Twenty Year Anniversary
Showing 1 - 8 of 8 RSS Feed

CVE-2016-7910

Status Candidate

Overview

Use-after-free vulnerability in the disk_seqf_stop function in block/genhd.c in the Linux kernel before 4.7.1 allows local users to gain privileges by leveraging the execution of a certain stop operation even if the corresponding start operation had failed.

Related Files

Red Hat Security Advisory 2017-1298-01
Posted May 26, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1298-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: It was found that the packet_set_ring() function of the Linux kernel's networking implementation did not properly validate certain block-size data. A local attacker with CAP_NET_RAW capability could use this flaw to trigger a buffer overflow, resulting in the crash of the system. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.

tags | advisory, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2016-10208, CVE-2016-7910, CVE-2016-8646, CVE-2017-7308
MD5 | 68246d6f7e533ab05baff2d7cbd62ba1
Red Hat Security Advisory 2017-1297-01
Posted May 26, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1297-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: It was found that the packet_set_ring() function of the Linux kernel's networking implementation did not properly validate certain block-size data. A local attacker with CAP_NET_RAW capability could use this flaw to trigger a buffer overflow, resulting in the crash of the system. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.

tags | advisory, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2016-10208, CVE-2016-7910, CVE-2016-8646, CVE-2017-7308
MD5 | 4b41d19f3dbd1570049ac04179f9d1a3
Red Hat Security Advisory 2017-1308-01
Posted May 26, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1308-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: It was found that the packet_set_ring() function of the Linux kernel's networking implementation did not properly validate certain block-size data. A local attacker with CAP_NET_RAW capability could use this flaw to trigger a buffer overflow, resulting in the crash of the system. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.

tags | advisory, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2016-10208, CVE-2016-7910, CVE-2016-8646, CVE-2017-5986, CVE-2017-7308
MD5 | 1a4da6d2bc02d3fd97903c280961b160
Kernel Live Patch Security Notice LSN-0021-1
Posted Apr 15, 2017
Authored by Benjamin M. Romer

Several security issues were fixed in the kernel. Andrey Konovalov discovered that the AF_PACKET implementation in the Linux kernel did not properly validate certain block-size data. A local attacker could use this to cause a denial of service (system crash). Andrey Konovalov discovered a use-after-free vulnerability in the DCCP implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly gain administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux
advisories | CVE-2016-5195, CVE-2016-7910, CVE-2016-7911, CVE-2016-7912, CVE-2016-7916, CVE-2016-8399, CVE-2016-8630, CVE-2016-8633, CVE-2016-9191, CVE-2016-9555, CVE-2016-9756, CVE-2017-2583, CVE-2017-6074, CVE-2017-7308
MD5 | 878ad898ccfcd692664025f15c5ea754
Red Hat Security Advisory 2017-0892-01
Posted Apr 11, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0892-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A race condition flaw was found in the N_HLDC Linux kernel driver when accessing n_hdlc.tbuf list that can lead to double free. A local, unprivileged user able to set the HDLC line discipline on the tty device could use this flaw to increase their privileges on the system.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2016-7910, CVE-2017-2636
MD5 | 2004fa2d5bb969c50016a2bb40186ec2
Ubuntu Security Notice USN-3207-2
Posted Feb 23, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3207-2 - USN-3207-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. It was discovered that a use-after-free vulnerability existed in the block device layer of the Linux kernel. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-7910, CVE-2016-7911, CVE-2017-6074
MD5 | c0320da86bd7ef0a80867ccd916fd84f
Ubuntu Security Notice USN-3207-1
Posted Feb 23, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3207-1 - It was discovered that a use-after-free vulnerability existed in the block device layer of the Linux kernel. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. Dmitry Vyukov discovered a use-after-free vulnerability in the sys_ioprio_get function in the Linux kernel. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-7910, CVE-2016-7911, CVE-2017-6074
MD5 | 1383749585832daa1cfd70e12cfc5a6c
Ubuntu Security Notice USN-3206-1
Posted Feb 23, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3206-1 - It was discovered that a use-after-free vulnerability existed in the block device layer of the Linux kernel. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. Dmitry Vyukov discovered a use-after-free vulnerability in the sys_ioprio_get function in the Linux kernel. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-7910, CVE-2016-7911, CVE-2017-6074
MD5 | a7eb4b53bff91f5179c5aa436104a483
Page 1 of 1
Back1Next

File Archive:

October 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    26 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    2 Files
  • 7
    Oct 7th
    3 Files
  • 8
    Oct 8th
    23 Files
  • 9
    Oct 9th
    16 Files
  • 10
    Oct 10th
    15 Files
  • 11
    Oct 11th
    19 Files
  • 12
    Oct 12th
    16 Files
  • 13
    Oct 13th
    2 Files
  • 14
    Oct 14th
    2 Files
  • 15
    Oct 15th
    15 Files
  • 16
    Oct 16th
    20 Files
  • 17
    Oct 17th
    19 Files
  • 18
    Oct 18th
    21 Files
  • 19
    Oct 19th
    16 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close