exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 126 - 150 of 14,698 RSS Feed

Local Files

Ubuntu Security Notice USN-6502-3
Posted Nov 29, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6502-3 - Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not properly check for zero-length STAG or MR registration. A remote attacker could possibly use this to execute arbitrary code. Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-25775, CVE-2023-31085, CVE-2023-45871, CVE-2023-5090, CVE-2023-5345
SHA-256 | da2732a3a740d4fca2ae7b8f3b2c756f10e54524b9befd3f0a32d934e89d8c5f
Ubuntu Security Notice USN-6502-2
Posted Nov 28, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6502-2 - Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not properly check for zero-length STAG or MR registration. A remote attacker could possibly use this to execute arbitrary code. Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-25775, CVE-2023-31085, CVE-2023-45871, CVE-2023-5090, CVE-2023-5345
SHA-256 | 3844c5b07f62a7f21e7da4b17678c476911376d85f2c2699a0fd527b28dae8a9
Ubuntu Security Notice USN-6516-1
Posted Nov 28, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6516-1 - Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not properly check for zero-length STAG or MR registration. A remote attacker could possibly use this to execute arbitrary code. Yu Hao and Weiteng Chen discovered that the Bluetooth HCI UART driver in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-25775, CVE-2023-31083, CVE-2023-31085, CVE-2023-3772, CVE-2023-45871
SHA-256 | e7ba5ff6d6d35068a385124ee99fb4cdf9ca4e686d62ac89918e057c43160a7b
Ubuntu Security Notice USN-6514-1
Posted Nov 27, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6514-1 - It was discovered that Open vSwitch did not correctly handle OpenFlow rules for ICMPv6 Neighbour Advertisement packets. A local attacker could possibly use this issue to redirect traffic to arbitrary IP addresses.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2023-5366
SHA-256 | aa3fc5fdd98437b425313813d038d5f08499ac9370740d8a56cb41943df59290
Gentoo Linux Security Advisory 202311-05
Posted Nov 25, 2023
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202311-5 - Multiple vulnerabilities have been discovered in LinuxCIFS utils, the worst of which can lead to local root privilege escalation. Versions greater than or equal to 6.15 are affected.

tags | advisory, local, root, vulnerability
systems | linux, gentoo
advisories | CVE-2022-27239, CVE-2022-29869
SHA-256 | 2df3a244ab0a653e6ab0651e00d597833f4a9040f9e8b554d3af1aa0e1eab561
Ubuntu Security Notice USN-6503-1
Posted Nov 22, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6503-1 - Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service. Bien Pham discovered that the netfiler subsystem in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-31085, CVE-2023-4244, CVE-2023-5090, CVE-2023-5345, CVE-2023-5633
SHA-256 | f49422348439f73d6b38b42749f79884cebe5eadebb4f303ea755ef60d55b31d
Ubuntu Security Notice USN-6502-1
Posted Nov 22, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6502-1 - Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not properly check for zero-length STAG or MR registration. A remote attacker could possibly use this to execute arbitrary code. Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-25775, CVE-2023-31085, CVE-2023-45871, CVE-2023-5090, CVE-2023-5345
SHA-256 | 8b281c71f5499aa0d9babf8be280fa9bfb686118750a8a2f47909b213297ce1d
Ubuntu Security Notice USN-6496-1
Posted Nov 22, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6496-1 - Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not properly check for zero-length STAG or MR registration. A remote attacker could possibly use this to execute arbitrary code. Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-25775, CVE-2023-31085, CVE-2023-45871
SHA-256 | fdc60d8e003a09f361ff5ac07a415ab8ebfa403348d5e5c0f06215ad1ca095ce
Ubuntu Security Notice USN-6495-1
Posted Nov 22, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6495-1 - Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service. Manfred Rudigier discovered that the Intel PCI-Express Gigabit Ethernet driver in the Linux kernel did not properly validate received frames that are larger than the set MTU size, leading to a buffer overflow vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, overflow, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-31085, CVE-2023-45871
SHA-256 | 0038b4a53931aed559aad4f7b7dc878297fdaf2901ec90a9d676eb3e2302139e
Ubuntu Security Notice USN-6494-1
Posted Nov 22, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6494-1 - Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service. Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker could use this to cause a denial of service or possibly expose sensitive information.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-31085, CVE-2023-39189, CVE-2023-39192, CVE-2023-39193, CVE-2023-39194, CVE-2023-42754, CVE-2023-45862, CVE-2023-45871, CVE-2023-5717
SHA-256 | b8155c22b0aee7834c05ed29a1774d0847591054fd409c28e4a01741d747e025
Ubuntu Security Notice USN-6489-1
Posted Nov 21, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6489-1 - Brian McDermott discovered that Tang incorrectly handled permissions when creating/rotating keys. A local attacker could possibly use this issue to read the keys.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2023-1672
SHA-256 | 2724168d9400370e70a75b1ac8a5bba75de31f472f668121cf09fd02fe969e3c
Ubuntu Security Notice USN-6485-1
Posted Nov 17, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6485-1 - Benoit Morgan, Paul Grosen, Thais Moreira Hamasaki, Ke Sun, Alyssa Milburn, Hisham Shafi, Nir Shlomovich, Tavis Ormandy, Daniel Moghimi, Josh Eads, Salman Qazi, Alexandra Sandulescu, Andy Nguyen, Eduardo Vela, Doug Kwan, and Kostik Shtoyk discovered that some Intel Processors did not properly handle certain sequences of processor instructions. A local attacker could possibly use this to cause a core hang , gain access to sensitive information or possibly escalate their privileges.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2023-23583
SHA-256 | 34400a8514f637a776a7cfed865888aec2c25dbd2d4592b6ab4923b2c7175934
Ubuntu Security Notice USN-6479-1
Posted Nov 15, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6479-1 - Kyle Zeng discovered that the netfilter subsystem in the Linux kernel contained a race condition in IP set operations in certain situations. A local attacker could use this to cause a denial of service. Alex Birnberg discovered that the netfilter subsystem in the Linux kernel did not properly validate register length, leading to an out-of- bounds write vulnerability. A local attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-42756, CVE-2023-4881, CVE-2023-4921, CVE-2023-5197
SHA-256 | 63c0269498e600237d2db184b27c1d9c8e2f53de021504a5eb35c0e5d4cf5b21
TOR Virtual Network Tunneling Tool 0.4.8.9
Posted Nov 14, 2023
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs). This is the source code release.

Changes: This is another security release fixing a high severity bug affecting onion services which is tracked by TROVE-2023-006.
tags | tool, remote, local, peer2peer
systems | unix
SHA-256 | 59bb7d8890f6131b4ce5344f3dcea5deb2182b7f4f10ff0cb4e4d81f11b2cf65
Android mtk_jpeg Driver Race Condition / Privilege Escalation
Posted Nov 14, 2023
Authored by Google Security Research, Seth Jenkins

A race condition in the Android mtk_jpeg driver can lead to memory corruption and potential local privilege escalation.

tags | exploit, local
advisories | CVE-2023-32832
SHA-256 | b9bbc877dec293cdae380289c906920975d5c1e2eb6ec78818aa966c315357ce
Ubuntu Security Notice USN-6465-3
Posted Nov 13, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6465-3 - Yu Hao and Weiteng Chen discovered that the Bluetooth HCI UART driver in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service. Lin Ma discovered that the Netlink Transformation subsystem in the Linux kernel contained a null pointer dereference vulnerability in some situations. A local privileged attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-31083, CVE-2023-3772
SHA-256 | 5bf6952e8660d03e5c815358443efb598d8acc647e8be58c7accc9d18d79a075
Ubuntu Security Notice USN-6462-2
Posted Nov 13, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6462-2 - Seth Jenkins discovered that the Linux kernel did not properly perform address randomization for a per-cpu memory management structure. A local attacker could use this to expose sensitive information or in conjunction with another kernel vulnerability. Yu Hao and Weiteng Chen discovered that the Bluetooth HCI UART driver in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-0597, CVE-2023-31083, CVE-2023-3772, CVE-2023-4132
SHA-256 | 4c16f3fdcebfc5b44dc509e5a5feb0ff4952b6fea4797784253d2182ab528765
WordPress WP Rocket 2.10.3 Local File Inclusion
Posted Nov 13, 2023
Authored by Paulos Yibelo, E1.Coders

This is a script that checks the WordPress WP Rocket plugin to see if it is a version vulnerable to local file inclusion.

tags | advisory, local, file inclusion
SHA-256 | c3229af0a58a90826c202f67b9967c50d32d7265ad9cc923c136a59dbeebe883
Ubuntu Security Notice USN-6454-4
Posted Nov 13, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6454-4 - Kyle Zeng discovered that the netfilter subsystem in the Linux kernel contained a race condition in IP set operations in certain situations. A local attacker could use this to cause a denial of service. Alex Birnberg discovered that the netfilter subsystem in the Linux kernel did not properly validate register length, leading to an out-of-bounds write vulnerability. A local attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-42756, CVE-2023-4881, CVE-2023-4921, CVE-2023-5197
SHA-256 | d106e7f44ee54f4bbeecf2fb55ec1b0b011a941ee34426fe8343f5b99f460698
Ubuntu Security Notice USN-6465-2
Posted Nov 13, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6465-2 - Yu Hao and Weiteng Chen discovered that the Bluetooth HCI UART driver in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service. Lin Ma discovered that the Netlink Transformation subsystem in the Linux kernel contained a null pointer dereference vulnerability in some situations. A local privileged attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-31083, CVE-2023-3772
SHA-256 | 9ad3d2e06ee7207b97418e7c861060687a7290c2d202f84ed8dba5950df2f16d
Ubuntu Security Notice USN-6454-3
Posted Nov 13, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6454-3 - Kyle Zeng discovered that the netfilter subsystem in the Linux kernel contained a race condition in IP set operations in certain situations. A local attacker could use this to cause a denial of service. Alex Birnberg discovered that the netfilter subsystem in the Linux kernel did not properly validate register length, leading to an out-of- bounds write vulnerability. A local attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-42756, CVE-2023-4881, CVE-2023-4921, CVE-2023-5197
SHA-256 | 89e91b33a137b6e1cfd9be710f78c20e2f7644c5167ba6fed34963fe1ff1733d
Ubuntu Security Notice USN-6465-1
Posted Nov 13, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6465-1 - Yu Hao and Weiteng Chen discovered that the Bluetooth HCI UART driver in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service. Lin Ma discovered that the Netlink Transformation subsystem in the Linux kernel contained a null pointer dereference vulnerability in some situations. A local privileged attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-31083, CVE-2023-3772
SHA-256 | 3954c478beefaa189b4c7e799d750ac68a0c6196b6383f57af0a9f7fa49f5968
Ubuntu Security Notice USN-6464-1
Posted Nov 13, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6464-1 - Yu Hao and Weiteng Chen discovered that the Bluetooth HCI UART driver in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service. Lin Ma discovered that the Netlink Transformation subsystem in the Linux kernel contained a null pointer dereference vulnerability in some situations. A local privileged attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-31083, CVE-2023-3772, CVE-2023-38430, CVE-2023-38432, CVE-2023-3863, CVE-2023-3865, CVE-2023-3866, CVE-2023-3867, CVE-2023-4132, CVE-2023-4134, CVE-2023-44466
SHA-256 | 5d36859870429796a0315a6b5f9275dba8f9003e640e3bff729044abb499c962
Ubuntu Security Notice USN-6462-1
Posted Nov 13, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6462-1 - Seth Jenkins discovered that the Linux kernel did not properly perform address randomization for a per-cpu memory management structure. A local attacker could use this to expose sensitive information or in conjunction with another kernel vulnerability. Yu Hao and Weiteng Chen discovered that the Bluetooth HCI UART driver in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-0597, CVE-2023-31083, CVE-2023-3772, CVE-2023-4132
SHA-256 | e35c00e54afdaf6fa41cf3726741036ae7a9fc376ca95ccc4451805eb74ea686
Ubuntu Security Notice USN-6461-1
Posted Nov 13, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6461-1 - Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service. Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-31085, CVE-2023-34324, CVE-2023-39189, CVE-2023-4244, CVE-2023-42754, CVE-2023-4921, CVE-2023-5345
SHA-256 | f8740a5eb1f34579bfa81fa7e581cd1a70b404dfe0f903ddc342a4642aaedf3f
Page 6 of 588
Back45678Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close