Exploit the possiblities
Showing 1 - 25 of 4,462 RSS Feed

Kernel Files

Ubuntu Security Notice USN-3509-4
Posted Dec 15, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3509-4 - USN-3509-2 fixed vulnerabilities in the Linux Hardware Enablement kernel for Ubuntu 14.04 LTS. Unfortunately, it also introduced a regression that prevented the Ceph network filesystem from being used. This update fixes the problem. Various other issues were also addressed.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-1000405, CVE-2017-12193, CVE-2017-16643, CVE-2017-16939
MD5 | ee7adf44f0d4c560968cb5bb9e43ee32
Ubuntu Security Notice USN-3509-3
Posted Dec 15, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3509-3 - USN-3509-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. Unfortunately, it also introduced a regression that prevented the Ceph network filesystem from being used. This update fixes the problem. Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink subsystem in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-1000405, CVE-2017-12193, CVE-2017-16643, CVE-2017-16939
MD5 | 7b0de306b43e15046d1562aa3c463ed8
MikroTik 6.40.5 Denial Of Service
Posted Dec 12, 2017
Authored by Hosein Askari

MikroTik version 6.40.5 kernel failure denial of service proof of concept exploit.

tags | exploit, denial of service, kernel, proof of concept
advisories | CVE-2017-17538
MD5 | 12c83cbcfbe3a5163c4f8fc4865dd781
macOS / iOS Kernel IOSurfaceRootUserClient Double-Free
Posted Dec 12, 2017
Authored by Google Security Research, ianbeer

macOS and iOS suffer from a kernel double free vulnerability due to IOSurfaceRootUserClient not respecting MIG ownership rules.

tags | exploit, kernel
systems | cisco, ios
advisories | CVE-2017-13861
MD5 | 184f6e2345e9d5d30fb5251e4ff335fc
XNU Kernel Memory Corruption
Posted Dec 12, 2017
Authored by Google Security Research, ianbeer

The XNU kernel suffers from a memory corruption vulnerability due to an integer overflow in the __offsetof usage in posix_spawn on 32-bit platforms.

tags | exploit, overflow, kernel
advisories | CVE-2017-13876
MD5 | c638f3dbcc9363560aaf17fa6e01b0a5
macOS / iOS IOTimeSyncClockManagerUserClient Use-After-Free
Posted Dec 12, 2017
Authored by Google Security Research, ianbeer

macOS / iOS suffer from multiple kernel use-after-free vulnerabilities due to incorrect IOKit object lifetime management in IOTimeSyncClockManagerUserClient.

tags | exploit, kernel, vulnerability
systems | cisco, ios
advisories | CVE-2017-13847
MD5 | 91c42e10c5af4753d52cffa762abd8ac
macOS AppleIntelCapriController::GetLinkConfig Kernel Code Execution
Posted Dec 12, 2017
Authored by Google Security Research, ianbeer

The macOS kernel suffers from a code execution vulnerability due to a lack of bounds checking in AppleIntelCapriController::GetLinkConfig.

tags | exploit, kernel, code execution
advisories | CVE-2017-13875
MD5 | 5ae7dba93f843e9011a2eeac188240d3
macOS / iOS Kernel Double Free
Posted Dec 12, 2017
Authored by Google Security Research, ianbeer

macOS and iOS suffer from a kernel double free due to incorrect API usage in flow divert socket option handling.

tags | exploit, kernel
systems | cisco, ios
advisories | CVE-2017-13867
MD5 | adea43dc13c8a03941deec88ab491ec2
XNU Kernel API Memory Disclosure
Posted Dec 12, 2017
Authored by Google Security Research, ianbeer

There is a XNU kernel memory disclosure flaw caused by a bug in the kernel API for detecting kernel memory disclosures. No, this isn't a failure at writing a description.

tags | exploit, kernel
advisories | CVE-2017-13865
MD5 | 1879d1a7c15b3f573be6ae2ceeeb63de
Kernel Live Patch Security Notice LSN-0033-1
Posted Dec 9, 2017
Authored by Benjamin M. Romer

Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink subsystem (XFRM) in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. It was discovered that the Linux kernel did not properly handle copy-on- write of transparent huge pages. A local attacker could use this to cause a denial of service (application crashes) or possibly gain administrative privileges. It was discovered that a race condition existed in the ALSA subsystem of the Linux kernel when creating and deleting a port via ioctl(). A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux
advisories | CVE-2017-1000405, CVE-2017-15265, CVE-2017-16939
MD5 | ca77a2333d4c9ee49fdd8d0056475a48
Ubuntu Security Notice USN-3507-2
Posted Dec 9, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3507-2 - Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink subsystem in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the Linux kernel did not properly handle copy-on- write of transparent huge pages. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-1000405, CVE-2017-12193, CVE-2017-15299, CVE-2017-15306, CVE-2017-15951, CVE-2017-16939
MD5 | e4e9ca45d6a9e4cece95a15bfca16c42
Ubuntu Security Notice USN-3511-1
Posted Dec 9, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3511-1 - Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink subsystem in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the Linux kernel did not properly handle copy-on- write of transparent huge pages. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-1000405, CVE-2017-16939
MD5 | 9e7a4f198355b4645387c08f75f34134
Ubuntu Security Notice USN-3510-2
Posted Dec 9, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3510-2 - USN-3510-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink subsystem in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-1000405, CVE-2017-16939
MD5 | a759e1476a777349ca39f619d2d7e469
Ubuntu Security Notice USN-3510-1
Posted Dec 9, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3510-1 - Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink subsystem in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the Linux kernel did not properly handle copy-on- write of transparent huge pages. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-1000405, CVE-2017-16939
MD5 | c760dcb9902f64f23bb4e67232a51fbb
Ubuntu Security Notice USN-3509-2
Posted Dec 7, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3509-2 - USN-3509-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink subsystem in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-1000405, CVE-2017-12193, CVE-2017-16643, CVE-2017-16939
MD5 | 9992cce2660b19d70d3414673f02ab80
Ubuntu Security Notice USN-3509-1
Posted Dec 7, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3509-1 - Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink subsystem in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the Linux kernel did not properly handle copy-on- write of transparent huge pages. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-1000405, CVE-2017-12193, CVE-2017-16643, CVE-2017-16939
MD5 | ecebac920cb50284c6fd809011424590
Ubuntu Security Notice USN-3508-2
Posted Dec 7, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3508-2 - USN-3508-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.04. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 17.04 for Ubuntu 16.04 LTS. Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink subsystem in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-1000405, CVE-2017-12146, CVE-2017-16939
MD5 | bc816d54ebe529dd5225953bb2b33b51
Ubuntu Security Notice USN-3508-1
Posted Dec 7, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3508-1 - Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink subsystem in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the Linux kernel did not properly handle copy-on- write of transparent huge pages. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-1000405, CVE-2017-12146, CVE-2017-16939
MD5 | 61ffeaad7d5d235842725a3fe5d4f465
Ubuntu Security Notice USN-3507-1
Posted Dec 7, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3507-1 - Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink subsystem in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the Linux kernel did not properly handle copy-on- write of transparent huge pages. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-1000405, CVE-2017-12193, CVE-2017-15299, CVE-2017-15306, CVE-2017-15951, CVE-2017-16535, CVE-2017-16643, CVE-2017-16939
MD5 | ee6c4d967ff24654f431006a52b99e57
Linux Kernel DCCP Socket Use-After-Free
Posted Dec 7, 2017
Authored by Mohamed Ghannam

The Linux kernel suffers from a DCCP socket use-after-free vulnerability.

tags | exploit, kernel
systems | linux
advisories | CVE-2017-8824
MD5 | cd3bda0f4bf247014b2b2b7aff568ff8
Red Hat Security Advisory 2017-3315-01
Posted Nov 30, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3315-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. These updated kernel packages include several security issues and numerous bug fixes, some of which you can see below. Space precludes documenting all of these bug fixes in this advisory.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2017-1000380
MD5 | c6deefc9da0e4d1b74ae35f471f65323
Red Hat Security Advisory 2017-3368-01
Posted Nov 30, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3368-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm package provides the user-space component for running virtual machines that use KVM. Security Fix: Quick Emulator, compiled with the PC System Emulator with multiboot feature support, is vulnerable to an OOB r/w memory access issue. The issue could occur due to an integer overflow while loading a kernel image during a guest boot. A user or process could use this flaw to potentially achieve arbitrary code execution on a host.

tags | advisory, overflow, arbitrary, kernel, code execution
systems | linux, redhat
advisories | CVE-2017-14167, CVE-2017-15289
MD5 | 9474270d0ea79b3fd023bc253760072a
Huge Dirty Cow Proof Of Concept
Posted Nov 30, 2017
Authored by bindecy

This is a proof of concept for the Huge Dirty Cow vulnerability (CVE-2017-1000405). Before running, make sure to set transparent huge pages to "always" with "echo always | sudo tee /sys/kernel/mm/transparent_hugepage/enabled".

tags | exploit, kernel, proof of concept
advisories | CVE-2017-1000405
MD5 | 9d2549b018a6567383860ce3ca06d79a
Red Hat Security Advisory 2017-3295-01
Posted Nov 30, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3295-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: It was found that the timer functionality in the Linux kernel ALSA subsystem is prone to a race condition between read and ioctl system call handlers, resulting in an uninitialized memory disclosure to user space. A local user could use this flaw to read information belonging to other users.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2017-1000380
MD5 | 337af38a963b49cab2ac004afdca7cc8
Red Hat Security Advisory 2017-3322-01
Posted Nov 30, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3322-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: It was found that the timer functionality in the Linux kernel ALSA subsystem is prone to a race condition between read and ioctl system call handlers, resulting in an uninitialized memory disclosure to user space. A local user could use this flaw to read information belonging to other users.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2017-1000380
MD5 | cc374bcc224e6f2ca3a852bedb45c95c
Page 1 of 179
Back12345Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    44 Files
  • 13
    Dec 13th
    25 Files
  • 14
    Dec 14th
    15 Files
  • 15
    Dec 15th
    28 Files
  • 16
    Dec 16th
    3 Files
  • 17
    Dec 17th
    13 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close