what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 13 of 13 RSS Feed

CVE-2016-2117

Status Candidate

Overview

The atl2_probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel through 4.5.2 incorrectly enables scatter/gather I/O, which allows remote attackers to obtain sensitive information from kernel memory by reading packet data.

Related Files

Red Hat Security Advisory 2016-2584-02
Posted Nov 3, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2584-02 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: It was found that the Linux kernel's IPv6 implementation mishandled socket options. A local attacker could abuse concurrent access to the socket options to escalate their privileges, or cause a denial of service via a crafted sendmsg system call.

tags | advisory, denial of service, kernel, local
systems | linux, redhat
advisories | CVE-2013-4312, CVE-2015-8374, CVE-2015-8543, CVE-2015-8746, CVE-2015-8812, CVE-2015-8844, CVE-2015-8845, CVE-2015-8956, CVE-2016-2053, CVE-2016-2069, CVE-2016-2117, CVE-2016-2384, CVE-2016-2847, CVE-2016-3070, CVE-2016-3156, CVE-2016-3699, CVE-2016-3841, CVE-2016-4569, CVE-2016-4578, CVE-2016-4581, CVE-2016-4794, CVE-2016-5829, CVE-2016-6136, CVE-2016-6198, CVE-2016-6327, CVE-2016-6480
SHA-256 | 88a2bd8c0f30988120dd0ca735846a15c63a1e9c06edc72ce61959751724fbc4
Red Hat Security Advisory 2016-2574-02
Posted Nov 3, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2574-02 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: It was found that the Linux kernel's IPv6 implementation mishandled socket options. A local attacker could abuse concurrent access to the socket options to escalate their privileges, or cause a denial of service via a crafted sendmsg system call.

tags | advisory, denial of service, kernel, local
systems | linux, redhat
advisories | CVE-2013-4312, CVE-2015-8374, CVE-2015-8543, CVE-2015-8746, CVE-2015-8812, CVE-2015-8844, CVE-2015-8845, CVE-2015-8956, CVE-2016-2053, CVE-2016-2069, CVE-2016-2117, CVE-2016-2384, CVE-2016-2847, CVE-2016-3070, CVE-2016-3156, CVE-2016-3699, CVE-2016-3841, CVE-2016-4569, CVE-2016-4578, CVE-2016-4581, CVE-2016-4794, CVE-2016-5412, CVE-2016-5828, CVE-2016-5829, CVE-2016-6136, CVE-2016-6198, CVE-2016-6327, CVE-2016-6480
SHA-256 | a58b7b5d58e92d5a084026c53f5461e431441e86891787922c799b50ae4376ed
Debian Security Advisory 3607-1
Posted Jun 28, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3607-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2015-7515, CVE-2016-0821, CVE-2016-1237, CVE-2016-1583, CVE-2016-2117, CVE-2016-2143, CVE-2016-2184, CVE-2016-2185, CVE-2016-2186, CVE-2016-2187, CVE-2016-3070, CVE-2016-3134, CVE-2016-3136, CVE-2016-3137, CVE-2016-3138, CVE-2016-3140, CVE-2016-3156, CVE-2016-3157, CVE-2016-3672, CVE-2016-3951, CVE-2016-3955, CVE-2016-3961, CVE-2016-4470, CVE-2016-4482, CVE-2016-4485, CVE-2016-4486, CVE-2016-4565, CVE-2016-4569
SHA-256 | 0d223b304d17753a1ce52094557c77094582be1a5339c862d34ee91a630a21d9
Ubuntu Security Notice USN-3007-1
Posted Jun 10, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3007-1 - Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. Jann Horn discovered that eCryptfs improperly attempted to use the mmap() handler of a lower filesystem that did not implement one, causing a recursive page fault to occur. A local unprivileged attacker could use to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-8839, CVE-2016-1583, CVE-2016-2117, CVE-2016-2187, CVE-2016-3961, CVE-2016-4485, CVE-2016-4486, CVE-2016-4558, CVE-2016-4565, CVE-2016-4581
SHA-256 | 21367d7bd0aa8b16e79856a1355feca42858b0c152a944585c55546c468c24e3
Ubuntu Security Notice USN-3006-1
Posted Jun 10, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3006-1 - Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. Jann Horn discovered that eCryptfs improperly attempted to use the mmap() handler of a lower filesystem that did not implement one, causing a recursive page fault to occur. A local unprivileged attacker could use to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-8839, CVE-2016-1583, CVE-2016-2117, CVE-2016-2187, CVE-2016-3961, CVE-2016-4485, CVE-2016-4486, CVE-2016-4558, CVE-2016-4565, CVE-2016-4581
SHA-256 | 154dc735ba43dcb64102c43e5dbd9a972894457a1ab139daeb9843adf1a26a02
Ubuntu Security Notice USN-3005-1
Posted Jun 10, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3005-1 - Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. Jann Horn discovered that eCryptfs improperly attempted to use the mmap() handler of a lower filesystem that did not implement one, causing a recursive page fault to occur. A local unprivileged attacker could use to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-8839, CVE-2016-1583, CVE-2016-2117, CVE-2016-2187, CVE-2016-3961, CVE-2016-4485, CVE-2016-4486, CVE-2016-4558, CVE-2016-4565, CVE-2016-4581
SHA-256 | 56a885e91d30fe754e8f21c81ed01cdf2281619674073d71894d6a45f8497137
Ubuntu Security Notice USN-3004-1
Posted Jun 10, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3004-1 - Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. Jann Horn discovered that eCryptfs improperly attempted to use the mmap() handler of a lower filesystem that did not implement one, causing a recursive page fault to occur. A local unprivileged attacker could use to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-4004, CVE-2016-1583, CVE-2016-2117, CVE-2016-2187, CVE-2016-3672, CVE-2016-3951, CVE-2016-3955, CVE-2016-3961, CVE-2016-4485, CVE-2016-4486, CVE-2016-4565, CVE-2016-4581
SHA-256 | 15260f2bae937ffefd89474b5d45b197be79a2c3c629d596664ff46374144290
Ubuntu Security Notice USN-3003-1
Posted Jun 10, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3003-1 - Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. Jann Horn discovered that eCryptfs improperly attempted to use the mmap() handler of a lower filesystem that did not implement one, causing a recursive page fault to occur. A local unprivileged attacker could use to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-4004, CVE-2016-1583, CVE-2016-2117, CVE-2016-2187, CVE-2016-3672, CVE-2016-3951, CVE-2016-3955, CVE-2016-3961, CVE-2016-4485, CVE-2016-4486, CVE-2016-4565, CVE-2016-4581
SHA-256 | 5fed2838234a44d1730852206ba9626415e7a2b237d203c9b8f4f0a0ae120b95
Ubuntu Security Notice USN-3002-1
Posted Jun 10, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3002-1 - Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. Jann Horn discovered that eCryptfs improperly attempted to use the mmap() handler of a lower filesystem that did not implement one, causing a recursive page fault to occur. A local unprivileged attacker could use to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-4004, CVE-2016-1583, CVE-2016-2117, CVE-2016-2187, CVE-2016-3672, CVE-2016-3951, CVE-2016-3955, CVE-2016-3961, CVE-2016-4485, CVE-2016-4486, CVE-2016-4565, CVE-2016-4581
SHA-256 | 6a304214d70136724253b137a128ced305938a2bcf77b7f57cc2fd2056cb00d0
Ubuntu Security Notice USN-3001-1
Posted Jun 10, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3001-1 - Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. Jann Horn discovered that eCryptfs improperly attempted to use the mmap() handler of a lower filesystem that did not implement one, causing a recursive page fault to occur. A local unprivileged attacker could use to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-4004, CVE-2016-1583, CVE-2016-2117, CVE-2016-2187, CVE-2016-3672, CVE-2016-3951, CVE-2016-3955, CVE-2016-3961, CVE-2016-4485, CVE-2016-4486, CVE-2016-4565, CVE-2016-4581
SHA-256 | cbd8722998ecacafce7f0e191f217dc2e6164d45016680a92f8639cf152856bf
Ubuntu Security Notice USN-3000-1
Posted Jun 10, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3000-1 - Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. Jann Horn discovered that eCryptfs improperly attempted to use the mmap() handler of a lower filesystem that did not implement one, causing a recursive page fault to occur. A local unprivileged attacker could use to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-4004, CVE-2016-1583, CVE-2016-2117, CVE-2016-2187, CVE-2016-3136, CVE-2016-3137, CVE-2016-3140, CVE-2016-3672, CVE-2016-3689, CVE-2016-3951, CVE-2016-3955, CVE-2016-4485, CVE-2016-4486, CVE-2016-4581
SHA-256 | 330259ee5fb5e92854cb2c2d2d644d62e3fa8b04b3260f39927986db6fab5b70
Ubuntu Security Notice USN-2998-1
Posted Jun 10, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2998-1 - Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. Jann Horn discovered that eCryptfs improperly attempted to use the mmap() handler of a lower filesystem that did not implement one, causing a recursive page fault to occur. A local unprivileged attacker could use to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-4004, CVE-2016-1583, CVE-2016-2069, CVE-2016-2117, CVE-2016-2187, CVE-2016-3672, CVE-2016-3951, CVE-2016-3955, CVE-2016-4485, CVE-2016-4486, CVE-2016-4581
SHA-256 | 6ac8e40a1a58889071f681c070f97687fbc0499845baf46496f6035c2db81bc6
Ubuntu Security Notice USN-2989-1
Posted Jun 1, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2989-1 - Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. Jason A. Donenfeld discovered multiple out-of-bounds reads in the OZMO USB over wifi device drivers in the Linux kernel. A remote attacker could use this to cause a denial of service (system crash) or obtain potentially sensitive information from kernel memory. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel
systems | linux, ubuntu
advisories | CVE-2015-4004, CVE-2016-2069, CVE-2016-2117, CVE-2016-2187, CVE-2016-3672, CVE-2016-3951, CVE-2016-3955, CVE-2016-4485, CVE-2016-4486, CVE-2016-4581
SHA-256 | 176f40d6b9ca149610db188404fb65b5dd57970bcbf0fa0ce08d2db323c1cc4d
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close