what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

CVE-2016-0758

Status Candidate

Overview

Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data.

Related Files

HP Security Bulletin HPSBHF3548 1
Posted Jun 6, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF3548 1 - A flaw was found in the way the Linux kernel's ASN.1 DER decoder processed certain certificate files with tags of indefinite length. A local, unprivileged user could use a specially crafted X.509 certificate DER file to crash the system or, potentially, escalate his or her privileges on the system. Revision HPSBHF3548 of this advisory.

tags | advisory, kernel, local
systems | linux
advisories | CVE-2016-0758
SHA-256 | 8b0d293bda62937cd08b5e6cab2593c2e389b3beb470d3ef755df0c07b564dfc
Ubuntu Security Notice USN-2979-4
Posted May 16, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2979-4 - Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-0758
SHA-256 | f8e3be2b927e976c9209bd751acdb51d9b30164629cb20cc001b615de8729e1d
Ubuntu Security Notice USN-2979-1
Posted May 16, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2979-1 - David Matlack discovered that the Kernel-based Virtual Machine (KVM) implementation in the Linux kernel did not properly restrict variable Memory Type Range Registers (MTRR) in KVM guests. A privileged user in a guest VM could use this to cause a denial of service (system crash) in the host, expose sensitive information from the host, or possibly gain administrative privileges in the host. Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-0758, CVE-2016-3713
SHA-256 | f54efabc7a7953e27810fe6ce72422448a5483cf73e0c1c26490ee17ddb6515d
Ubuntu Security Notice USN-2979-2
Posted May 16, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2979-2 - USN-2979-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. David Matlack discovered that the Kernel-based Virtual Machine (KVM) implementation in the Linux kernel did not properly restrict variable Memory Type Range Registers (MTRR) in KVM guests. A privileged user in a guest VM could use this to cause a denial of service (system crash) in the host, expose sensitive information from the host, or possibly gain administrative privileges in the host. Various other issues were also addressed.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-0758, CVE-2016-3713
SHA-256 | cdb2c86cd663d5c26cde9b3c2a5708b24e10070bf88b9fc77d97870354cfaeb1
Ubuntu Security Notice USN-2977-1
Posted May 16, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2977-1 - Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-0758
SHA-256 | d6b3be39ac7937bb9c063bc7588dc509dfded0b1d2782055a62769be30157ce9
Ubuntu Security Notice USN-2976-1
Posted May 16, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2976-1 - Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-0758
SHA-256 | a7e8c5cbdc10dd613588bad7d3979dece9409d0fcc442c155c1452784fcf6482
Ubuntu Security Notice USN-2978-3
Posted May 16, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2978-3 - Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-0758
SHA-256 | 380a8900f2b41cbbcdc679855c577286d9e8ac890b72e924185614245a2678d8
Ubuntu Security Notice USN-2975-1
Posted May 16, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2975-1 - Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-0758
SHA-256 | ce4aa24f49da8508bdc20d9f6ec8279498501fffb6953834550e0930d92b30a2
Ubuntu Security Notice USN-2975-2
Posted May 16, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2975-2 - USN-2975-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-0758
SHA-256 | feac0eb25f9c1cd3fa095cee054213a408415e169c7b4778f95545c5dacb38c1
Ubuntu Security Notice USN-2978-2
Posted May 16, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2978-2 - USN-2978-1 fixed vulnerabilities in the Linux kernel for Ubuntu 15.10. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 15.10 for Ubuntu 14.04 LTS. David Matlack discovered that the Kernel-based Virtual Machine (KVM) implementation in the Linux kernel did not properly restrict variable Memory Type Range Registers (MTRR) in KVM guests. A privileged user in a guest VM could use this to cause a denial of service (system crash) in the host, expose sensitive information from the host, or possibly gain administrative privileges in the host. Various other issues were also addressed.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-0758, CVE-2016-3713
SHA-256 | 64141def5026b2fd37a8d73d52076845eb142cd7b02d5e2f75a7ec27d647aa30
Ubuntu Security Notice USN-2979-3
Posted May 16, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2979-3 - Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-0758
SHA-256 | ebdfe841208c413cc4a3580e230a63f56eb848beb54d4fc7056c707f90f943df
Ubuntu Security Notice USN-2978-1
Posted May 16, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2978-1 - David Matlack discovered that the Kernel-based Virtual Machine (KVM) implementation in the Linux kernel did not properly restrict variable Memory Type Range Registers (MTRR) in KVM guests. A privileged user in a guest VM could use this to cause a denial of service (system crash) in the host, expose sensitive information from the host, or possibly gain administrative privileges in the host. Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-0758, CVE-2016-3713
SHA-256 | c7ba527bc03f4e3f11f857d8f2bda733be9c17654f1a0e13e3c436345ac34da5
Red Hat Security Advisory 2016-1033-01
Posted May 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1033-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way the Linux kernel's ASN.1 DER decoder processed certain certificate files with tags of indefinite length. A local, unprivileged user could use a specially crafted X.509 certificate DER file to crash the system or, potentially, escalate their privileges on the system.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2016-0758
SHA-256 | e45c138b2753829dc79e684567547bf112b96c0a9432a870efadd6e45bd1a03c
Red Hat Security Advisory 2016-1051-01
Posted May 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1051-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. The following packages have been upgraded to a newer upstream version: kernel-rt. This version provides a number of bug fixes and enhancements, including: [scsi] bnx2fc: Fix FCP RSP residual parsing and remove explicit logouts [scsi] mpt3sas: Fix for Asynchronous completion of timedout IO and task abort of timedout IO

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2016-0758
SHA-256 | 21c5265b59b451a5ddb26d9e008c07b346c9eea16e7069c9a77e2104a9ab8465
Red Hat Security Advisory 2016-1055-01
Posted May 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1055-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. The following packages have been upgraded to a newer upstream version: kernel-rt. This version provides a number of bug fixes and enhancements, including: [scsi] bnx2fc: Fix FCP RSP residual parsing and remove explicit logouts [scsi] mpt3sas: Fix for Asynchronous completion of timedout IO and task abort of timedout IO

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2016-0758
SHA-256 | b8c554fc25788fff5ae196c0632ab105d3e249701f8eeebf038112421b13b337
Page 1 of 1
Back1Next

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    18 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close