exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 8 of 8 RSS Feed

CVE-2016-7910

Status Candidate

Overview

Use-after-free vulnerability in the disk_seqf_stop function in block/genhd.c in the Linux kernel before 4.7.1 allows local users to gain privileges by leveraging the execution of a certain stop operation even if the corresponding start operation had failed.

Related Files

Red Hat Security Advisory 2017-1298-01
Posted May 26, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1298-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: It was found that the packet_set_ring() function of the Linux kernel's networking implementation did not properly validate certain block-size data. A local attacker with CAP_NET_RAW capability could use this flaw to trigger a buffer overflow, resulting in the crash of the system. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.

tags | advisory, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2016-10208, CVE-2016-7910, CVE-2016-8646, CVE-2017-7308
SHA-256 | 40f0d88fee842312c08174e9a755735d073fbc79231455636cffc86f445ac1fd
Red Hat Security Advisory 2017-1297-01
Posted May 26, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1297-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: It was found that the packet_set_ring() function of the Linux kernel's networking implementation did not properly validate certain block-size data. A local attacker with CAP_NET_RAW capability could use this flaw to trigger a buffer overflow, resulting in the crash of the system. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.

tags | advisory, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2016-10208, CVE-2016-7910, CVE-2016-8646, CVE-2017-7308
SHA-256 | 4cdf95d71fe190028c5b4eaf8a98bb01e7ca1f467d3e4a94c93169e92070f5df
Red Hat Security Advisory 2017-1308-01
Posted May 26, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1308-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: It was found that the packet_set_ring() function of the Linux kernel's networking implementation did not properly validate certain block-size data. A local attacker with CAP_NET_RAW capability could use this flaw to trigger a buffer overflow, resulting in the crash of the system. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.

tags | advisory, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2016-10208, CVE-2016-7910, CVE-2016-8646, CVE-2017-5986, CVE-2017-7308
SHA-256 | 05e1316e780dc2164e9b946f6bf6af0785375c6af129a7e24f7c80990de20921
Kernel Live Patch Security Notice LSN-0021-1
Posted Apr 15, 2017
Authored by Benjamin M. Romer

Several security issues were fixed in the kernel. Andrey Konovalov discovered that the AF_PACKET implementation in the Linux kernel did not properly validate certain block-size data. A local attacker could use this to cause a denial of service (system crash). Andrey Konovalov discovered a use-after-free vulnerability in the DCCP implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly gain administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux
advisories | CVE-2016-5195, CVE-2016-7910, CVE-2016-7911, CVE-2016-7912, CVE-2016-7916, CVE-2016-8399, CVE-2016-8630, CVE-2016-8633, CVE-2016-9191, CVE-2016-9555, CVE-2016-9756, CVE-2017-2583, CVE-2017-6074, CVE-2017-7308
SHA-256 | 42b1d7e92d487c05901f19f08b2e6c9e119556985c2054e46a019c3a3bd7bf0d
Red Hat Security Advisory 2017-0892-01
Posted Apr 11, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0892-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A race condition flaw was found in the N_HLDC Linux kernel driver when accessing n_hdlc.tbuf list that can lead to double free. A local, unprivileged user able to set the HDLC line discipline on the tty device could use this flaw to increase their privileges on the system.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2016-7910, CVE-2017-2636
SHA-256 | 461ae7c457de3804b797938ceca8ec594debd203b4f0a5e49c915644c3bb8f64
Ubuntu Security Notice USN-3207-2
Posted Feb 23, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3207-2 - USN-3207-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. It was discovered that a use-after-free vulnerability existed in the block device layer of the Linux kernel. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-7910, CVE-2016-7911, CVE-2017-6074
SHA-256 | da2d54a183091695057210caf21913be9b3b7213195d0df2dcfb4bcd1c217b32
Ubuntu Security Notice USN-3207-1
Posted Feb 23, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3207-1 - It was discovered that a use-after-free vulnerability existed in the block device layer of the Linux kernel. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. Dmitry Vyukov discovered a use-after-free vulnerability in the sys_ioprio_get function in the Linux kernel. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-7910, CVE-2016-7911, CVE-2017-6074
SHA-256 | 8c63b74c2660cad561d31b5daa2b648f239ed45fba675efdbab4f5568685b605
Ubuntu Security Notice USN-3206-1
Posted Feb 23, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3206-1 - It was discovered that a use-after-free vulnerability existed in the block device layer of the Linux kernel. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. Dmitry Vyukov discovered a use-after-free vulnerability in the sys_ioprio_get function in the Linux kernel. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-7910, CVE-2016-7911, CVE-2017-6074
SHA-256 | c2b81ff2da57e7cc88a256cf883b5dac0b8c916a800f4bd5c43b16498f58613c
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close