exploit the possibilities
Showing 1 - 12 of 12 RSS Feed

CVE-2016-4581

Status Candidate

Overview

fs/pnode.c in the Linux kernel before 4.5.4 does not properly traverse a mount propagation tree in a certain case involving a slave mount, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted series of mount system calls.

Related Files

Red Hat Security Advisory 2016-2584-02
Posted Nov 3, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2584-02 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: It was found that the Linux kernel's IPv6 implementation mishandled socket options. A local attacker could abuse concurrent access to the socket options to escalate their privileges, or cause a denial of service via a crafted sendmsg system call.

tags | advisory, denial of service, kernel, local
systems | linux, redhat
advisories | CVE-2013-4312, CVE-2015-8374, CVE-2015-8543, CVE-2015-8746, CVE-2015-8812, CVE-2015-8844, CVE-2015-8845, CVE-2015-8956, CVE-2016-2053, CVE-2016-2069, CVE-2016-2117, CVE-2016-2384, CVE-2016-2847, CVE-2016-3070, CVE-2016-3156, CVE-2016-3699, CVE-2016-3841, CVE-2016-4569, CVE-2016-4578, CVE-2016-4581, CVE-2016-4794, CVE-2016-5829, CVE-2016-6136, CVE-2016-6198, CVE-2016-6327, CVE-2016-6480
SHA-256 | 88a2bd8c0f30988120dd0ca735846a15c63a1e9c06edc72ce61959751724fbc4
Red Hat Security Advisory 2016-2574-02
Posted Nov 3, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2574-02 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: It was found that the Linux kernel's IPv6 implementation mishandled socket options. A local attacker could abuse concurrent access to the socket options to escalate their privileges, or cause a denial of service via a crafted sendmsg system call.

tags | advisory, denial of service, kernel, local
systems | linux, redhat
advisories | CVE-2013-4312, CVE-2015-8374, CVE-2015-8543, CVE-2015-8746, CVE-2015-8812, CVE-2015-8844, CVE-2015-8845, CVE-2015-8956, CVE-2016-2053, CVE-2016-2069, CVE-2016-2117, CVE-2016-2384, CVE-2016-2847, CVE-2016-3070, CVE-2016-3156, CVE-2016-3699, CVE-2016-3841, CVE-2016-4569, CVE-2016-4578, CVE-2016-4581, CVE-2016-4794, CVE-2016-5412, CVE-2016-5828, CVE-2016-5829, CVE-2016-6136, CVE-2016-6198, CVE-2016-6327, CVE-2016-6480
SHA-256 | a58b7b5d58e92d5a084026c53f5461e431441e86891787922c799b50ae4376ed
Ubuntu Security Notice USN-3007-1
Posted Jun 10, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3007-1 - Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. Jann Horn discovered that eCryptfs improperly attempted to use the mmap() handler of a lower filesystem that did not implement one, causing a recursive page fault to occur. A local unprivileged attacker could use to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-8839, CVE-2016-1583, CVE-2016-2117, CVE-2016-2187, CVE-2016-3961, CVE-2016-4485, CVE-2016-4486, CVE-2016-4558, CVE-2016-4565, CVE-2016-4581
SHA-256 | 21367d7bd0aa8b16e79856a1355feca42858b0c152a944585c55546c468c24e3
Ubuntu Security Notice USN-3006-1
Posted Jun 10, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3006-1 - Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. Jann Horn discovered that eCryptfs improperly attempted to use the mmap() handler of a lower filesystem that did not implement one, causing a recursive page fault to occur. A local unprivileged attacker could use to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-8839, CVE-2016-1583, CVE-2016-2117, CVE-2016-2187, CVE-2016-3961, CVE-2016-4485, CVE-2016-4486, CVE-2016-4558, CVE-2016-4565, CVE-2016-4581
SHA-256 | 154dc735ba43dcb64102c43e5dbd9a972894457a1ab139daeb9843adf1a26a02
Ubuntu Security Notice USN-3005-1
Posted Jun 10, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3005-1 - Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. Jann Horn discovered that eCryptfs improperly attempted to use the mmap() handler of a lower filesystem that did not implement one, causing a recursive page fault to occur. A local unprivileged attacker could use to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-8839, CVE-2016-1583, CVE-2016-2117, CVE-2016-2187, CVE-2016-3961, CVE-2016-4485, CVE-2016-4486, CVE-2016-4558, CVE-2016-4565, CVE-2016-4581
SHA-256 | 56a885e91d30fe754e8f21c81ed01cdf2281619674073d71894d6a45f8497137
Ubuntu Security Notice USN-3004-1
Posted Jun 10, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3004-1 - Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. Jann Horn discovered that eCryptfs improperly attempted to use the mmap() handler of a lower filesystem that did not implement one, causing a recursive page fault to occur. A local unprivileged attacker could use to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-4004, CVE-2016-1583, CVE-2016-2117, CVE-2016-2187, CVE-2016-3672, CVE-2016-3951, CVE-2016-3955, CVE-2016-3961, CVE-2016-4485, CVE-2016-4486, CVE-2016-4565, CVE-2016-4581
SHA-256 | 15260f2bae937ffefd89474b5d45b197be79a2c3c629d596664ff46374144290
Ubuntu Security Notice USN-3003-1
Posted Jun 10, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3003-1 - Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. Jann Horn discovered that eCryptfs improperly attempted to use the mmap() handler of a lower filesystem that did not implement one, causing a recursive page fault to occur. A local unprivileged attacker could use to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-4004, CVE-2016-1583, CVE-2016-2117, CVE-2016-2187, CVE-2016-3672, CVE-2016-3951, CVE-2016-3955, CVE-2016-3961, CVE-2016-4485, CVE-2016-4486, CVE-2016-4565, CVE-2016-4581
SHA-256 | 5fed2838234a44d1730852206ba9626415e7a2b237d203c9b8f4f0a0ae120b95
Ubuntu Security Notice USN-3002-1
Posted Jun 10, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3002-1 - Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. Jann Horn discovered that eCryptfs improperly attempted to use the mmap() handler of a lower filesystem that did not implement one, causing a recursive page fault to occur. A local unprivileged attacker could use to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-4004, CVE-2016-1583, CVE-2016-2117, CVE-2016-2187, CVE-2016-3672, CVE-2016-3951, CVE-2016-3955, CVE-2016-3961, CVE-2016-4485, CVE-2016-4486, CVE-2016-4565, CVE-2016-4581
SHA-256 | 6a304214d70136724253b137a128ced305938a2bcf77b7f57cc2fd2056cb00d0
Ubuntu Security Notice USN-3001-1
Posted Jun 10, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3001-1 - Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. Jann Horn discovered that eCryptfs improperly attempted to use the mmap() handler of a lower filesystem that did not implement one, causing a recursive page fault to occur. A local unprivileged attacker could use to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-4004, CVE-2016-1583, CVE-2016-2117, CVE-2016-2187, CVE-2016-3672, CVE-2016-3951, CVE-2016-3955, CVE-2016-3961, CVE-2016-4485, CVE-2016-4486, CVE-2016-4565, CVE-2016-4581
SHA-256 | cbd8722998ecacafce7f0e191f217dc2e6164d45016680a92f8639cf152856bf
Ubuntu Security Notice USN-3000-1
Posted Jun 10, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3000-1 - Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. Jann Horn discovered that eCryptfs improperly attempted to use the mmap() handler of a lower filesystem that did not implement one, causing a recursive page fault to occur. A local unprivileged attacker could use to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-4004, CVE-2016-1583, CVE-2016-2117, CVE-2016-2187, CVE-2016-3136, CVE-2016-3137, CVE-2016-3140, CVE-2016-3672, CVE-2016-3689, CVE-2016-3951, CVE-2016-3955, CVE-2016-4485, CVE-2016-4486, CVE-2016-4581
SHA-256 | 330259ee5fb5e92854cb2c2d2d644d62e3fa8b04b3260f39927986db6fab5b70
Ubuntu Security Notice USN-2998-1
Posted Jun 10, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2998-1 - Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. Jann Horn discovered that eCryptfs improperly attempted to use the mmap() handler of a lower filesystem that did not implement one, causing a recursive page fault to occur. A local unprivileged attacker could use to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-4004, CVE-2016-1583, CVE-2016-2069, CVE-2016-2117, CVE-2016-2187, CVE-2016-3672, CVE-2016-3951, CVE-2016-3955, CVE-2016-4485, CVE-2016-4486, CVE-2016-4581
SHA-256 | 6ac8e40a1a58889071f681c070f97687fbc0499845baf46496f6035c2db81bc6
Ubuntu Security Notice USN-2989-1
Posted Jun 1, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2989-1 - Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. Jason A. Donenfeld discovered multiple out-of-bounds reads in the OZMO USB over wifi device drivers in the Linux kernel. A remote attacker could use this to cause a denial of service (system crash) or obtain potentially sensitive information from kernel memory. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel
systems | linux, ubuntu
advisories | CVE-2015-4004, CVE-2016-2069, CVE-2016-2117, CVE-2016-2187, CVE-2016-3672, CVE-2016-3951, CVE-2016-3955, CVE-2016-4485, CVE-2016-4486, CVE-2016-4581
SHA-256 | 176f40d6b9ca149610db188404fb65b5dd57970bcbf0fa0ce08d2db323c1cc4d
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    12 Files
  • 27
    May 27th
    12 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close