what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

CVE-2016-0774

Status Candidate

Overview

The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in a certain Linux kernel backport in the linux package before 3.2.73-2+deb7u3 on Debian wheezy and the kernel package before 3.10.0-229.26.2 on Red Hat Enterprise Linux (RHEL) 7.1 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted application, aka an "I/O vector array overrun." NOTE: this vulnerability exists because of an incorrect fix for CVE-2015-1805.

Related Files

Red Hat Security Advisory 2016-0617-01
Posted Apr 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0617-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: It was found that the fix for CVE-2015-1805 incorrectly kept buffer offset and buffer length in sync on a failed atomic read, potentially resulting in a pipe buffer state corruption. A local, unprivileged user could use this flaw to crash the system or leak kernel memory to user space.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2016-0774
SHA-256 | 2246baeb82266ecd6e864496d3978886666526381708e4420ff443c9d6f1fa2a
Download | Favorite | View
Red Hat Security Advisory 2016-0494-01
Posted Mar 23, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0494-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the fix for CVE-2015-1805 incorrectly kept buffer offset and buffer length in sync on a failed atomic read, potentially resulting in a pipe buffer state corruption. A local, unprivileged user could use this flaw to crash the system or leak kernel memory to user space. The security impact of this issue was discovered by Red Hat.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2016-0774
SHA-256 | 80c54b65ae506f1bd02a2a902ef6537ba749f2d08c2885f9ed60f7d6ef16502f
Download | Favorite | View
Debian Security Advisory 3503-1
Posted Mar 4, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3503-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service, information leak or data loss.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2013-4312, CVE-2015-7566, CVE-2015-8767, CVE-2015-8785, CVE-2015-8812, CVE-2015-8816, CVE-2015-8830, CVE-2016-0723, CVE-2016-0774, CVE-2016-2069, CVE-2016-2384, CVE-2016-2543, CVE-2016-2544, CVE-2016-2545, CVE-2016-2546, CVE-2016-2547, CVE-2016-2548, CVE-2016-2549, CVE-2016-2550
SHA-256 | 25d671ba26bfc929fa9034f00895f1f88acf0c87420ac9187d367f3130e8b078
Download | Favorite | View
Red Hat Security Advisory 2016-0103-01
Posted Feb 3, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0103-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the x86 ISA is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way delivering of benign exceptions such as #DB is handled. A privileged user inside a guest could use this flaw to create denial of service conditions on the host kernel. A use-after-free flaw was found in the way the Linux kernel's key management subsystem handled keyring object reference counting in certain error path of the join_session_keyring() function. A local, unprivileged user could use this flaw to escalate their privileges on the system.

tags | advisory, denial of service, x86, kernel, local
systems | linux, redhat
advisories | CVE-2015-8104, CVE-2016-0728, CVE-2016-0774
SHA-256 | 9927db3d6722b1df950202392e8bc511c9d1a2eb779e99e2d270206e4e63aa86
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

August 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    15 Files
  • 2
    Aug 2nd
    22 Files
  • 3
    Aug 3rd
    0 Files
  • 4
    Aug 4th
    0 Files
  • 5
    Aug 5th
    0 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    0 Files
  • 9
    Aug 9th
    0 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close