Ubuntu Security Notice 5541-1 - Eric Biederman discovered that the cgroup process migration implementation in the Linux kernel did not perform permission checks correctly in some situations. A local attacker could possibly use this to gain administrative privileges. Jann Horn discovered that the FUSE file system in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
e964411e2a44ec6b1d66fca5a48f54b1a1e945a816cc42a923278a78bcde118eDebian Linux Security Advisory 5173-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
501229f9f79d1b32b417dfa6e78509f08cd983eccea4e4e3155427e0fba9835fUbuntu Security Notice 5515-1 - Eric Biederman discovered that the cgroup process migration implementation in the Linux kernel did not perform permission checks correctly in some situations. A local attacker could possibly use this to gain administrative privileges. Jann Horn discovered that the FUSE file system in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
607828c0173295b7304238c1ba6a68d70125e76fff2677aed7ef8c8395239929Ubuntu Security Notice 5467-1 - It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. Aaron Adams discovered that the netfilter subsystem in the Linux kernel did not properly handle the removal of stateful expressions in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.
00844e617969c8e349b621d9028477a097d6b0006a1d340d3f86e5feae7ec286Ubuntu Security Notice 5381-1 - David Bouman discovered that the netfilter subsystem in the Linux kernel did not properly validate passed user register indices. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the block layer subsystem in the Linux kernel did not properly initialize memory in some situations. A privileged local attacker could use this to expose sensitive information.
5521aa1035974337ae1e3f0cd143ee5be242228148ef7a60d1483b460cb9394dLinux suffers from a vulnerability where FUSE allows use-after-free reads of write() buffers, allowing theft of (partial) /etc/shadow hashes.
2013a523f6140f5f94778f15578c0f1d52f0a0bddd81e46cc48963fbe8fd4efb
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed