exploit the possibilities
Showing 1 - 25 of 66 RSS Feed

Files

Kernel Live Patch Security Notice LSN-0051-1
Posted May 15, 2019
Authored by Benjamin M. Romer

On May 14, fixes for CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091 were released into the Ubuntu Xenial and Bionic kernels. These CVEs are security vulnerabilities caused by flaws in the design of speculative execution hardware in the computer's CPU. Researchers discovered that memory contents previously stored in microarchitectural buffers of an Intel CPU core may be visible to other processes running on the same core.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
MD5 | 0069e998c074055e86da45d0805d391d

Related Files

Kernel Live Patch Security Notice LSN-0059-1
Posted Nov 13, 2019
Authored by Benjamin M. Romer

On November 12, fixes for several high-severity Intel processor CVEs were released into the Ubuntu kernel, accompanied by a related processor microcode update. Due to the high complexity of the fixes and the required microcode update, we are unable to livepatch this set of CVEs. Please plan to reboot into an updated kernel as soon as possible. Various other issues were also addressed.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2018-12207, CVE-2019-0154, CVE-2019-0155, CVE-2019-11135
MD5 | 06b34393d5a55669f944e67227b98bc7
Kernel Live Patch Security Notice LSN-0058-1
Posted Oct 23, 2019
Authored by Benjamin M. Romer

It was discovered that a race condition existed in the GFS2 file system in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). It was discovered that a use-after-free error existed in the block layer subsystem of the Linux kernel when certain failure conditions occurred. A local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux
advisories | CVE-2016-10905, CVE-2018-20856, CVE-2018-20961, CVE-2018-20976, CVE-2018-21008, CVE-2019-0136, CVE-2019-10126, CVE-2019-10207, CVE-2019-11477, CVE-2019-11478, CVE-2019-11833, CVE-2019-12614, CVE-2019-14283, CVE-2019-14284, CVE-2019-14814, CVE-2019-14815, CVE-2019-14816, CVE-2019-14821, CVE-2019-14835, CVE-2019-2054, CVE-2019-2181, CVE-2019-3846
MD5 | aa1b2d5e0e41264715ab20ee76ffa47d
Kernel Live Patch Security Notice LSN-0056-1
Posted Sep 23, 2019
Authored by Benjamin M. Romer

Peter Pi discovered a buffer overflow in the virtio network backend (vhost_net) implementation in the Linux kernel. An attacker in a guest may be able to use this to cause a denial of service (host OS crash) or possibly execute arbitrary code in the host OS.

tags | advisory, denial of service, overflow, arbitrary, kernel
systems | linux
advisories | CVE-2019-14835
MD5 | 4445ce7fa5ca560dafec0ff9b45ccb45
Kernel Live Patch Security Notice LSN-0055-1
Posted Sep 7, 2019
Authored by Benjamin M. Romer

It was discovered that a use-after-free error existed in the block layer subsystem of the Linux kernel when certain failure conditions occurred. A local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. It was discovered that the Bluetooth UART implementation in the Linux kernel did not properly check for missing tty operations. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux
advisories | CVE-2018-20856, CVE-2019-10207, CVE-2019-11478, CVE-2019-13233, CVE-2019-14283, CVE-2019-14284
MD5 | 024d77eed49a23432c14adc8f067c9ad
Kernel Live Patch Security Notice LSN-0054-1
Posted Aug 28, 2019
Authored by Benjamin M. Romer

It was discovered that the USB video device class implementation in the Linux kernel did not properly validate control bits, resulting in an out of bounds buffer read. A local attacker could use this to possibly expose sensitive information (kernel memory). It was discovered that the Marvell Wireless LAN device driver in the Linux kernel did not properly validate the BSS descriptor. A local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. Various other vulnerabilities have also been addressed.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux
advisories | CVE-2018-1129, CVE-2019-10126, CVE-2019-12614, CVE-2019-12818, CVE-2019-12819, CVE-2019-12984, CVE-2019-13272, CVE-2019-2101, CVE-2019-3846
MD5 | 1de971967f43f22fa4ee2b9590b93d64
Kernel Live Patch Security Notice LSN-0053-1
Posted Jul 29, 2019
Authored by Benjamin M. Romer

Vasiliy Kulikov discovered that the Bluetooth stack did not correctly check that device name strings were NULL terminated. A local attacker could exploit this to crash the system, leading to a denial of service, or leak contents of kernel stack memory, leading to a loss of privacy. It was discovered that the Linux kernel on ARM processors allowed a tracing process to modify a syscall after a seccomp decision had been made on that syscall. A local attacker could possibly use this to bypass seccomp restrictions. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux
advisories | CVE-2011-1079, CVE-2011-11833, CVE-2011-11884, CVE-2019-11815, CVE-2019-2054
MD5 | 5d39e34bd8b180177429a30ccd754900
Kernel Live Patch Security Notice LSN-0052-1
Posted Jun 19, 2019
Authored by Benjamin M. Romer

Jonathan Looney discovered that an integer overflow existed in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service (system crash). Jonathan Looney discovered that the TCP retransmission queue implementation in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service.

tags | advisory, remote, denial of service, overflow, kernel, tcp
systems | linux
advisories | CVE-2019-11477, CVE-2019-11478
MD5 | 12a0c55fcb16b10cd0ab60c500a5dbda
WordPress Themes Open Redirection 2019/03/22
Posted Mar 22, 2019
Authored by KingSkrupellos

Many WordPress themes and a plugin suffer from open redirection vulnerabilities. Age-Verification plugins version 0.5 is affected. Themes affected include Ev version 1.x, Nine-Day version 1.6, Aibbt version 1.0, itiis version 1.x, ifxPro.Cn version 5.0, 2kqq version 5.2, Azzxx version 1.2.1, BigChrome version 5.2, clsn-003 version 1.0, Concise version 2.8, TaozHuji version 5.2, UsaMusic-PC version 1.0, Wngzs version 1.0, 2018110612035976 version 1.7.3, Begin4.6 version 4.6, Begin5.2 version 5.2, Begin44 version 4.4, BeginLTS version 6, Zangai version 1.1.0, Deep version 5.4, and Wopus version 1.0.

tags | exploit, vulnerability
MD5 | d39a98e67c5ef3ee4f6894fce3540d99
MeteoTemplate 17.1 Nectarine globalSnow 1.1 Open Redirection
Posted Mar 8, 2019
Authored by KingSkrupellos

MeteoTemplate version 17.1 with Nectarine globalSnow plugin version 1.1 suffers from an open redirection vulnerability.

tags | exploit
MD5 | 21a1c2df8e3f0bd191f7a1ea445e5e4b
Kernel Live Patch Security Notice LSN-0046-1
Posted Dec 20, 2018
Authored by Benjamin M. Romer

It was discovered that an integer overflow vulnerability existed in the CDRom driver of the Linux kernel. A local attacker could use this to expose sensitive information (kernel memory). It was discovered that a race condition existed in the raw MIDI driver for the Linux kernel, leading to a double free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel, local
systems | linux
advisories | CVE-2017-5753, CVE-2018-10880, CVE-2018-10902, CVE-2018-14734, CVE-2018-16276, CVE-2018-16658, CVE-2018-18445, CVE-2018-18690, CVE-2018-18710, CVE-2018-9363
MD5 | 62b6f4b7e6e1fd65e163f970baba56dc
Kernel Live Patch Security Notice LSN-0045-1
Posted Nov 16, 2018
Authored by Benjamin M. Romer

It was discovered that the generic SCSI driver in the Linux kernel did not properly enforce permissions on kernel memory access. A local attacker could use this to expose sensitive information or possibly elevate privileges. Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly ensure that xattr information remained in inode bodies. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service (system crash). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux
advisories | CVE-2017-13168, CVE-2018-10880, CVE-2018-16658, CVE-2018-9363
MD5 | 87ee31d5637610e40009faa55f769c6d
Kernel Live Patch Security Notice LSN-0044-1
Posted Oct 8, 2018
Authored by Benjamin M. Romer

It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault (L1TF). A local attacker could use this to expose sensitive information (memory from the kernel or other processes). It was discovered that the paravirtualization implementation in the Linux kernel did not properly handle some indirect calls, reducing the effectiveness of Spectre v2 mitigations for paravirtual guests. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux
advisories | CVE-2018-14633, CVE-2018-15572, CVE-2018-15594, CVE-2018-17182, CVE-2018-3620, CVE-2018-3646, CVE-2018-6555
MD5 | 5e82c0eddd3c443fb7cd4484b02a8b65
Kernel Live Patch Security Notice LSN-0043-1
Posted Sep 11, 2018
Authored by Benjamin M. Romer

Piotr Gabriel Kosinski and Daniel Shapira discovered a stack-based buffer overflow in the CDROM driver implementation of the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Jann Horn discovered that the ext4 filesystem implementation in the Linux kernel did not properly keep xattr information consistent in some situations. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code. Various other issues have also been addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel, local
systems | linux
advisories | CVE-2018-11412, CVE-2018-11506, CVE-2018-12233, CVE-2018-13405, CVE-2018-13406
MD5 | 15d9cf4ac6ec9024e548bcb059849043
Kernel Live Patch Security Notice LSN-0042-1
Posted Aug 14, 2018
Authored by Benjamin M. Romer

On August 14, fixes for CVE-2018-3620 and CVE-2018-3646 were released into the Ubuntu Xenial and Bionic kernels. These CVEs are security vulnerabilities caused by flaws in the design of speculative execution hardware in the computer's CPU. Researchers discovered that memory present in the L1 data cache of an Intel CPU core may be visible to other processes running on the same core.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-3620, CVE-2018-3646
MD5 | dfbdb00734352df26fe57ac4d26bfeac
Kernel Live Patch Security Notice LSN-0041-1
Posted Aug 10, 2018
Authored by Benjamin M. Romer

The sr_do_ioctl function in drivers/scsi/sr_ioctl.c in the Linux kernel through 4.16.12 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact because sense buffers have different sizes at the CDROM layer and the SCSI layer, as demonstrated by a CDROMREADMODE2 ioctl call. Wen Xu discovered that the ext4 file system implementation in the Linux kernel did not properly initialize the crc32c checksum driver. A local attacker could use this to cause a denial of service (system crash). Various other issues were also addressed.

tags | advisory, denial of service, overflow, kernel, local
systems | linux
advisories | CVE-2018-1094, CVE-2018-11506, CVE-2018-13094, CVE-2018-13405, CVE-2018-5390
MD5 | fc944208680854f3168be2702b530c3b
Kernel Live Patch Security Notice LSN-0040-1
Posted Jul 5, 2018
Authored by Benjamin M. Romer

Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly handle corrupted meta data in some situations. An attacker could use this to specially craft an ext4 file system that caused a denial of service (system crash) when mounted. It was discovered that an information leak vulnerability existed in the floppy driver in the Linux kernel. A local attacker could use this to expose sensitive information (kernel memory). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux
advisories | CVE-2018-1092, CVE-2018-1093, CVE-2018-3665, CVE-2018-7755
MD5 | 12dc1b657d3a63120fd299195c1684b4
Kernel Live Patch Security Notice LSN-0039-1
Posted May 28, 2018
Authored by Benjamin M. Romer

Alexei Starovoitov discovered that the Berkeley Packet Filter (BPF) implementation in the Linux kernel contained a branch-pruning logic issue around unreachable code. A local attacker could use this to cause a denial of service. The ext4_iget function in fs/ext4/inode.c in the Linux kernel through 4.15.15 mishandles the case of a root directory with a zero i_links_count, which allows attackers to cause a denial of service (ext4_process_freed_data NULL pointer dereference and OOPS) via a crafted ext4 image. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, root
systems | linux
advisories | CVE-2017-17862, CVE-2018-1000004, CVE-2018-1092, CVE-2018-1093, CVE-2018-8087
MD5 | b00a0d7a8bfca8dc02b44351db6c3dcc
Kernel Live Patch Security Notice LSN-0038-1
Posted May 9, 2018
Authored by Benjamin M. Romer

On May 8, fixes for CVE-2018-1087 and CVE-2018-8897 were released in linux kernel version 4.4.0-124.148. These CVEs are both related to the way that the linux kernel handles certain interrupt and exception instructions. If an interrupt or exception instruction (INT3, SYSCALL, etc.) is immediately preceded by a MOV SS or POP SS instruction, the resulting interrupt will be incorrectly handled, possibly crashing the operating system. The issue can be triggered by an unprivileged user. The fix for this problem requires modification of the interrupt descriptor tables (IDT), and modification of the interrupt handlers. Livepatch is unable to safely modify these areas, so upgrading to a corrected kernel and rebooting is required to fix the problem.

tags | advisory, kernel
systems | linux
advisories | CVE-2018-1087, CVE-2018-8897
MD5 | 2fffde47d47abae2cb1a8834a15b901f
Kernel Live Patch Security Notice LSN-0037-1
Posted May 7, 2018
Authored by Benjamin M. Romer

Jann Horn discovered that the Berkeley Packet Filter (BPF) implementation in the Linux kernel improperly performed sign extension in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. It was discovered that a race condition leading to a use-after-free vulnerability existed in the ALSA PCM subsystem of the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux
advisories | CVE-2017-0861, CVE-2017-15129, CVE-2017-16995, CVE-2017-17448, CVE-2017-17450, CVE-2018-1000199, CVE-2018-5333, CVE-2018-5344, CVE-2018-8043
MD5 | 70c039f34496a5cffda6c354f241701c
Kernel Live Patch Security Notice LSN-0036-1
Posted Apr 2, 2018
Authored by Benjamin M. Romer

Wi-Fi Protected Access (WPA and WPA2) allows re-installation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients. Jann Horn discovered that the Berkeley Packet Filter (BPF) implementation in the Linux kernel improperly performed sign extension in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux
advisories | CVE-2017-13080, CVE-2017-16995
MD5 | 5db75445369ea25794ef7fbcfd8160c8
Kernel Live Patch Security Notice LSN-0035-1
Posted Feb 23, 2018
Authored by Benjamin M. Romer

On February 22, fixes for CVE-2017-5715 were released into the Ubuntu Xenial kernel version 4.4.0-116.140. This CVE, also known as "Spectre," is caused by flaws in the design of speculative execution hardware in the computer's CPU, and could be used to access sensitive information in kernel memory.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2017-5715
MD5 | 95a67778ff266fb5d137537edcd1a426
Kernel Live Patch Security Notice LSN-0034-1
Posted Jan 10, 2018
Authored by Benjamin M. Romer

On January 9, fixes for CVE-2017-5754 were released into the Ubuntu Xenial kernel version 4.4.0-108.131. This CVE, also known as "Meltdown," is a security vulnerability caused by flaws in the design of speculative execution hardware in the computer's CPU.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2017-5754
MD5 | 4974c888dabe678b81c7dea7955b3a4c
Kernel Live Patch Security Notice LSN-0033-1
Posted Dec 9, 2017
Authored by Benjamin M. Romer

Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink subsystem (XFRM) in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. It was discovered that the Linux kernel did not properly handle copy-on- write of transparent huge pages. A local attacker could use this to cause a denial of service (application crashes) or possibly gain administrative privileges. It was discovered that a race condition existed in the ALSA subsystem of the Linux kernel when creating and deleting a port via ioctl(). A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux
advisories | CVE-2017-1000405, CVE-2017-15265, CVE-2017-16939
MD5 | ca77a2333d4c9ee49fdd8d0056475a48
Kernel Live Patch Security Notice LSN-0032-2
Posted Nov 29, 2017
Authored by Benjamin M. Romer

Anthony Perard discovered that the Xen virtual block driver did not properly initialize some data structures before passing them to user space. A local attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs. Bo Zhang discovered that the netlink wireless configuration interface in the Linux kernel did not properly validate attributes when handling certain requests. A local attacker with the CAP_NET_ADMIN could use this to cause a denial of service (system crash). It was discovered that the nested KVM implementation in the Linux kernel in some situations did not properly prevent second level guests from reading and writing the hardware CR8 register. A local attacker in a guest could use this to cause a denial of service (system crash). Otto Ebeling discovered that the memory manager in the Linux kernel did not properly check the effective UID in some situations. A local attacker could use this to expose sensitive information.

tags | advisory, denial of service, kernel, local
systems | linux
advisories | CVE-2017-10911, CVE-2017-12153, CVE-2017-12154, CVE-2017-14140
MD5 | 7da09c1aeaae77a18335cfc81f24b94c
Kernel Live Patch Security Notice LSN-0032-1
Posted Nov 22, 2017
Authored by Benjamin M. Romer

Anthony Perard discovered that the Xen virtual block driver did not properly initialize some data structures before passing them to user space. A local attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs. Bo Zhang discovered that the netlink wireless configuration interface in the Linux kernel did not properly validate attributes when handling certain requests. A local attacker with the CAP_NET_ADMIN could use this to cause a denial of service (system crash). It was discovered that the nested KVM implementation in the Linux kernel in some situations did not properly prevent second level guests from reading and writing the hardware CR8 register. A local attacker in a guest could use this to cause a denial of service (system crash). Otto Ebeling discovered that the memory manager in the Linux kernel did not properly check the effective UID in some situations. A local attacker could use this to expose sensitive information.

tags | advisory, denial of service, kernel, local
systems | linux
advisories | CVE-2017-10911, CVE-2017-12153, CVE-2017-12154, CVE-2017-14140
MD5 | 1b9f090ee2c532a7a8474bdc057dd51d
Page 1 of 3
Back123Next

File Archive:

December 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    1 Files
  • 2
    Dec 2nd
    16 Files
  • 3
    Dec 3rd
    17 Files
  • 4
    Dec 4th
    23 Files
  • 5
    Dec 5th
    11 Files
  • 6
    Dec 6th
    10 Files
  • 7
    Dec 7th
    1 Files
  • 8
    Dec 8th
    1 Files
  • 9
    Dec 9th
    15 Files
  • 10
    Dec 10th
    17 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close