Exploit the possiblities
Showing 1 - 25 of 4,565 RSS Feed

Kernel Files

Kernel Live Patch Security Notice LSN-0035-1
Posted Feb 23, 2018
Authored by Benjamin M. Romer

On February 22, fixes for CVE-2017-5715 were released into the Ubuntu Xenial kernel version 4.4.0-116.140. This CVE, also known as "Spectre," is caused by flaws in the design of speculative execution hardware in the computer's CPU, and could be used to access sensitive information in kernel memory.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2017-5715
MD5 | 95a67778ff266fb5d137537edcd1a426
Ubuntu Security Notice USN-3583-2
Posted Feb 23, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3583-2 - USN-3583-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. It was discovered that an out-of-bounds write vulnerability existed in the Flash-Friendly File System in the Linux kernel. An attacker could construct a malicious file system that, when mounted, could cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-0750, CVE-2017-0861, CVE-2017-1000407, CVE-2017-12153, CVE-2017-12190, CVE-2017-12192, CVE-2017-14051, CVE-2017-14140, CVE-2017-14156, CVE-2017-14489, CVE-2017-15102, CVE-2017-15115, CVE-2017-15274, CVE-2017-15868, CVE-2017-16525, CVE-2017-17450, CVE-2017-17806, CVE-2017-18017, CVE-2017-5669, CVE-2017-7542, CVE-2017-7889, CVE-2017-8824, CVE-2018-5333, CVE-2018-5344
MD5 | 31d9ad4299f2ef96b20bed7917d8b10e
Ubuntu Security Notice USN-3583-1
Posted Feb 23, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3583-1 - It was discovered that an out-of-bounds write vulnerability existed in the Flash-Friendly File System in the Linux kernel. An attacker could construct a malicious file system that, when mounted, could cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition leading to a use-after-free vulnerability existed in the ALSA PCM subsystem of the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-0750, CVE-2017-0861, CVE-2017-1000407, CVE-2017-12153, CVE-2017-12190, CVE-2017-12192, CVE-2017-14051, CVE-2017-14140, CVE-2017-14156, CVE-2017-14489, CVE-2017-15102, CVE-2017-15115, CVE-2017-15274, CVE-2017-15868, CVE-2017-16525, CVE-2017-17450, CVE-2017-17806, CVE-2017-18017, CVE-2017-5669, CVE-2017-5754, CVE-2017-7542, CVE-2017-7889, CVE-2017-8824, CVE-2018-5333, CVE-2018-5344
MD5 | 72f5ce45fa98483fb5383129af775873
Ubuntu Security Notice USN-3581-3
Posted Feb 23, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3581-3 - Mohamed Ghannam discovered that the IPv4 raw socket implementation in the Linux kernel contained a race condition leading to uninitialized pointer usage. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. ChunYu Wang discovered that a use-after-free vulnerability existed in the SCTP protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code, Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2017-15115, CVE-2017-17712, CVE-2017-8824
MD5 | f52899fcabafc11193cef9acc4823a7a
Debian Security Advisory 4120-1
Posted Feb 22, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4120-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2017-13166, CVE-2017-5715, CVE-2017-5754, CVE-2018-5750
MD5 | 87f0dca6b1b225ebfb15055fac6299cf
Debian Security Advisory 4121-1
Posted Feb 22, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4121-1 - This update doesn't fix a vulnerability in GCC itself, but instead provides support for building retpoline-enabled Linux kernel updates.

tags | advisory, kernel
systems | linux, debian
MD5 | 87245a623ef26fdd0d572d9e12848b6f
Ubuntu Security Notice USN-3582-2
Posted Feb 22, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3582-2 - USN-3582-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Mohamed Ghannam discovered that the IPv4 raw socket implementation in the Linux kernel contained a race condition leading to uninitialized pointer usage. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2015-8952, CVE-2017-12190, CVE-2017-15115, CVE-2017-17712, CVE-2017-5715, CVE-2017-8824
MD5 | 587cb9ef4fb21c7488d73d97033aa051
Ubuntu Security Notice USN-3582-1
Posted Feb 22, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3582-1 - Mohamed Ghannam discovered that the IPv4 raw socket implementation in the Linux kernel contained a race condition leading to uninitialized pointer usage. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Laurent Guerby discovered that the mbcache feature in the ext2 and ext4 filesystems in the Linux kernel improperly handled xattr block caching. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-8952, CVE-2017-12190, CVE-2017-15115, CVE-2017-17712, CVE-2017-5715, CVE-2017-8824
MD5 | 7c867a8643606e86327bf1724e3a46da
Ubuntu Security Notice USN-3581-2
Posted Feb 22, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3581-2 - USN-3581-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS. Mohamed Ghannam discovered that the IPv4 raw socket implementation in the Linux kernel contained a race condition leading to uninitialized pointer usage. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-15115, CVE-2017-17712, CVE-2017-5715, CVE-2017-8824
MD5 | 7fdede0e39ae00638778b9bf284ef71d
Ubuntu Security Notice USN-3581-1
Posted Feb 22, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3581-1 - Mohamed Ghannam discovered that the IPv4 raw socket implementation in the Linux kernel contained a race condition leading to uninitialized pointer usage. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. ChunYu Wang discovered that a use-after-free vulnerability existed in the SCTP protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code, Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2017-15115, CVE-2017-17712, CVE-2017-5715, CVE-2017-8824
MD5 | 5dd450ca1fbdd3139e2d0a7cecf19bc3
Windows Kernel win32k!fnHkINLPMSLLHOOKSTRUCT Memory Disclosure
Posted Feb 22, 2018
Authored by Google Security Research, mjurczyk

The 64-bit Windows kernel suffers from a stack memory disclosure vulnerability in win32k!fnHkINLPMSLLHOOKSTRUCT (via user-mode callback).

tags | advisory, kernel
systems | windows
advisories | CVE-2018-0810
MD5 | f2649d29716451a098dfbf661fbfbe0a
Windows Kernel win32k!SfnINLPHELPINFOSTRUCT Memory Disclosure
Posted Feb 22, 2018
Authored by Google Security Research, mjurczyk

The 64-bit Windows kernel suffers from a stack memory disclosure vulnerability in win32k!SfnINLPHELPINFOSTRUCT (via user-mode callback).

tags | advisory, kernel
systems | windows
advisories | CVE-2018-0810
MD5 | 27c78eb28b55312aa2809afbc0d3b311
Windows Kernel win32k!fnHkINLPMOUSEHOOKSTRUCTEX Memory Disclosure
Posted Feb 22, 2018
Authored by Google Security Research, mjurczyk

The 64-bit Windows kernel suffers from a stack memory disclosure vulnerability in win32k!fnHkINLPMOUSEHOOKSTRUCTEX (via user-mode callback).

tags | advisory, kernel
systems | windows
advisories | CVE-2018-0810
MD5 | 51df2fe0cf72e749bba708e2ea83d84a
Windows Kernel win32k!SfnINOUTLPWINDOWPOS Memory Disclosure
Posted Feb 22, 2018
Authored by Google Security Research, mjurczyk

The 64-bit Windows kernel suffers from a pool memory disclosure vulnerability in win32k!SfnINOUTLPWINDOWPOS (via user-mode callback).

tags | advisory, kernel
systems | windows
advisories | CVE-2018-0810
MD5 | 9c567298b0ec80585c4b62f8cb2074d5
Windows Kernel Double Fetches
Posted Feb 22, 2018
Authored by Google Security Research, mjurczyk

The Windows Kernel suffers from double fetches in win32kfull!xxxImeWindowPosChanged and win32kfull!InternalRebuildHwndListForIMEClass.

tags | advisory, kernel
systems | windows
advisories | CVE-2018-0809
MD5 | cda157a63a505b6dc3e57ec6e5981c51
Ubuntu Security Notice USN-3580-1
Posted Feb 21, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3580-1 - Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-5715, CVE-2017-5753
MD5 | 5cd5f937c9a4f68d07be05dca40f5d41
Windows Kernel nt!RtlpCopyLegacyContextX86 Stack Memory Disclosure
Posted Feb 20, 2018
Authored by Google Security Research, mjurczyk

The Windows kernel suffers from a nt!RtlpCopyLegacyContextX86 stack memory disclosure vulnerability.

tags | exploit, kernel
systems | windows
advisories | CVE-2018-0832
MD5 | 377dfc9711b87f3d2d74deede52a59ef
Debian Security Advisory 4117-1
Posted Feb 18, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4117-1 - This update doesn't fix a vulnerability in GCC itself, but instead provides support for building retpoline-enabled Linux kernel updates.

tags | advisory, kernel
systems | linux, debian
MD5 | 769be64f1b789883b6bd010a9e171ba7
Red Hat Security Advisory 2018-0292-01
Posted Feb 9, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0292-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions. There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Note: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software mitigation for this hardware issue at a cost of potential performance penalty.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2017-5715, CVE-2017-5753, CVE-2017-5754
MD5 | 45f9b9030ba7dd1e43a55cdeb2d12c06
macOS AppleEmbeddedOSSupportHostClient::registerNotificationPort Use-After-Free
Posted Feb 8, 2018
Authored by Google Security Research, ianbeer

The macOS kernel suffers from a use-after-free issue due to a lack of locking in AppleEmbeddedOSSupportHostClient::registerNotificationPort.

tags | exploit, kernel
advisories | CVE-2018-4083
MD5 | ea0f5075fd72108cc6b63fbdbbf36665
Ubuntu Security Notice USN-3561-1
Posted Feb 8, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3561-1 - It was discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. An attacker in the guest could use this to expose sensitive guest information, including kernel memory. This update allows libvirt to expose new CPU features added by microcode updates to guests. On amd64 and i386, new CPU models that match the updated microcode features were added with an -IBRS suffix. Certain environments will require guests to be switched manually to the new CPU models after microcode updates have been applied to the host. Various other issues were also addressed.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2017-5715
MD5 | 723edcb7a6f5e9a9cddff2b48c964a2f
Ubuntu Security Notice USN-3560-1
Posted Feb 7, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3560-1 - It was discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. An attacker in the guest could use this to expose sensitive guest information, including kernel memory. This update allows QEMU to expose new CPU features added by microcode updates to guests on amd64, i386, and s390x. On amd64 and i386, new CPU models that match the updated microcode features were added with an -IBRS suffix. Certain environments will require guests to be switched manually to the new CPU models after microcode updates have been applied to the host. Various other issues were also addressed.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2017-5715
MD5 | a056895c22dbc010426c5ff911cbe55c
Slackware Security Advisory - Slackware 14.2 kernel Updates
Posted Feb 6, 2018
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New kernel packages are available for Slackware 14.2 to mitigate the speculative side channel attack known as Spectre variant 2.

tags | advisory, kernel
systems | linux, slackware
advisories | CVE-2017-5715
MD5 | a2f7f31b04b7a4504cf6f62ee6bd733e
Apport / ABRT chroot Privilege Escalation
Posted Feb 3, 2018
Authored by Tavis Ormandy, Brendan Coles, StA(c)phane Graber, Ricardo F. Teixeira | Site metasploit.com

This Metasploit module attempts to gain root privileges on Linux systems by invoking the default coredump handler inside a namespace ("container"). Apport versions 2.13 through 2.17.x before 2.17.1 on Ubuntu are vulnerable, due to a feature which allows forwarding reports to a container's Apport by changing the root directory before loading the crash report, causing 'usr/share/apport/apport' within the crashed task's directory to be executed. Similarly, Fedora is vulnerable when the kernel crash handler is configured to change root directory before executing ABRT, causing 'usr/libexec/abrt-hook-ccpp' within the crashed task's directory to be executed. In both instances, the crash handler does not drop privileges, resulting in code execution as root. This Metasploit module has been tested successfully on Apport 2.14.1 on Ubuntu 14.04.1 LTS x86 and x86_64 and ABRT on Fedora 19 and 20 x86_64.

tags | exploit, x86, kernel, root, code execution
systems | linux, fedora, ubuntu
advisories | CVE-2015-1318
MD5 | 1dc9fd5c90665c8934d2712e757240c3
Jailbreaking iOS 11.1.2 - An Adventure Into The XNU Kernel
Posted Feb 2, 2018
Authored by Bryce Berchell

Jailbreaking iOS 11.1.2 - An adventure into the XNU kernel.

tags | paper, kernel
systems | ios
MD5 | 93e70d65ed87ce7a4df0216aea36e705
Page 1 of 183
Back12345Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

February 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    15 Files
  • 2
    Feb 2nd
    15 Files
  • 3
    Feb 3rd
    15 Files
  • 4
    Feb 4th
    13 Files
  • 5
    Feb 5th
    16 Files
  • 6
    Feb 6th
    15 Files
  • 7
    Feb 7th
    15 Files
  • 8
    Feb 8th
    15 Files
  • 9
    Feb 9th
    18 Files
  • 10
    Feb 10th
    8 Files
  • 11
    Feb 11th
    8 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    15 Files
  • 14
    Feb 14th
    15 Files
  • 15
    Feb 15th
    17 Files
  • 16
    Feb 16th
    18 Files
  • 17
    Feb 17th
    37 Files
  • 18
    Feb 18th
    2 Files
  • 19
    Feb 19th
    16 Files
  • 20
    Feb 20th
    16 Files
  • 21
    Feb 21st
    15 Files
  • 22
    Feb 22nd
    16 Files
  • 23
    Feb 23rd
    31 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close