accept no compromises
Showing 1 - 25 of 4,327 RSS Feed

Kernel Files

Kernel Live Patch Security Notice LSN-0028-1
Posted Aug 18, 2017
Authored by Benjamin M. Romer

Andrey Konovalov discovered a race condition in the UDP Fragmentation Offload (UFO) code in the Linux kernel. A local attacker could use this to cause a denial of service or execute arbitrary code. Andrey Konovalov discovered a race condition in AF_PACKET socket option handling code in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local, udp
systems | linux
advisories | CVE-2017-1000111, CVE-2017-1000112
MD5 | c8908f6bf286f4cf4b1a6341a51852ff
Ubuntu Security Notice USN-3392-2
Posted Aug 15, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3392-2 - USN-3392-1 fixed a regression in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. USN-3378-2 fixed vulnerabilities in the Linux Hardware Enablement kernel. Unfortunately, a regression was introduced that prevented conntrack from working correctly in some situations. This update fixes the problem. Various other issues were also addressed.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-1000365, CVE-2017-10810, CVE-2017-7482, CVE-2017-7533
MD5 | 71a7bad1735ab6a1d89a1c1236820999
Ubuntu Security Notice USN-3392-1
Posted Aug 15, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3392-1 - USN-3378-1 fixed vulnerabilities in the Linux kernel. Unfortunately, a regression was introduced that prevented conntrack from working correctly in some situations. This update fixes the problem. Fan Wu and Shixiong Zhao discovered a race condition between inotify events and vfs rename operations in the Linux kernel. An unprivileged local attacker could use this to cause a denial of service or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-1000365, CVE-2017-10810, CVE-2017-7482, CVE-2017-7533
MD5 | ffd40fa2f174465003ab0558d699709a
Red Hat Security Advisory 2017-2473-01
Posted Aug 15, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2473-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A race condition was found in the Linux kernel, present since v3.14-rc1 through v4.12. The race happens between threads of inotify_handle_event() and vfs_rename() while running the rename operation against the same file. As a result of the race the next slab data or the slab's free list pointer can be corrupted with attacker-controlled data.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2017-7533
MD5 | 300a51c3b0bb68bdb691e21e4b603d92
Red Hat Security Advisory 2017-2472-01
Posted Aug 15, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2472-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lacked certain checks for the end of a buffer. A remote attacker could trigger a pointer-arithmetic error or possibly cause other unspecified impacts using crafted requests related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c.

tags | advisory, remote, kernel
systems | linux, redhat
advisories | CVE-2017-7895
MD5 | 85197e3a27dd0afd28517a1be5f61b2d
Ubuntu Security Notice USN-3386-2
Posted Aug 10, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3386-2 - USN-3386-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. Andrey Konovalov discovered a race condition in the UDP Fragmentation Offload code in the Linux kernel. A local attacker could use this to cause a denial of service or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, udp, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-1000111, CVE-2017-1000112
MD5 | 245b433e13a5564b7156e05c3370eec7
Ubuntu Security Notice USN-3386-1
Posted Aug 10, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3386-1 - Andrey Konovalov discovered a race condition in the UDP Fragmentation Offload code in the Linux kernel. A local attacker could use this to cause a denial of service or execute arbitrary code. Andrey Konovalov discovered a race condition in AF_PACKET socket option handling code in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, udp
systems | linux, ubuntu
advisories | CVE-2017-1000111, CVE-2017-1000112
MD5 | db8abfde2995ca9573a601d639910c06
Ubuntu Security Notice USN-3385-2
Posted Aug 10, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3385-2 - USN-3385-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Andrey Konovalov discovered a race condition in the UDP Fragmentation Offload code in the Linux kernel. A local attacker could use this to cause a denial of service or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, udp, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-1000111, CVE-2017-1000112
MD5 | 2947313225a541781e5aabb22f271277
Ubuntu Security Notice USN-3385-1
Posted Aug 10, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3385-1 - Andrey Konovalov discovered a race condition in the UDP Fragmentation Offload code in the Linux kernel. A local attacker could use this to cause a denial of service or execute arbitrary code. Andrey Konovalov discovered a race condition in AF_PACKET socket option handling code in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, udp
systems | linux, ubuntu
advisories | CVE-2017-1000111, CVE-2017-1000112
MD5 | 886c3cfff8afc1ebc53f5aee4a8b5521
Ubuntu Security Notice USN-3384-2
Posted Aug 10, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3384-2 - USN-3384-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.04. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 17.04 for Ubuntu 16.04 LTS. Andrey Konovalov discovered a race condition in the UDP Fragmentation Offload code in the Linux kernel. A local attacker could use this to cause a denial of service or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, udp, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-1000111, CVE-2017-1000112
MD5 | 3ec3aa7eb60579646c105eee729ff405
Ubuntu Security Notice USN-3384-1
Posted Aug 10, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3384-1 - Andrey Konovalov discovered a race condition in the UDP Fragmentation Offload code in the Linux kernel. A local attacker could use this to cause a denial of service or execute arbitrary code. Andrey Konovalov discovered a race condition in AF_PACKET socket option handling code in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, udp
systems | linux, ubuntu
advisories | CVE-2017-1000111, CVE-2017-1000112
MD5 | e47cc57a0e9397738e976643425f72c4
Demystifying Windows Kernel Exploitation By Abusing GDI Objects
Posted Aug 8, 2017
Site sensepost.com

Demystifying Windows Kernel Exploitation by Abusing GDI Objects. This has the Windows 7 SP1 x86 exploit demonstrated at Defcon 25.

tags | exploit, x86, kernel
systems | windows, 7
MD5 | 52d4377ede9d242df50d7a38f59a4d4d
Red Hat Security Advisory 2017-2445-01
Posted Aug 8, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2445-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm package provides the user-space component for running virtual machines that use KVM. Security Fix: Quick Emulator built with the Network Block Device Server support is vulnerable to a crash via a SIGPIPE signal. The crash can occur if a client aborts a connection due to any failure during negotiation or read operation. A remote user/process could use this flaw to crash the qemu-nbd server resulting in a DoS.

tags | advisory, remote, kernel
systems | linux, redhat
advisories | CVE-2017-10664
MD5 | 43bb53d12066e56d74c119ad177111c2
Red Hat Security Advisory 2017-2444-01
Posted Aug 8, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2444-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: A use-after-free flaw was found in the Linux kernel which enables a race condition in the L2TPv3 IP Encapsulation feature. A local user could use this flaw to escalate their privileges or crash the system. A flaw was found that can be triggered in keyring_search_iterator in keyring.c if type->match is NULL. A local user could use this flaw to crash the system or, potentially, escalate their privileges.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2015-8970, CVE-2016-10200, CVE-2017-2647
MD5 | b37271f08ac53a5639eecacc57a5bf6d
Red Hat Security Advisory 2017-2437-01
Posted Aug 8, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2437-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A use-after-free flaw was found in the Linux kernel which enables a race condition in the L2TPv3 IP Encapsulation feature. A local user could use this flaw to escalate their privileges or crash the system. A flaw was found that can be triggered in keyring_search_iterator in keyring.c if type->match is NULL. A local user could use this flaw to crash the system or, potentially, escalate their privileges.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2015-8970, CVE-2016-10200, CVE-2017-2647, CVE-2017-8797
MD5 | 0684f5486bf12c5610fea042bfa7176e
Red Hat Security Advisory 2017-2429-01
Posted Aug 7, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2429-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lacked certain checks for the end of a buffer. A remote attacker could trigger a pointer-arithmetic error or possibly cause other unspecified impacts using crafted requests related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c.

tags | advisory, remote, kernel
systems | linux, redhat
advisories | CVE-2017-7895
MD5 | f71322cade25b77a58a8859b0716b214
Ubuntu Security Notice USN-3381-2
Posted Aug 7, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3381-2 - USN-3381-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. Peter Pi discovered that the colormap handling for frame buffer devices in the Linux kernel contained an integer overflow. A local attacker could use this to disclose sensitive information. Various other issues were also addressed.

tags | advisory, overflow, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-8405, CVE-2017-1000365, CVE-2017-2618, CVE-2017-7482
MD5 | 872f12a9aea55423ef4a6ad59dc44a44
Ubuntu Security Notice USN-3381-1
Posted Aug 7, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3381-1 - Peter Pi discovered that the colormap handling for frame buffer devices in the Linux kernel contained an integer overflow. A local attacker could use this to disclose sensitive information. It was discovered that the Linux kernel did not properly restrict RLIMIT_STACK size. A local attacker could use this in conjunction with another vulnerability to possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, overflow, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-8405, CVE-2017-1000365, CVE-2017-2618, CVE-2017-7482
MD5 | 23e15cb3b383412d96b020c0af37f828
Red Hat Security Advisory 2017-2428-01
Posted Aug 7, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2428-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lacked certain checks for the end of a buffer. A remote attacker could trigger a pointer-arithmetic error or possibly cause other unspecified impacts using crafted requests related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c.

tags | advisory, remote, kernel
systems | linux, redhat
advisories | CVE-2017-7895
MD5 | 68ac7fee5c0a8124c5e62324600092fd
Debian Security Advisory 3927-1
Posted Aug 7, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3927-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2017-1000365, CVE-2017-10810, CVE-2017-10911, CVE-2017-11176, CVE-2017-7346, CVE-2017-7482, CVE-2017-7533, CVE-2017-7541, CVE-2017-7542, CVE-2017-9605
MD5 | 5e3f1d4849e961f4980564d78956a77b
Linux Kernel 4.12 Race Condition
Posted Aug 4, 2017
Authored by Shixiong Zhao, Fan Wu

A race condition was found in the Linux kernel versions 3.14-rc1 through 4.12. The race happens between threads of inotify_handle_event() and vfs_rename() while running the rename operation against the same file. The next slab data or the slab's free list pointer can be corrupted with attacker-controlled data as a result of the race.

tags | advisory, kernel
systems | linux
MD5 | d3c514577c869fcd2c3f13e0f2db0986
Kernel Live Patch Security Notice LSN-0027-1
Posted Aug 4, 2017
Authored by Benjamin M. Romer

Fan Wu and Shixiong Zhao discovered a race condition between inotify events and vfs rename operations in the Linux kernel. An unprivileged local attacker could use this to cause a denial of service (system crash) or execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux
advisories | CVE-2017-7533
MD5 | 2c08f5ef5e1bba5027586f30d1c6777f
Ubuntu Security Notice USN-3378-2
Posted Aug 4, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3378-2 - USN-3378-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Fan Wu and Shixiong Zhao discovered a race condition between inotify events and vfs rename operations in the Linux kernel. An unprivileged local attacker could use this to cause a denial of service or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-1000365, CVE-2017-10810, CVE-2017-7482, CVE-2017-7533
MD5 | 83be044752437775050f88aee02fa689
Ubuntu Security Notice USN-3378-1
Posted Aug 4, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3378-1 - Fan Wu and Shixiong Zhao discovered a race condition between inotify events and vfs rename operations in the Linux kernel. An unprivileged local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the Linux kernel did not properly restrict RLIMIT_STACK size. A local attacker could use this in conjunction with another vulnerability to possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-1000365, CVE-2017-10810, CVE-2017-7482, CVE-2017-7533
MD5 | 9db31ba17dfb34a4396c9ced31bc3759
Ubuntu Security Notice USN-3377-2
Posted Aug 4, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3377-2 - USN-3377-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.04. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 17.04 for Ubuntu 16.04 LTS. Fan Wu and Shixiong Zhao discovered a race condition between inotify events and vfs rename operations in the Linux kernel. An unprivileged local attacker could use this to cause a denial of service or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-1000365, CVE-2017-10810, CVE-2017-7482, CVE-2017-7533
MD5 | 7252455e3ef2d532a9738ece9b403104
Page 1 of 174
Back12345Next

File Archive:

August 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    30 Files
  • 3
    Aug 3rd
    20 Files
  • 4
    Aug 4th
    17 Files
  • 5
    Aug 5th
    4 Files
  • 6
    Aug 6th
    2 Files
  • 7
    Aug 7th
    15 Files
  • 8
    Aug 8th
    18 Files
  • 9
    Aug 9th
    10 Files
  • 10
    Aug 10th
    24 Files
  • 11
    Aug 11th
    10 Files
  • 12
    Aug 12th
    3 Files
  • 13
    Aug 13th
    3 Files
  • 14
    Aug 14th
    10 Files
  • 15
    Aug 15th
    16 Files
  • 16
    Aug 16th
    18 Files
  • 17
    Aug 17th
    15 Files
  • 18
    Aug 18th
    17 Files
  • 19
    Aug 19th
    15 Files
  • 20
    Aug 20th
    11 Files
  • 21
    Aug 21st
    15 Files
  • 22
    Aug 22nd
    15 Files
  • 23
    Aug 23rd
    13 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close