-2015-7550, CVE-2015-7990, CVE-2015-8374, CVE-2015-8543, CVE-2015-8569, CVE-2015-8575, CVE-2015-8787
SHA-256 | 3c1fd9107abb37a2665cc487b029ad27a16d374ef098661f586ea50924991389
Ubuntu Security Notice USN-2886-2
Posted Feb 2, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2886-2 - It was discovered that a use-after-free vulnerability existed in the AF_UNIX implementation in the Linux kernel. A local attacker could use crafted epoll_ctl calls to cause a denial of service (system crash) or expose sensitive information. It was discovered that the KVM implementation in the Linux kernel did not properly restore the values of the Programmable Interrupt Timer (PIT). A user-assisted attacker in a KVM guest could cause a denial of service in the host (system crash). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-7446, CVE-2015-7513, CVE-2015-7799, CVE-2015-7990, CVE-2015-8374, CVE-2015-8543, CVE-2015-8550, CVE-2015-8569, CVE-2015-8575, CVE-2015-8785
SHA-256 | f224ae824b3b14b9ca929cf40a2e3f6f5db08bd558114527506befeea164e26a
Debian Security Advisory 3434-1
Posted Jan 5, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3434-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2015-7513, CVE-2015-7550, CVE-2015-8543, CVE-2015-8550, CVE-2015-8551, CVE-2015-8552, CVE-2015-8569, CVE-2015-8575, CVE-2015-8709
SHA-256 | f1141a8de6449e71f448b35c2f5555c825d9e8cd9ccb92406b4982ef5187cd2b
Page 1 of 1
Back1Next

File Archive:

June 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    19 Files
  • 2
    Jun 2nd
    16 Files
  • 3
    Jun 3rd
    28 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    19 Files
  • 7
    Jun 7th
    23 Files
  • 8
    Jun 8th
    11 Files
  • 9
    Jun 9th
    10 Files
  • 10
    Jun 10th
    4 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    27 Files
  • 20
    Jun 20th
    65 Files
  • 21
    Jun 21st
    10 Files
  • 22
    Jun 22nd
    8 Files
  • 23
    Jun 23rd
    6 Files
  • 24
    Jun 24th
    6 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close