what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

CVE-2019-3901

Status Candidate

Overview

A race condition in perf_event_open() allows local attackers to leak sensitive data from setuid programs. As no relevant locks (in particular the cred_guard_mutex) are held during the ptrace_may_access() call, it is possible for the specified target task to perform an execve() syscall with setuid execution before perf_event_alloc() actually attaches to it, allowing an attacker to bypass the ptrace_may_access() check and the perf_event_exit_task(current) call that is performed in install_exec_creds() during privileged execve() calls. This issue affects kernel versions before 4.8.

Related Files

Red Hat Security Advisory 2020-2851-01
Posted Jul 7, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2851-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service, memory leak, and use-after-free vulnerabilities.

tags | advisory, denial of service, kernel, vulnerability, memory leak
systems | linux, redhat
advisories | CVE-2018-20169, CVE-2018-7191, CVE-2019-11487, CVE-2019-13233, CVE-2019-14821, CVE-2019-15916, CVE-2019-18660, CVE-2019-3901, CVE-2020-12888
SHA-256 | f605c3a284c143f78a257a18fb53f755d5eb05795ee953c04511eef9931e7052
Red Hat Security Advisory 2020-2522-01
Posted Jun 11, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2522-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass, denial of service, double free, integer overflow, memory leak, null pointer, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, kernel, vulnerability, memory leak
systems | linux, redhat
advisories | CVE-2017-18595, CVE-2018-20169, CVE-2018-7191, CVE-2019-10639, CVE-2019-12382, CVE-2019-13233, CVE-2019-14283, CVE-2019-15916, CVE-2019-19768, CVE-2019-3901, CVE-2019-9503, CVE-2020-10711
SHA-256 | e4e407d5d11456415fbd17c67e612fad4cfe0d3826d8690e6621a9db97576147
Red Hat Security Advisory 2020-1070-01
Posted Apr 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1070-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include bypass, denial of service, information leakage, integer overflow, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2015-9289, CVE-2017-17807, CVE-2018-19985, CVE-2018-20169, CVE-2018-7191, CVE-2019-10207, CVE-2019-10638, CVE-2019-10639, CVE-2019-11190, CVE-2019-11884, CVE-2019-12382, CVE-2019-13233, CVE-2019-14283, CVE-2019-15916, CVE-2019-16746, CVE-2019-3901, CVE-2019-9503
SHA-256 | 6b93e72a941e31a33bc0ed2eb41a6d09d612a0c8a7df6721b2b19e60e9d46f8c
Red Hat Security Advisory 2020-1016-01
Posted Mar 31, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1016-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass, denial of service, information leakage, and use-after-free vulnerabilities.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2015-9289, CVE-2017-17807, CVE-2018-19985, CVE-2018-20169, CVE-2018-7191, CVE-2019-10207, CVE-2019-10638, CVE-2019-10639, CVE-2019-11190, CVE-2019-11884, CVE-2019-12382, CVE-2019-13233, CVE-2019-13648, CVE-2019-14283, CVE-2019-15916, CVE-2019-16746, CVE-2019-18660, CVE-2019-3901, CVE-2019-9503
SHA-256 | 5270d5021355b80a03bef2fa11d11ec5b8ab02fe18ec0a66da959c57bee345f6
Page 1 of 1
Back1Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close