exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 8 of 8 RSS Feed

CVE-2016-9588

Status Candidate

Overview

arch/x86/kvm/vmx.c in the Linux kernel through 4.9 mismanages the #BP and #OF exceptions, which allows guest OS users to cause a denial of service (guest OS crash) by declining to handle an exception thrown by an L2 guest.

Related Files

Ubuntu Security Notice USN-3822-2
Posted Nov 15, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3822-2 - USN-3822-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. Jim Mattson discovered that the KVM implementation in the Linux kernel mismanages the #BP and #OF exceptions. A local attacker in a guest virtual machine could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-9588, CVE-2017-13168, CVE-2017-16649, CVE-2018-16658, CVE-2018-9363
SHA-256 | 12f251d1b02cc09b2a7869afca47e925382c2467ba8f6d0eadc536cd46f72f36
Ubuntu Security Notice USN-3822-1
Posted Nov 15, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3822-1 - Jim Mattson discovered that the KVM implementation in the Linux kernel mismanages the #BP and #OF exceptions. A local attacker in a guest virtual machine could use this to cause a denial of service. It was discovered that the generic SCSI driver in the Linux kernel did not properly enforce permissions on kernel memory access. A local attacker could use this to expose sensitive information or possibly elevate privileges. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-9588, CVE-2017-13168, CVE-2017-16649, CVE-2018-16658, CVE-2018-9363
SHA-256 | 9f6d94f1901e1160d9a212fff4c9f220ff1ecdd77f62d48385aa6a8148a71140
Red Hat Security Advisory 2017-1842-01
Posted Aug 2, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1842-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: An use-after-free flaw was found in the Linux kernel which enables a race condition in the L2TPv3 IP Encapsulation feature. A local user could use this flaw to escalate their privileges or crash the system. A flaw was found that can be triggered in keyring_search_iterator in keyring.c if type->match is NULL. A local user could use this flaw to crash the system or, potentially, escalate their privileges.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2014-7970, CVE-2014-7975, CVE-2015-8839, CVE-2015-8970, CVE-2016-10088, CVE-2016-10147, CVE-2016-10200, CVE-2016-6213, CVE-2016-7042, CVE-2016-7097, CVE-2016-8645, CVE-2016-9576, CVE-2016-9588, CVE-2016-9604, CVE-2016-9685, CVE-2016-9806, CVE-2017-2596, CVE-2017-2647, CVE-2017-2671, CVE-2017-5970, CVE-2017-6001, CVE-2017-6951, CVE-2017-7187, CVE-2017-7616, CVE-2017-7889, CVE-2017-8797, CVE-2017-8890, CVE-2017-9074
SHA-256 | 5ca025049a9aeac274477f25b1f88d0c0690dadc0caf736cba30c2ebc58771e8
Red Hat Security Advisory 2017-2077-01
Posted Aug 2, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2077-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: An use-after-free flaw was found in the Linux kernel which enables a race condition in the L2TPv3 IP Encapsulation feature. A local user could use this flaw to escalate their privileges or crash the system. A flaw was found that can be triggered in keyring_search_iterator in keyring.c if type->match is NULL. A local user could use this flaw to crash the system or, potentially, escalate their privileges.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2014-7970, CVE-2014-7975, CVE-2015-8839, CVE-2015-8970, CVE-2016-10088, CVE-2016-10147, CVE-2016-10200, CVE-2016-6213, CVE-2016-7042, CVE-2016-7097, CVE-2016-8645, CVE-2016-9576, CVE-2016-9588, CVE-2016-9604, CVE-2016-9685, CVE-2016-9806, CVE-2017-2596, CVE-2017-2647, CVE-2017-2671, CVE-2017-5970, CVE-2017-6001, CVE-2017-6951, CVE-2017-7187, CVE-2017-7616, CVE-2017-7889, CVE-2017-8797, CVE-2017-8890, CVE-2017-9074
SHA-256 | d2c3180ea8e30c9c7a99dd568d556248785dfe383295b24d599dcc9aae61ff25
Debian Security Advisory 3804-1
Posted Mar 9, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3804-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or have other impacts.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2016-9588, CVE-2017-2636, CVE-2017-5669, CVE-2017-5986, CVE-2017-6214, CVE-2017-6345, CVE-2017-6346, CVE-2017-6348, CVE-2017-6353
SHA-256 | bf34aecaa99f3953f3e5e8b357bd78ef352fb22bbd9d30a1d3a1d766d7f7d9f9
Ubuntu Security Notice USN-3208-1
Posted Feb 23, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3208-1 - It was discovered that the generic SCSI block layer in the Linux kernel did not properly restrict write operations in certain situations. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. CAI Qian discovered that the sysctl implementation in the Linux kernel did not properly perform reference counting in some situations. An unprivileged attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-10088, CVE-2016-9191, CVE-2016-9588, CVE-2017-2583, CVE-2017-2584, CVE-2017-5549, CVE-2017-6074
SHA-256 | 06bc59f5224049671a0fcd3f4d851d69bdc6602bedb41005a8a51bcf1c98fa56
Ubuntu Security Notice USN-3209-1
Posted Feb 23, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3209-1 - It was discovered that the generic SCSI block layer in the Linux kernel did not properly restrict write operations in certain situations. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. Jim Mattson discovered that the KVM implementation in the Linux kernel mismanages the #BP and #OF exceptions. A local attacker in a guest virtual machine could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-10088, CVE-2016-9588, CVE-2017-6074
SHA-256 | fc8efec5bc02f4a0dd164d80178c39462832170db02485b791a003ea5eff78dd
Ubuntu Security Notice USN-3208-2
Posted Feb 23, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3208-2 - USN-3208-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that the generic SCSI block layer in the Linux kernel did not properly restrict write operations in certain situations. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-10088, CVE-2016-9191, CVE-2016-9588, CVE-2017-2583, CVE-2017-2584, CVE-2017-5549, CVE-2017-6074
SHA-256 | 1d3dac77e17589a335d73b1696ce93581c43caf1d8c627cd121b232338ea070c
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close