exploit the possibilities
Showing 1 - 14 of 14 RSS Feed

CVE-2016-6480

Status Candidate

Overview

Race condition in the ioctl_send_fib function in drivers/scsi/aacraid/commctrl.c in the Linux kernel through 4.7 allows local users to cause a denial of service (out-of-bounds access or system crash) by changing a certain size value, aka a "double fetch" vulnerability.

Related Files

Red Hat Security Advisory 2017-0817-01
Posted Mar 21, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0817-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: It was discovered that a remote attacker could leverage the generation of IPv6 atomic fragments to trigger the use of fragmentation in an arbitrary IPv6 flow and could subsequently perform any type of a fragmentation-based attack against legacy IPv6 nodes that do not implement RFC6946.

tags | advisory, remote, arbitrary, kernel
systems | linux, redhat
advisories | CVE-2016-10088, CVE-2016-10142, CVE-2016-2069, CVE-2016-2384, CVE-2016-6480, CVE-2016-7042, CVE-2016-7097, CVE-2016-8399, CVE-2016-9576
MD5 | b3b4f6f881b29620a89e2c49c244298d
Kernel Live Patch Security Notice LSN-0014-1
Posted Dec 8, 2016
Authored by Luis Henriques

Philip Pettersson discovered a race condition in the af_packet implementation in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service (system crash) or run arbitrary code with administrative privileges. Pengfei Wang discovered a race condition in the Adaptec AAC RAID controller driver in the Linux kernel when handling ioctl()s. A local attacker could use this to cause a denial of service (system crash). Marco Grassi discovered a use-after-free condition could occur in the TCP retransmit queue handling code in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local, tcp
systems | linux
advisories | CVE-2016-6480, CVE-2016-6828, CVE-2016-8655
MD5 | c654f261f98e8fb00d15ffa5185aa4a4
Red Hat Security Advisory 2016-2584-02
Posted Nov 3, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2584-02 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: It was found that the Linux kernel's IPv6 implementation mishandled socket options. A local attacker could abuse concurrent access to the socket options to escalate their privileges, or cause a denial of service via a crafted sendmsg system call.

tags | advisory, denial of service, kernel, local
systems | linux, redhat
advisories | CVE-2013-4312, CVE-2015-8374, CVE-2015-8543, CVE-2015-8746, CVE-2015-8812, CVE-2015-8844, CVE-2015-8845, CVE-2015-8956, CVE-2016-2053, CVE-2016-2069, CVE-2016-2117, CVE-2016-2384, CVE-2016-2847, CVE-2016-3070, CVE-2016-3156, CVE-2016-3699, CVE-2016-3841, CVE-2016-4569, CVE-2016-4578, CVE-2016-4581, CVE-2016-4794, CVE-2016-5829, CVE-2016-6136, CVE-2016-6198, CVE-2016-6327, CVE-2016-6480
MD5 | 9cd6ca4a3ba80601297dc4773a1728cf
Red Hat Security Advisory 2016-2574-02
Posted Nov 3, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2574-02 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: It was found that the Linux kernel's IPv6 implementation mishandled socket options. A local attacker could abuse concurrent access to the socket options to escalate their privileges, or cause a denial of service via a crafted sendmsg system call.

tags | advisory, denial of service, kernel, local
systems | linux, redhat
advisories | CVE-2013-4312, CVE-2015-8374, CVE-2015-8543, CVE-2015-8746, CVE-2015-8812, CVE-2015-8844, CVE-2015-8845, CVE-2015-8956, CVE-2016-2053, CVE-2016-2069, CVE-2016-2117, CVE-2016-2384, CVE-2016-2847, CVE-2016-3070, CVE-2016-3156, CVE-2016-3699, CVE-2016-3841, CVE-2016-4569, CVE-2016-4578, CVE-2016-4581, CVE-2016-4794, CVE-2016-5412, CVE-2016-5828, CVE-2016-5829, CVE-2016-6136, CVE-2016-6198, CVE-2016-6327, CVE-2016-6480
MD5 | 2324e71508a4e3597cc2c4131fd838dc
Ubuntu Security Notice USN-3097-2
Posted Oct 14, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3097-2 - Marco Grassi discovered a use-after-free condition could occur in the TCP retransmit queue handling code in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Pengfei Wang discovered a race condition in the audit subsystem in the Linux kernel. A local attacker could use this to corrupt audit logs or disrupt system-call auditing. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2016-6136, CVE-2016-6480, CVE-2016-6828
MD5 | 5bfc16d8b3a737ef00ff4133ad234e42
Ubuntu Security Notice USN-3099-3
Posted Oct 12, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3099-3 - It was discovered that an unbounded recursion in the VLAN and TEB Generic Receive Offload processing implementations in the Linux kernel, A remote attacker could use this to cause a stack corruption, leading to a denial of service. Marco Grassi discovered a use-after-free condition could occur in the TCP retransmit queue handling code in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2016-6480, CVE-2016-6828, CVE-2016-7039
MD5 | 0dba9e104afbb1a7d310cf8642437ede
Ubuntu Security Notice USN-3099-4
Posted Oct 12, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3099-4 - It was discovered that an unbounded recursion in the VLAN and TEB Generic Receive Offload processing implementations in the Linux kernel, A remote attacker could use this to cause a stack corruption, leading to a denial of service. Marco Grassi discovered a use-after-free condition could occur in the TCP retransmit queue handling code in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2016-6480, CVE-2016-6828, CVE-2016-7039
MD5 | 059295b45e6db97ee1690400709c173d
Ubuntu Security Notice USN-3097-1
Posted Oct 12, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3097-1 - Marco Grassi discovered a use-after-free condition could occur in the TCP retransmit queue handling code in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Pengfei Wang discovered a race condition in the audit subsystem in the Linux kernel. A local attacker could use this to corrupt audit logs or disrupt system-call auditing. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2016-6136, CVE-2016-6480, CVE-2016-6828
MD5 | 705aae2a7f026da93b84be90ba5fc103
Ubuntu Security Notice USN-3098-2
Posted Oct 12, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3098-2 - USN-3098-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. It was discovered that an unbounded recursion in the VLAN and TEB Generic Receive Offload processing implementations in the Linux kernel, A remote attacker could use this to cause a stack corruption, leading to a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-6136, CVE-2016-6480, CVE-2016-6828, CVE-2016-7039
MD5 | c4727d80bef3c3de9de4072f04c441af
Ubuntu Security Notice USN-3098-1
Posted Oct 12, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3098-1 - It was discovered that an unbounded recursion in the VLAN and TEB Generic Receive Offload processing implementations in the Linux kernel, A remote attacker could use this to cause a stack corruption, leading to a denial of service. Marco Grassi discovered a use-after-free condition could occur in the TCP retransmit queue handling code in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2016-6136, CVE-2016-6480, CVE-2016-6828, CVE-2016-7039
MD5 | f6a6065596ed373a81c7246483b609d2
Ubuntu Security Notice USN-3099-2
Posted Oct 12, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3099-2 - USN-3099-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that an unbounded recursion in the VLAN and TEB Generic Receive Offload processing implementations in the Linux kernel, A remote attacker could use this to cause a stack corruption, leading to a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-6480, CVE-2016-6828, CVE-2016-7039
MD5 | 55a124c9a282a37431bbe5743c67cd61
Ubuntu Security Notice USN-3099-1
Posted Oct 12, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3099-1 - It was discovered that an unbounded recursion in the VLAN and TEB Generic Receive Offload processing implementations in the Linux kernel, A remote attacker could use this to cause a stack corruption, leading to a denial of service. Marco Grassi discovered a use-after-free condition could occur in the TCP retransmit queue handling code in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2016-6130, CVE-2016-6480, CVE-2016-6828, CVE-2016-7039
MD5 | 8c1bb6d933865d7036eccc1367667395
Debian Security Advisory 3659-1
Posted Sep 6, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3659-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or have other impacts.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2016-5696, CVE-2016-6136, CVE-2016-6480, CVE-2016-6828
MD5 | 5518a402b27f6c8a6bfb4c80af075383
Linux 4.5 Double-Fetch
Posted Aug 1, 2016
Authored by Pengfei Wang

Linux kernel versions 4.5 and below suffer from a double-fetch vulnerability.

tags | advisory, kernel
systems | linux
advisories | CVE-2016-6480
MD5 | eb4c02c54f9b33125f4224b98dbaebe8
Page 1 of 1
Back1Next

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    1 Files
  • 19
    Oct 19th
    27 Files
  • 20
    Oct 20th
    41 Files
  • 21
    Oct 21st
    18 Files
  • 22
    Oct 22nd
    16 Files
  • 23
    Oct 23rd
    2 Files
  • 24
    Oct 24th
    1 Files
  • 25
    Oct 25th
    1 Files
  • 26
    Oct 26th
    17 Files
  • 27
    Oct 27th
    19 Files
  • 28
    Oct 28th
    29 Files
  • 29
    Oct 29th
    13 Files
  • 30
    Oct 30th
    8 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close