what you don't know can hurt you
Showing 1 - 25 of 5,865 RSS Feed

Kernel Files

Red Hat Security Advisory 2021-4774-02
Posted Nov 24, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4774-02 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-36385
MD5 | 62423bc8a4034e3fcc265b978e7bde9c
Red Hat Security Advisory 2021-4798-02
Posted Nov 24, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4798-02 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-36385
MD5 | 6677ccc7364dc48a8ecdabda550c469c
Red Hat Security Advisory 2021-4773-03
Posted Nov 24, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4773-03 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-36385
MD5 | 87f11f771007a6959cfb04aee9bc90b7
Red Hat Security Advisory 2021-4777-01
Posted Nov 24, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4777-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-36385
MD5 | 1df3563a647c43c02e1ba8a8899d1f26
Red Hat Security Advisory 2021-4779-01
Posted Nov 24, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4779-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-36385
MD5 | ea9ab2e51fb7ff68de6bc3a38424035e
Linux Kernel 5.1.x PTRACE_TRACEME pkexec Local Privilege Escalation
Posted Nov 23, 2021
Authored by Ujas Dhami

Linux kernel version 5.1.x PTRACE_TRACEME pkexec local privilege escalation exploit.

tags | exploit, kernel, local
systems | linux
advisories | CVE-2019-13272
MD5 | 93bf4fd882fc501f02e28d535e89918e
Red Hat Security Advisory 2021-4768-01
Posted Nov 23, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4768-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-36385, CVE-2021-3653
MD5 | ea6d0e4f074f84c1346e819a6d4be6cb
Red Hat Security Advisory 2012-4770-01
Posted Nov 23, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-4770-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-36385
MD5 | 16205693e0dd29678e620dee016051e0
KVM SVM Out-Of-Bounds Read/Write
Posted Nov 22, 2021
Authored by Google Security Research, Felix Wilhelm

A KVM guest using SEV-ES (Secure Encrypted Virtualization - Encrypted State) can trigger out-of-bounds reads and writes in the host kernel via a malicious VMGEXIT using the exit reason SVM_EXIT_IOIO.

tags | advisory, kernel
MD5 | 24767f69b195bc395343e5e0783896f5
DNS Cache Poisoning Attack: Resurrections With Side Channels
Posted Nov 17, 2021
Authored by Keyu Man, Zhiyun Qian, Xin'an Zhou

In this paper, the authors conduct an analysis of the previously over-looked attack surface related to DNS, and are able to uncover even stronger side channels that have existed for over a decade in Linux kernels. The side channels affect not only Linux but also a wide range of DNS software running on top of it, including BIND, Unbound and dns-masq. They also discovered that about 38% of open resolvers (by frontend IPs) and 14% (by backend IPs) are vulnerable including the popular DNS services such as OpenDNS and Quad9.

tags | paper, kernel
systems | linux
MD5 | 0b2f564378864cbd4aea7ad6ebf9bcd0
Red Hat Security Advisory 2021-4687-02
Posted Nov 16, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4687-02 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-36385
MD5 | 06129973440262186fe9c03e031eeaa5
Red Hat Security Advisory 2021-4692-02
Posted Nov 16, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4692-02 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-36385, CVE-2021-3653
MD5 | 099d1ce8175e8a2b268c39f553a0b6c4
Red Hat Security Advisory 2021-4644-02
Posted Nov 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4644-02 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2021-43267
MD5 | b7fd3be0a2f0bb33cca47315c9cdf70b
Red Hat Security Advisory 2021-4646-01
Posted Nov 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4646-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2021-20317, CVE-2021-43267
MD5 | 80b067611093e90a297bf9cf71eafdf9
Red Hat Security Advisory 2021-4647-01
Posted Nov 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4647-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2021-20317, CVE-2021-43267
MD5 | 7270ecee6727ad21dba82cae99882afc
Red Hat Security Advisory 2021-4645-01
Posted Nov 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4645-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2021-43267
MD5 | 3e3b04e460116853e06766253d5bf9b2
Red Hat Security Advisory 2021-4650-01
Posted Nov 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4650-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2021-20317, CVE-2021-28950, CVE-2021-43267
MD5 | fee387a7b52341b0df7b9ce131cf15b6
Red Hat Security Advisory 2021-4648-01
Posted Nov 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4648-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2021-20317, CVE-2021-28950, CVE-2021-43267
MD5 | c9b93c24cdb3eb7b7d84480ed5913626
Kernel Live Patch Security Notice LSN-0082-1
Posted Nov 12, 2021
Authored by Benjamin M. Romer

Jann Horn discovered that the tty subsystem of the Linux kernel did not use consistent locking in some situations, leading to a read-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). De4dCr0w of 360 Alpha Lab discovered that the BPF verifier in the Linux kernel did not properly handle mod32 destination register truncation when the source register was known to be 0. A local attacker could use this to expose sensitive information (kernel memory) or possibly execute arbitrary code. Various other vulnerabilities were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux
advisories | CVE-2020-29660, CVE-2020-29661, CVE-2021-3444, CVE-2021-3715
MD5 | 290911e1c3d235e6f7627baffb0541ec
Ubuntu Security Notice USN-5137-2
Posted Nov 11, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5137-2 - It was discovered that the f2fs file system in the Linux kernel did not properly validate metadata in some situations. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service or possibly execute arbitrary code. It was discovered that the Infiniband RDMA userspace connection manager implementation in the Linux kernel contained a race condition leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possible execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-19449, CVE-2020-36385, CVE-2021-3428, CVE-2021-34556, CVE-2021-35477, CVE-2021-3739, CVE-2021-3743, CVE-2021-3753, CVE-2021-3759
MD5 | 6462e03f35541bd5a91729fe01ed4ecd
Ubuntu Security Notice USN-5140-1
Posted Nov 11, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5140-1 - It was discovered that the AMD Cryptographic Coprocessor driver in the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could use this to cause a denial of service. It was discovered that an integer overflow could be triggered in the eBPF implementation in the Linux kernel when preallocating objects for stack maps. A privileged local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-3744, CVE-2021-41864
MD5 | b90767cbc1e703cb5da81e873bdd27eb
Ubuntu Security Notice USN-5139-1
Posted Nov 11, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5139-1 - Ilja Van Sprundel discovered that the SCTP implementation in the Linux kernel did not properly perform size validations on incoming packets in some situations. An attacker could possibly use this to expose sensitive information. It was discovered that the AMD Cryptographic Coprocessor driver in the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-3655, CVE-2021-3760, CVE-2021-41864, CVE-2021-43056, CVE-2021-43389
MD5 | 1892b563cb6e73408d2dde078efe9952
Win32k NtGdiResetDC Use-After-Free / Local Privilege Escalation
Posted Nov 10, 2021
Authored by Grant Willcox, KaLendsi, ly4k, Costin Raiu, Boris Larin, Red Raindrop Team, IronHusky | Site metasploit.com

A use after free vulnerability exists in the NtGdiResetDC() function of Win32k which can be leveraged by an attacker to escalate privileges to those of NT AUTHORITY\SYSTEM. The flaw exists due to the fact that this function calls hdcOpenDCW(), which performs a user mode callback. During this callback, attackers can call the NtGdiResetDC() function again with the same handle as before, which will result in the PDC object that is referenced by this handle being freed. The attacker can then replace the memory referenced by the handle with their own object, before passing execution back to the original NtGdiResetDC() call, which will now use the attacker's object without appropriate validation. This can then allow the attacker to manipulate the state of the kernel and, together with additional exploitation techniques, gain code execution as NT AUTHORITY\SYSTEM. This Metasploit module has been tested to work on Windows 10 x64 RS1 (build 14393) and RS5 (build 17763), however previous versions of Windows 10 will likely also work.

tags | exploit, kernel, code execution
systems | windows
advisories | CVE-2021-40449
MD5 | 98ae62353bf31ba68e3677a972b003c7
Red Hat Security Advisory 2021-4597-01
Posted Nov 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4597-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-36385
MD5 | 4cbee178a520ca574b546ddf41b6892a
Red Hat Security Advisory 2021-4140-02
Posted Nov 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4140-02 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow, bypass, denial of service, double free, heap overflow, information leakage, null pointer, out of bounds read, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-0427, CVE-2020-24502, CVE-2020-24503, CVE-2020-24504, CVE-2020-24586, CVE-2020-24587, CVE-2020-24588, CVE-2020-26139, CVE-2020-26140, CVE-2020-26141, CVE-2020-26143, CVE-2020-26144, CVE-2020-26145, CVE-2020-26146, CVE-2020-26147, CVE-2020-29368, CVE-2020-29660, CVE-2020-36158, CVE-2020-36386, CVE-2021-0129, CVE-2021-20194, CVE-2021-20239, CVE-2021-23133, CVE-2021-28950, CVE-2021-28971, CVE-2021-29155
MD5 | 079c6c1769544376cbb35c9f98bef974
Page 1 of 235
Back12345Next

File Archive:

November 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    19 Files
  • 2
    Nov 2nd
    25 Files
  • 3
    Nov 3rd
    8 Files
  • 4
    Nov 4th
    7 Files
  • 5
    Nov 5th
    24 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    0 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    106 Files
  • 11
    Nov 11th
    19 Files
  • 12
    Nov 12th
    13 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    18 Files
  • 16
    Nov 16th
    12 Files
  • 17
    Nov 17th
    15 Files
  • 18
    Nov 18th
    12 Files
  • 19
    Nov 19th
    4 Files
  • 20
    Nov 20th
    2 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    22 Files
  • 23
    Nov 23rd
    14 Files
  • 24
    Nov 24th
    19 Files
  • 25
    Nov 25th
    4 Files
  • 26
    Nov 26th
    1 Files
  • 27
    Nov 27th
    4 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close