Ubuntu Security Notice 4117-1 - It was discovered that a heap buffer overflow existed in the Marvell Wireless LAN device driver for the Linux kernel. An attacker could use this to cause a denial of service or possibly execute arbitrary code. Amit Klein and Benny Pinkas discovered that the Linux kernel did not sufficiently randomize IP ID values generated for connectionless networking protocols. A remote attacker could use this to track particular Linux devices. Various other issues were also addressed.
08931d3a174297788ef3a8a0259a69406ef81389b33e15ab37700c7d4e440f45It was discovered that the USB video device class implementation in the Linux kernel did not properly validate control bits, resulting in an out of bounds buffer read. A local attacker could use this to possibly expose sensitive information (kernel memory). It was discovered that the Marvell Wireless LAN device driver in the Linux kernel did not properly validate the BSS descriptor. A local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. Various other vulnerabilities have also been addressed.
3bf6f3467455c33428751c5faf437aa7d6c64fe01342c90cc65e1d94808e2336Ubuntu Security Notice 4093-1 - It was discovered that a heap buffer overflow existed in the Marvell Wireless LAN device driver for the Linux kernel. An attacker could use this to cause a denial of service or possibly execute arbitrary code. Andrei Vlad Lutas and Dan Lutas discovered that some x86 processors incorrectly handle SWAPGS instructions during speculative execution. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
972368dcf6177d5f57f6c9563b2ca592739590e4dce2d1505555c8bf5670da14Ubuntu Security Notice 4094-1 - It was discovered that the alarmtimer implementation in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service. Wen Xu discovered that the XFS filesystem implementation in the Linux kernel did not properly track inode validations. An attacker could use this to construct a malicious XFS image that, when mounted, could cause a denial of service. Various other issues were also addressed.
057991c54bda99e36e45617061b5319a3d5749216d070d59b5d605ff61ea7dccDebian Linux Security Advisory 4495-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
c9cffe5ad30be525cc930f197d8f2f4324ebd95c48fa3bbf6a68ef2df2511752
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed