Red Hat Security Advisory 2017-3200-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A race condition issue leading to a use-after-free flaw was found in the way the raw packet sockets are implemented in the Linux kernel networking subsystem handling synchronization. A local user able to open a raw packet socket could use this flaw to elevate their privileges on the system.
2ed8a67f11427e2d2b9d276e27f1f3887b343d36c2da2af2fbeeaf1a4deb0cdcRed Hat Security Advisory 2017-2931-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: Out-of-bounds kernel heap access vulnerability was found in xfrm, kernel's IP framework for transforming packets. An error dealing with netlink messages from an unprivileged user leads to arbitrary read/write and privilege escalation. A race condition issue leading to a use-after-free flaw was found in the way the raw packet sockets are implemented in the Linux kernel networking subsystem handling synchronization. A local user able to open a raw packet socket could use this flaw to elevate their privileges on the system.
edba1cdf75883b0afd4147a1b9b0f8c787387b79a168379d1cee80de73ebe1eaRed Hat Security Advisory 2017-2930-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: Out-of-bounds kernel heap access vulnerability was found in xfrm, kernel's IP framework for transforming packets. An error dealing with netlink messages from an unprivileged user leads to arbitrary read/write and privilege escalation. A race condition issue leading to a use-after-free flaw was found in the way the raw packet sockets are implemented in the Linux kernel networking subsystem handling synchronization. A local user able to open a raw packet socket could use this flaw to elevate their privileges on the system.
e290a5f1dc4b6935b2c09d9c88039750f701a314dff84bdf0a026e7c338e354dRed Hat Security Advisory 2017-2918-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: Out-of-bounds kernel heap access vulnerability was found in xfrm, kernel's IP framework for transforming packets. An error dealing with netlink messages from an unprivileged user leads to arbitrary read/write and privilege escalation. A race condition issue leading to a use-after-free flaw was found in the way the raw packet sockets are implemented in the Linux kernel networking subsystem handling synchronization. A local user able to open a raw packet socket could use this flaw to elevate their privileges on the system.
668de5ec7c2ffb14d70f655cc1fae90c9916874f80e9a59e8ec1cecdaf1fa43bAndrey Konovalov discovered a race condition in the UDP Fragmentation Offload (UFO) code in the Linux kernel. A local attacker could use this to cause a denial of service or execute arbitrary code. Andrey Konovalov discovered a race condition in AF_PACKET socket option handling code in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service or possibly execute arbitrary code.
f1d27ee9e08fb4d7aba3b36609845fbfa5e959afbcd42c78b5b81f4e0bfae6dbUbuntu Security Notice 3386-2 - USN-3386-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. Andrey Konovalov discovered a race condition in the UDP Fragmentation Offload code in the Linux kernel. A local attacker could use this to cause a denial of service or execute arbitrary code. Various other issues were also addressed.
a876e7d4b791e40fefb320217a46bff63e6300d72ad9306f4f51b493d9536c67Ubuntu Security Notice 3386-1 - Andrey Konovalov discovered a race condition in the UDP Fragmentation Offload code in the Linux kernel. A local attacker could use this to cause a denial of service or execute arbitrary code. Andrey Konovalov discovered a race condition in AF_PACKET socket option handling code in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
647b2d1d1c8bb541cd4e3690728e76a854d20ea18c6dba3a92754a2e3124f25bUbuntu Security Notice 3385-2 - USN-3385-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Andrey Konovalov discovered a race condition in the UDP Fragmentation Offload code in the Linux kernel. A local attacker could use this to cause a denial of service or execute arbitrary code. Various other issues were also addressed.
664a65bdbca4a92e2983a2e23ad4f87d42ad55a05cf9741672aaffa9b5128288Ubuntu Security Notice 3385-1 - Andrey Konovalov discovered a race condition in the UDP Fragmentation Offload code in the Linux kernel. A local attacker could use this to cause a denial of service or execute arbitrary code. Andrey Konovalov discovered a race condition in AF_PACKET socket option handling code in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
f410650ac5386976fb5b72d6502ef110b7e9e6a866a422120c929e5c641a36b1Ubuntu Security Notice 3384-2 - USN-3384-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.04. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 17.04 for Ubuntu 16.04 LTS. Andrey Konovalov discovered a race condition in the UDP Fragmentation Offload code in the Linux kernel. A local attacker could use this to cause a denial of service or execute arbitrary code. Various other issues were also addressed.
f900ee14d39b21ba30d2c6c233e495641d3cbde809659718430d6eec5a923fb1Ubuntu Security Notice 3384-1 - Andrey Konovalov discovered a race condition in the UDP Fragmentation Offload code in the Linux kernel. A local attacker could use this to cause a denial of service or execute arbitrary code. Andrey Konovalov discovered a race condition in AF_PACKET socket option handling code in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
9c0a1ae85f7530bab528e798e750966790ccbf6b7702ec5330b525b7b5c41602
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed