exploit the possibilities

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Kernel Live Patch Security Notice LSN-0037-1

Posted May 7, 2018

Authored by Benjamin M. Romer

Jann Horn discovered that the Berkeley Packet Filter (BPF) implementation in the Linux kernel improperly performed sign extension in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. It was discovered that a race condition leading to a use-after-free vulnerability existed in the ALSA PCM subsystem of the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local

systems | linux

advisories | CVE-2017-0861, CVE-2017-15129, CVE-2017-16995, CVE-2017-17448, CVE-2017-17450, CVE-2018-1000199, CVE-2018-5333, CVE-2018-5344, CVE-2018-8043

SHA-256 | 39ead24f1d46a53a4118ca65333192e8b23de00376f175ad713483a533c61a56

Download | Favorite | View

Related Files

No related files