what you don't know can hurt you
Showing 1 - 12 of 12 RSS Feed

CVE-2017-7482

Status Candidate

Overview

In the Linux kernel before version 4.12, Kerberos 5 tickets decoded when using the RXRPC keys incorrectly assumes the size of a field. This could lead to the size-remaining variable wrapping and the data pointer going over the end of the buffer. This could possibly lead to memory corruption and possible privilege escalation.

Related Files

Ubuntu Security Notice USN-3392-2
Posted Aug 15, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3392-2 - USN-3392-1 fixed a regression in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. USN-3378-2 fixed vulnerabilities in the Linux Hardware Enablement kernel. Unfortunately, a regression was introduced that prevented conntrack from working correctly in some situations. This update fixes the problem. Various other issues were also addressed.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-1000365, CVE-2017-10810, CVE-2017-7482, CVE-2017-7533
MD5 | 71a7bad1735ab6a1d89a1c1236820999
Ubuntu Security Notice USN-3392-1
Posted Aug 15, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3392-1 - USN-3378-1 fixed vulnerabilities in the Linux kernel. Unfortunately, a regression was introduced that prevented conntrack from working correctly in some situations. This update fixes the problem. Fan Wu and Shixiong Zhao discovered a race condition between inotify events and vfs rename operations in the Linux kernel. An unprivileged local attacker could use this to cause a denial of service or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-1000365, CVE-2017-10810, CVE-2017-7482, CVE-2017-7533
MD5 | ffd40fa2f174465003ab0558d699709a
Ubuntu Security Notice USN-3381-2
Posted Aug 7, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3381-2 - USN-3381-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. Peter Pi discovered that the colormap handling for frame buffer devices in the Linux kernel contained an integer overflow. A local attacker could use this to disclose sensitive information. Various other issues were also addressed.

tags | advisory, overflow, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-8405, CVE-2017-1000365, CVE-2017-2618, CVE-2017-7482
MD5 | 872f12a9aea55423ef4a6ad59dc44a44
Ubuntu Security Notice USN-3381-1
Posted Aug 7, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3381-1 - Peter Pi discovered that the colormap handling for frame buffer devices in the Linux kernel contained an integer overflow. A local attacker could use this to disclose sensitive information. It was discovered that the Linux kernel did not properly restrict RLIMIT_STACK size. A local attacker could use this in conjunction with another vulnerability to possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, overflow, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-8405, CVE-2017-1000365, CVE-2017-2618, CVE-2017-7482
MD5 | 23e15cb3b383412d96b020c0af37f828
Debian Security Advisory 3927-1
Posted Aug 7, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3927-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2017-1000365, CVE-2017-10810, CVE-2017-10911, CVE-2017-11176, CVE-2017-7346, CVE-2017-7482, CVE-2017-7533, CVE-2017-7541, CVE-2017-7542, CVE-2017-9605
MD5 | 5e3f1d4849e961f4980564d78956a77b
Ubuntu Security Notice USN-3378-2
Posted Aug 4, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3378-2 - USN-3378-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Fan Wu and Shixiong Zhao discovered a race condition between inotify events and vfs rename operations in the Linux kernel. An unprivileged local attacker could use this to cause a denial of service or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-1000365, CVE-2017-10810, CVE-2017-7482, CVE-2017-7533
MD5 | 83be044752437775050f88aee02fa689
Ubuntu Security Notice USN-3378-1
Posted Aug 4, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3378-1 - Fan Wu and Shixiong Zhao discovered a race condition between inotify events and vfs rename operations in the Linux kernel. An unprivileged local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the Linux kernel did not properly restrict RLIMIT_STACK size. A local attacker could use this in conjunction with another vulnerability to possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-1000365, CVE-2017-10810, CVE-2017-7482, CVE-2017-7533
MD5 | 9db31ba17dfb34a4396c9ced31bc3759
Ubuntu Security Notice USN-3377-2
Posted Aug 4, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3377-2 - USN-3377-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.04. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 17.04 for Ubuntu 16.04 LTS. Fan Wu and Shixiong Zhao discovered a race condition between inotify events and vfs rename operations in the Linux kernel. An unprivileged local attacker could use this to cause a denial of service or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-1000365, CVE-2017-10810, CVE-2017-7482, CVE-2017-7533
MD5 | 7252455e3ef2d532a9738ece9b403104
Ubuntu Security Notice USN-3377-1
Posted Aug 4, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3377-1 - Fan Wu and Shixiong Zhao discovered a race condition between inotify events and vfs rename operations in the Linux kernel. An unprivileged local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the Linux kernel did not properly restrict RLIMIT_STACK size. A local attacker could use this in conjunction with another vulnerability to possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-1000365, CVE-2017-10810, CVE-2017-7482, CVE-2017-7533
MD5 | 9534dcc0dfba019b004a4abde6d30b5f
Kernel Live Patch Security Notice LSN-0026-1
Posted Jul 25, 2017
Authored by Benjamin M. Romer

It was discovered that a use-after-free flaw existed in the filesystem encryption subsystem in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). Jann Horn discovered that the extended Berkeley Packet Filter (eBPF) implementation in the Linux kernel could overflow reference counters on systems with more than 32GB of physical ram and with RLIMIT_MEMLOCK set to infinite. A local unprivileged attacker could use to create a use-after- free situation, causing a denial of service (system crash) or possibly gain administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, overflow, kernel, local
systems | linux
advisories | CVE-2016-4558, CVE-2017-1000365, CVE-2017-7374, CVE-2017-7482, CVE-2017-9150
MD5 | cf9eb0b35f581391cfa449654007aaad
Slackware Security Advisory - Slackware 14.0 kernel Updates
Posted Jul 3, 2017
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New kernel packages are available for Slackware 14.0 to fix security issues.

tags | advisory, kernel
systems | linux, slackware
advisories | CVE-2017-1000364, CVE-2017-7482
MD5 | b15c8264c306e1bb8474a048b1e37571
Slackware Security Advisory - kernel Updates
Posted Jul 3, 2017
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New kernel packages are available for Slackware 14.2 and -current to fix security issues.

tags | advisory, kernel
systems | linux, slackware
advisories | CVE-2017-1000365, CVE-2017-7482
MD5 | 66341962b3c696c861bf4ff69a437c1b
Page 1 of 1
Back1Next

File Archive:

February 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    22 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    2 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    50 Files
  • 6
    Feb 6th
    24 Files
  • 7
    Feb 7th
    15 Files
  • 8
    Feb 8th
    6 Files
  • 9
    Feb 9th
    1 Files
  • 10
    Feb 10th
    1 Files
  • 11
    Feb 11th
    22 Files
  • 12
    Feb 12th
    25 Files
  • 13
    Feb 13th
    16 Files
  • 14
    Feb 14th
    32 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    10 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close