exploit the possibilities
Showing 1 - 25 of 5,639 RSS Feed

Kernel Files

Ubuntu Security Notice USN-4917-1
Posted Apr 16, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4917-1 - It was discovered that the overlayfs implementation in the Linux kernel did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges. Vincent Dehors discovered that the shiftfs file system in the Ubuntu Linux kernel did not properly handle faults in copy_from_user when passing through ioctls to an underlying file system. A local attacker could use this to cause a denial of service or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-29154, CVE-2021-3492, CVE-2021-3493
MD5 | a63c6add6b05cf17bc9226159741c86f
Ubuntu Security Notice USN-4916-1
Posted Apr 16, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4916-1 - It was discovered that the overlayfs implementation in the Linux kernel did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges. Piotr Krysiuk discovered that the BPF JIT compiler for x86 in the Linux kernel did not properly validate computation of branch displacements in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, x86, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-29154, CVE-2021-3493
MD5 | 51ebf05c69b14b4b5df3a811f767345a
Ubuntu Security Notice USN-4915-1
Posted Apr 16, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4915-1 - It was discovered that the overlayfs implementation in the Linux kernel did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges. Vincent Dehors discovered that the shiftfs file system in the Ubuntu Linux kernel did not properly handle faults in copy_from_user when passing through ioctls to an underlying file system. A local attacker could use this to cause a denial of service or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-3492, CVE-2021-3493
MD5 | e276699a6921d022e5692c101be674d3
Red Hat Security Advisory 2021-1206-01
Posted Apr 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1206-01 - The gnutls packages provide the GNU Transport Layer Security library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Nettle is a cryptographic library that is designed to fit easily in almost any context: In crypto toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like LSH or GNUPG, or even in kernel space.

tags | advisory, kernel, crypto, protocol, python
systems | linux, redhat
advisories | CVE-2021-20305
MD5 | 390532b6ce55a0e44ef5ab6f18499ef8
Ubuntu Security Notice USN-4912-1
Posted Apr 13, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4912-1 - Piotr Krysiuk discovered that the BPF JIT compiler for x86 in the Linux kernel did not properly validate computation of branch displacements in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the binder IPC implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, x86, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-0423, CVE-2020-0465, CVE-2020-0466, CVE-2020-14351, CVE-2020-14390, CVE-2020-25285, CVE-2020-25645, CVE-2020-25669, CVE-2020-27830, CVE-2020-36158, CVE-2021-20194, CVE-2021-29154, CVE-2021-3178, CVE-2021-3411
MD5 | 1bded3d10c58ff192a0d70e344750ce6
Ubuntu Security Notice USN-4911-1
Posted Apr 13, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4911-1 - It was discovered that the Nouveau GPU driver in the Linux kernel did not properly handle error conditions in some situations. A local attacker could use this to cause a denial of service. Jan Beulich discovered that the Xen netback backend in the Linux kernel did not properly handle certain error conditions under paravirtualization. An attacker in a guest VM could possibly use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-25639, CVE-2021-28038, CVE-2021-28375, CVE-2021-28950
MD5 | 17a8d3f50ac352ee2cdc57eebb059c80
Ubuntu Security Notice USN-4909-1
Posted Apr 13, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4909-1 - Loris Reiff discovered that the BPF implementation in the Linux kernel did not properly validate attributes in the getsockopt BPF hook. A local attacker could possibly use this to cause a denial of service. Olivier Benjamin, Norbert Manthey, Martin Mazein, and Jan H. Schoenherr discovered that the Xen paravirtualization backend in the Linux kernel did not properly propagate errors to frontend drivers in some situations. An attacker in a guest VM could possibly use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-20194, CVE-2021-26930, CVE-2021-26931, CVE-2021-3348
MD5 | 11c485ca84d2ebfc2048c3feb0913e4e
Ubuntu Security Notice USN-4910-1
Posted Apr 13, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4910-1 - Ryota Shiga discovered that the sockopt BPF hooks in the Linux kernel could allow a user space program to probe for valid kernel addresses. A local attacker could use this to ease exploitation of another kernel vulnerability. It was discovered that the BPF verifier in the Linux kernel did not properly handle signed add32 and sub integer overflows. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-20239, CVE-2021-20268, CVE-2021-3178, CVE-2021-3347, CVE-2021-3348
MD5 | d7eb415bed1a211e71edee6d90a8ed16
Ubuntu Security Notice USN-4907-1
Posted Apr 13, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4907-1 - Wen Xu discovered that the xfs file system implementation in the Linux kernel did not properly validate the number of extents in an inode. An attacker could use this to construct a malicious xfs image that, when mounted, could cause a denial of service. It was discovered that the priority inheritance futex implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2018-13095, CVE-2021-3347, CVE-2021-3348
MD5 | 2715302b59fea77c929d49d3d104d3c0
Ubuntu Security Notice USN-4904-1
Posted Apr 13, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4904-1 - Ben Harris discovered that the Linux kernel would strip extended privilege attributes of files when performing a failed unprivileged system call. A local attacker could use this to cause a denial of service. Andrey Konovalov discovered that the video4linux driver for Hauppauge HD PVR USB devices in the Linux kernel did not properly handle some error conditions. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-1350, CVE-2017-16644, CVE-2017-5967, CVE-2018-13095, CVE-2019-16231, CVE-2019-16232, CVE-2019-19061, CVE-2021-20261, CVE-2021-26930, CVE-2021-26931, CVE-2021-28038
MD5 | 6b027bc7155bd5704a852358599f76f9
Red Hat Security Advisory 2021-1171-01
Posted Apr 13, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1171-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow and out of bounds read vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-27363, CVE-2021-27364, CVE-2021-27365
MD5 | fd7794f9e030733f853b32bf9bf1cdfb
Red Hat Security Advisory 2021-1173-01
Posted Apr 13, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1173-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include buffer overflow and out of bounds read vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-27364, CVE-2021-27365
MD5 | 29a39411f8522d68c66a87c24114b782
Red Hat Security Advisory 2021-1145-01
Posted Apr 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1145-01 - Nettle is a cryptographic library that is designed to fit easily in almost any context: In crypto toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like LSH or GNUPG, or even in kernel space.

tags | advisory, kernel, crypto, python
systems | linux, redhat
advisories | CVE-2021-20305
MD5 | 5a8992527f5a06417d8b841c91b0cbf1
Linux Kernel 5.4 BleedingTooth Remote Code Execution
Posted Apr 8, 2021
Authored by Andy Nguyen

Linux kernel version 5.4 BleedingTooth bluetooth zero-click proof of concept remote code execution exploit.

tags | exploit, remote, kernel, code execution, proof of concept
systems | linux
advisories | CVE-2020-12351, CVE-2020-12352
MD5 | 11e39065cefe8b6ef7461c14faa79210
iOS / macOS Radio Proximity Kernel Memory Corruption
Posted Apr 7, 2021
Authored by Google Security Research, ianbeer

A radio proximity kernel memory corruption vulnerability exists in iOS and macOS due to bad state machine in BSS steering.

tags | exploit, kernel
systems | ios
advisories | CVE-2020-3843, CVE-2020-9906
MD5 | 5ff730e5556e80e223e58b23eca60fa1
Kernel Live Patch Security Notice LSN-0075-1
Posted Apr 7, 2021
Authored by Benjamin M. Romer

Piotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not properly apply speculative execution limits on some pointer types. A local attacker could use this to expose sensitive information (kernel memory). It was discovered that the memory management subsystem in the Linux kernel did not properly handle copy-on-write operations in some situations. A local attacker could possibly use this to gain unintended write access to read-only memory pages. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux
advisories | CVE-2020-27170, CVE-2020-27171, CVE-2020-29372, CVE-2020-29374, CVE-2021-27363, CVE-2021-27364, CVE-2021-27365, CVE-2021-3444
MD5 | 485d57e139e0096fac110f9ec89736de
Ubuntu Security Notice USN-4901-1
Posted Apr 7, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4901-1 - Adam Nichols discovered that heap overflows existed in the iSCSI subsystem in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An attacker with access to at least one LUN in a multiple backstore environment could use this to expose sensitive information or modify data. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-28374, CVE-2021-27363, CVE-2021-27364, CVE-2021-27365
MD5 | b8d1d869928353cf7b3b1efb89dd3c8d
Red Hat Security Advisory 2021-1093-01
Posted Apr 7, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1093-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, out of bounds read, and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-0466, CVE-2020-27152, CVE-2020-28374, CVE-2021-26708, CVE-2021-27363, CVE-2021-27364, CVE-2021-27365, CVE-2021-3347
MD5 | 5cd97afb5849f42c3e9017765e17a37f
Red Hat Security Advisory 2021-1081-01
Posted Apr 7, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1081-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow, out of bounds read, and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-0466, CVE-2020-27152, CVE-2020-28374, CVE-2021-26708, CVE-2021-27363, CVE-2021-27364, CVE-2021-27365, CVE-2021-3347
MD5 | c13387ded30e131eec84c0c8bae119e8
Red Hat Security Advisory 2021-1071-01
Posted Apr 6, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1071-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow and out of bounds read vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-27363, CVE-2021-27364, CVE-2021-27365
MD5 | bfa99c9a1f3bdb9d91c6b78bc7db931f
Red Hat Security Advisory 2021-1069-01
Posted Apr 6, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1069-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include buffer overflow and out of bounds read vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-27364, CVE-2021-27365
MD5 | 245bb001794052bc35268640547d848e
Red Hat Security Advisory 2021-1070-01
Posted Apr 6, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1070-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow and out of bounds read vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-27363, CVE-2021-27364, CVE-2021-27365
MD5 | 1484f5eeb720f261b753dfefe6dfa22c
Red Hat Security Advisory 2021-1064-01
Posted Apr 6, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1064-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2021-20295
MD5 | 5463f44ff29d090a9cf47a6338cb0a2c
Red Hat Security Advisory 2021-1031-01
Posted Mar 30, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1031-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-29661
MD5 | c18725798b8082e7ed3966e8fd3b2915
Red Hat Security Advisory 2021-1028-01
Posted Mar 30, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1028-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-14351, CVE-2020-29661
MD5 | 7a6a4232ecdfbb13deb06982fc3f361b
Page 1 of 226
Back12345Next

File Archive:

April 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    17 Files
  • 2
    Apr 2nd
    2 Files
  • 3
    Apr 3rd
    2 Files
  • 4
    Apr 4th
    0 Files
  • 5
    Apr 5th
    15 Files
  • 6
    Apr 6th
    15 Files
  • 7
    Apr 7th
    20 Files
  • 8
    Apr 8th
    16 Files
  • 9
    Apr 9th
    5 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    4 Files
  • 13
    Apr 13th
    15 Files
  • 14
    Apr 14th
    27 Files
  • 15
    Apr 15th
    19 Files
  • 16
    Apr 16th
    7 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close