exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

CVE-2019-3901

Status Candidate

Overview

A race condition in perf_event_open() allows local attackers to leak sensitive data from setuid programs. As no relevant locks (in particular the cred_guard_mutex) are held during the ptrace_may_access() call, it is possible for the specified target task to perform an execve() syscall with setuid execution before perf_event_alloc() actually attaches to it, allowing an attacker to bypass the ptrace_may_access() check and the perf_event_exit_task(current) call that is performed in install_exec_creds() during privileged execve() calls. This issue affects kernel versions before 4.8.

Related Files

Red Hat Security Advisory 2020-2851-01
Posted Jul 7, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2851-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service, memory leak, and use-after-free vulnerabilities.

tags | advisory, denial of service, kernel, vulnerability, memory leak
systems | linux, redhat
advisories | CVE-2018-20169, CVE-2018-7191, CVE-2019-11487, CVE-2019-13233, CVE-2019-14821, CVE-2019-15916, CVE-2019-18660, CVE-2019-3901, CVE-2020-12888
SHA-256 | f605c3a284c143f78a257a18fb53f755d5eb05795ee953c04511eef9931e7052
Download | Favorite | View
Red Hat Security Advisory 2020-2522-01
Posted Jun 11, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2522-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass, denial of service, double free, integer overflow, memory leak, null pointer, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, kernel, vulnerability, memory leak
systems | linux, redhat
advisories | CVE-2017-18595, CVE-2018-20169, CVE-2018-7191, CVE-2019-10639, CVE-2019-12382, CVE-2019-13233, CVE-2019-14283, CVE-2019-15916, CVE-2019-19768, CVE-2019-3901, CVE-2019-9503, CVE-2020-10711
SHA-256 | e4e407d5d11456415fbd17c67e612fad4cfe0d3826d8690e6621a9db97576147
Download | Favorite | View
Red Hat Security Advisory 2020-1070-01
Posted Apr 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1070-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include bypass, denial of service, information leakage, integer overflow, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2015-9289, CVE-2017-17807, CVE-2018-19985, CVE-2018-20169, CVE-2018-7191, CVE-2019-10207, CVE-2019-10638, CVE-2019-10639, CVE-2019-11190, CVE-2019-11884, CVE-2019-12382, CVE-2019-13233, CVE-2019-14283, CVE-2019-15916, CVE-2019-16746, CVE-2019-3901, CVE-2019-9503
SHA-256 | 6b93e72a941e31a33bc0ed2eb41a6d09d612a0c8a7df6721b2b19e60e9d46f8c
Download | Favorite | View
Red Hat Security Advisory 2020-1016-01
Posted Mar 31, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1016-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass, denial of service, information leakage, and use-after-free vulnerabilities.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2015-9289, CVE-2017-17807, CVE-2018-19985, CVE-2018-20169, CVE-2018-7191, CVE-2019-10207, CVE-2019-10638, CVE-2019-10639, CVE-2019-11190, CVE-2019-11884, CVE-2019-12382, CVE-2019-13233, CVE-2019-13648, CVE-2019-14283, CVE-2019-15916, CVE-2019-16746, CVE-2019-18660, CVE-2019-3901, CVE-2019-9503
SHA-256 | 5270d5021355b80a03bef2fa11d11ec5b8ab02fe18ec0a66da959c57bee345f6
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

August 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    15 Files
  • 2
    Aug 2nd
    22 Files
  • 3
    Aug 3rd
    0 Files
  • 4
    Aug 4th
    0 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    11 Files
  • 7
    Aug 7th
    43 Files
  • 8
    Aug 8th
    42 Files
  • 9
    Aug 9th
    36 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close