what you don't know can hurt you
Showing 1 - 12 of 12 RSS Feed

CVE-2018-7755

Status Candidate

Overview

An issue was discovered in the fd_locked_ioctl function in drivers/block/floppy.c in the Linux kernel through 4.15.7. The floppy driver will copy a kernel pointer to user memory in response to the FDGETPRM ioctl. An attacker can send the FDGETPRM ioctl and use the obtained kernel pointer to discover the location of kernel code and data and bypass kernel security protections such as KASLR.

Related Files

Debian Security Advisory 4308-1
Posted Oct 2, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4308-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2018-10902, CVE-2018-10938, CVE-2018-13099, CVE-2018-14609, CVE-2018-14617, CVE-2018-14633, CVE-2018-14678, CVE-2018-14734, CVE-2018-15572, CVE-2018-15594, CVE-2018-16276, CVE-2018-16658, CVE-2018-17182, CVE-2018-6554, CVE-2018-6555, CVE-2018-7755, CVE-2018-9363, CVE-2018-9516
MD5 | a1995d1e6eb105061c1bda57627f1054
Ubuntu Security Notice USN-3718-2
Posted Jul 23, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3718-2 - USN-3695-2 fixed vulnerabilities in the Linux Hardware Enablement Kernel kernel for Ubuntu 16.04 LTS. Unfortunately, the fix for CVE-2018-1108 introduced a regression where insufficient early entropy prevented services from starting, leading in some situations to a failure to boot, This update addresses the issue. Various other issues were also addressed.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-1094, CVE-2018-10940, CVE-2018-1095, CVE-2018-1108, CVE-2018-11508, CVE-2018-7755
MD5 | 95f3ed15f6f677f3916eddf77606b2be
Ubuntu Security Notice USN-3718-1
Posted Jul 23, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3718-1 - USN-3695-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. Unfortunately, the fix for CVE-2018-1108 introduced a regression where insufficient early entropy prevented services from starting, leading in some situations to a failure to boot, This update addresses the issue. Various other issues were also addressed.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-1094, CVE-2018-10940, CVE-2018-1095, CVE-2018-1108, CVE-2018-11508, CVE-2018-7755
MD5 | 89afcc71542e7f35797e8836a45c4aa9
Kernel Live Patch Security Notice LSN-0040-1
Posted Jul 5, 2018
Authored by Benjamin M. Romer

Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly handle corrupted meta data in some situations. An attacker could use this to specially craft an ext4 file system that caused a denial of service (system crash) when mounted. It was discovered that an information leak vulnerability existed in the floppy driver in the Linux kernel. A local attacker could use this to expose sensitive information (kernel memory). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux
advisories | CVE-2018-1092, CVE-2018-1093, CVE-2018-3665, CVE-2018-7755
MD5 | 12dc1b657d3a63120fd299195c1684b4
Ubuntu Security Notice USN-3698-2
Posted Jul 3, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3698-2 - USN-3698-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. It was discovered that the nested KVM implementation in the Linux kernel in some situations did not properly prevent second level guests from reading and writing the hardware CR8 register. A local attacker in a guest could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-12154, CVE-2017-12193, CVE-2017-15265, CVE-2018-1130, CVE-2018-3665, CVE-2018-5750, CVE-2018-5803, CVE-2018-6927, CVE-2018-7755, CVE-2018-7757
MD5 | d99c9b1c8afb3fd3cbaf8db904a91c13
Ubuntu Security Notice USN-3697-2
Posted Jul 3, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3697-2 - It was discovered that a null pointer dereference vulnerability existed in the DCCP protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service. Jann Horn discovered that the 32 bit adjtimex syscall implementation for 64 bit Linux kernels did not properly initialize memory returned to user space in some situations. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2018-1130, CVE-2018-11508, CVE-2018-5750, CVE-2018-5803, CVE-2018-6927, CVE-2018-7755, CVE-2018-7757
MD5 | 909cda7a29febac98e75c2d0765c11bb
Ubuntu Security Notice USN-3696-2
Posted Jul 3, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3696-2 - USN-3696-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that an integer overflow existed in the perf subsystem of the Linux kernel. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, overflow, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-13695, CVE-2017-18255, CVE-2017-18257, CVE-2018-1000204, CVE-2018-10021, CVE-2018-10087, CVE-2018-10124, CVE-2018-3665, CVE-2018-5814, CVE-2018-7755
MD5 | 7232f498840627d5ecbea781d6ae2d03
Ubuntu Security Notice USN-3697-1
Posted Jul 3, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3697-1 - It was discovered that a null pointer dereference vulnerability existed in the DCCP protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service. Jann Horn discovered that the 32 bit adjtimex syscall implementation for 64 bit Linux kernels did not properly initialize memory returned to user space in some situations. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2018-1130, CVE-2018-11508, CVE-2018-5750, CVE-2018-5803, CVE-2018-6927, CVE-2018-7755, CVE-2018-7757
MD5 | 54b7a600656fb446c5ec64068acbde8c
Ubuntu Security Notice USN-3698-1
Posted Jul 2, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3698-1 - It was discovered that the nested KVM implementation in the Linux kernel in some situations did not properly prevent second level guests from reading and writing the hardware CR8 register. A local attacker in a guest could use this to cause a denial of service. Fan Wu, Haoran Qiu, and Shixiong Zhao discovered that the associative array implementation in the Linux kernel sometimes did not properly handle adding a new entry. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-12154, CVE-2017-12193, CVE-2017-15265, CVE-2018-1130, CVE-2018-3665, CVE-2018-5750, CVE-2018-5803, CVE-2018-6927, CVE-2018-7755, CVE-2018-7757
MD5 | 79e62f3c9db29224ec902903f92f2bff
Ubuntu Security Notice USN-3696-1
Posted Jul 2, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3696-1 - It was discovered that an integer overflow existed in the perf subsystem of the Linux kernel. A local attacker could use this to cause a denial of service. Wei Fang discovered an integer overflow in the F2FS filesystem implementation in the Linux kernel. A local attacker could use this to cause a denial of service. It was discovered that an information leak existed in the generic SCSI driver in the Linux kernel. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-13695, CVE-2017-18255, CVE-2017-18257, CVE-2018-1000204, CVE-2018-10021, CVE-2018-10087, CVE-2018-10124, CVE-2018-3665, CVE-2018-5814, CVE-2018-7755
MD5 | 85ebc7f68fdfd1ec62e89e89a7199622
Ubuntu Security Notice USN-3695-1
Posted Jul 2, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3695-1 - Wen Xu discovered that the ext4 file system implementation in the Linux kernel did not properly initialize the crc32c checksum driver. A local attacker could use this to cause a denial of service. It was discovered that the cdrom driver in the Linux kernel contained an incorrect bounds check. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2018-1094, CVE-2018-10940, CVE-2018-1095, CVE-2018-11508, CVE-2018-7755
MD5 | 1ab8575ad708cdc9ce2f92f0db75ae9f
Ubuntu Security Notice USN-3695-2
Posted Jul 2, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3695-2 - USN-3695-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. Wen Xu discovered that the ext4 file system implementation in the Linux kernel did not properly initialize the crc32c checksum driver. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-1094, CVE-2018-10940, CVE-2018-1095, CVE-2018-11508, CVE-2018-7755
MD5 | 6208e9e136bfff7fc82ca98b30f85bda
Page 1 of 1
Back1Next

File Archive:

February 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    22 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    2 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    50 Files
  • 6
    Feb 6th
    24 Files
  • 7
    Feb 7th
    15 Files
  • 8
    Feb 8th
    6 Files
  • 9
    Feb 9th
    1 Files
  • 10
    Feb 10th
    1 Files
  • 11
    Feb 11th
    22 Files
  • 12
    Feb 12th
    25 Files
  • 13
    Feb 13th
    16 Files
  • 14
    Feb 14th
    32 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    10 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close