exploit the possibilities
Showing 1 - 6 of 6 RSS Feed

CVE-2017-5669

Status Candidate

Overview

The do_shmat function in ipc/shm.c in the Linux kernel through 4.9.12 does not restrict the address calculated by a certain rounding operation, which allows local users to map page zero, and consequently bypass a protection mechanism that exists for the mmap system call, by making crafted shmget and shmat system calls in a privileged context.

Related Files

Ubuntu Security Notice USN-3583-2
Posted Feb 23, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3583-2 - USN-3583-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. It was discovered that an out-of-bounds write vulnerability existed in the Flash-Friendly File System in the Linux kernel. An attacker could construct a malicious file system that, when mounted, could cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-0750, CVE-2017-0861, CVE-2017-1000407, CVE-2017-12153, CVE-2017-12190, CVE-2017-12192, CVE-2017-14051, CVE-2017-14140, CVE-2017-14156, CVE-2017-14489, CVE-2017-15102, CVE-2017-15115, CVE-2017-15274, CVE-2017-15868, CVE-2017-16525, CVE-2017-17450, CVE-2017-17806, CVE-2017-18017, CVE-2017-5669, CVE-2017-7542, CVE-2017-7889, CVE-2017-8824, CVE-2018-5333, CVE-2018-5344
MD5 | 31d9ad4299f2ef96b20bed7917d8b10e
Ubuntu Security Notice USN-3583-1
Posted Feb 23, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3583-1 - It was discovered that an out-of-bounds write vulnerability existed in the Flash-Friendly File System in the Linux kernel. An attacker could construct a malicious file system that, when mounted, could cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition leading to a use-after-free vulnerability existed in the ALSA PCM subsystem of the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-0750, CVE-2017-0861, CVE-2017-1000407, CVE-2017-12153, CVE-2017-12190, CVE-2017-12192, CVE-2017-14051, CVE-2017-14140, CVE-2017-14156, CVE-2017-14489, CVE-2017-15102, CVE-2017-15115, CVE-2017-15274, CVE-2017-15868, CVE-2017-16525, CVE-2017-17450, CVE-2017-17806, CVE-2017-18017, CVE-2017-5669, CVE-2017-5754, CVE-2017-7542, CVE-2017-7889, CVE-2017-8824, CVE-2018-5333, CVE-2018-5344
MD5 | 72f5ce45fa98483fb5383129af775873
Ubuntu Security Notice USN-3361-1
Posted Jul 21, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3361-1 - USN-3358-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.04. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 17.04 for Ubuntu 16.04 LTS. Please note that this update changes the Linux HWE kernel to the 4.10 based kernel from Ubuntu 17.04, superseding the 4.8 based HWE kernel from Ubuntu 16.10. Ben Harris discovered that the Linux kernel would strip extended privilege attributes of files when performing a failed unprivileged system call. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2015-1350, CVE-2016-10208, CVE-2016-8405, CVE-2016-8636, CVE-2016-9083, CVE-2016-9084, CVE-2016-9191, CVE-2016-9604, CVE-2016-9755, CVE-2017-2583, CVE-2017-2584, CVE-2017-2596, CVE-2017-2618, CVE-2017-2671, CVE-2017-5546, CVE-2017-5549, CVE-2017-5550, CVE-2017-5551, CVE-2017-5576, CVE-2017-5669, CVE-2017-5897, CVE-2017-5970, CVE-2017-6001, CVE-2017-6214, CVE-2017-6345, CVE-2017-6346, CVE-2017-6347, CVE-2017-6348
MD5 | 2a81ab5a406b26495cf15b17d009be23
Ubuntu Security Notice USN-3265-1
Posted Apr 25, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3265-1 - It was discovered that a use-after-free flaw existed in the filesystem encryption subsystem in the Linux kernel. A local attacker could use this to cause a denial of service. Andrey Konovalov discovered an out-of-bounds access in the IPv6 Generic Routing Encapsulation tunneling implementation in the Linux kernel. An attacker could use this to possibly expose sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-5669, CVE-2017-5897, CVE-2017-5970, CVE-2017-5986, CVE-2017-6214, CVE-2017-6345, CVE-2017-6346, CVE-2017-6347, CVE-2017-6348, CVE-2017-7374
MD5 | 43807cc3f26e96261a3a1e8c9496dd7b
Ubuntu Security Notice USN-3265-2
Posted Apr 25, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3265-2 - USN-3265-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that a use-after-free flaw existed in the filesystem encryption subsystem in the Linux kernel. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-5669, CVE-2017-5897, CVE-2017-5970, CVE-2017-5986, CVE-2017-6214, CVE-2017-6345, CVE-2017-6346, CVE-2017-6347, CVE-2017-6348, CVE-2017-7374
MD5 | 79de1bc5e4243981826245ca0814fd34
Debian Security Advisory 3804-1
Posted Mar 9, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3804-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or have other impacts.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2016-9588, CVE-2017-2636, CVE-2017-5669, CVE-2017-5986, CVE-2017-6214, CVE-2017-6345, CVE-2017-6346, CVE-2017-6348, CVE-2017-6353
MD5 | 1295fa7b9a0ca6ed48c55af8dc82bf48
Page 1 of 1
Back1Next

File Archive:

November 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    2 Files
  • 2
    Nov 2nd
    9 Files
  • 3
    Nov 3rd
    15 Files
  • 4
    Nov 4th
    90 Files
  • 5
    Nov 5th
    22 Files
  • 6
    Nov 6th
    16 Files
  • 7
    Nov 7th
    1 Files
  • 8
    Nov 8th
    1 Files
  • 9
    Nov 9th
    40 Files
  • 10
    Nov 10th
    27 Files
  • 11
    Nov 11th
    28 Files
  • 12
    Nov 12th
    13 Files
  • 13
    Nov 13th
    18 Files
  • 14
    Nov 14th
    2 Files
  • 15
    Nov 15th
    2 Files
  • 16
    Nov 16th
    29 Files
  • 17
    Nov 17th
    15 Files
  • 18
    Nov 18th
    15 Files
  • 19
    Nov 19th
    21 Files
  • 20
    Nov 20th
    16 Files
  • 21
    Nov 21st
    1 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    19 Files
  • 24
    Nov 24th
    32 Files
  • 25
    Nov 25th
    7 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close