HP Security Bulletin HPSBGN03565 1 - A vulnerability in the Linux kernel was addressed by HPE Virtualization Performance Viewer. The vulnerability could be exploited locally to allow Denial of Service (DoS). Revision 1 of this advisory.
99c40fd384bf32a773b21eee76dfbdc695a46c41dfb88f5edec091d406f3ac30Red Hat Security Advisory 2016-0224-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. It was found that the Linux kernel's keys subsystem did not correctly garbage collect uninstantiated keyrings. A local attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system. A flaw was found in the way the Linux kernel handled IRET faults during the processing of NMIs. An unprivileged, local user could use this flaw to crash the system or, potentially, escalate their privileges on the system.
00ab730508d67ce6b518ba890134a1d1d8898a4574f922bc1006d89b31f85489Red Hat Security Advisory 2016-0212-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. It was found that the Linux kernel's keys subsystem did not correctly garbage collect uninstantiated keyrings. A local attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system. A flaw was found in the way the Linux kernel handled IRET faults during the processing of NMIs. An unprivileged, local user could use this flaw to crash the system or, potentially, escalate their privileges on the system.
b771c9eefb04a0bae6b27307e6c6f3a2e4d927b2ee673b81a19677837f66263cRed Hat Security Advisory 2016-0185-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the Linux kernel's keys subsystem did not correctly garbage collect uninstantiated keyrings. A local attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system. A flaw was found in the way the Linux kernel handled IRET faults during the processing of NMIs. An unprivileged, local user could use this flaw to crash the system or, potentially, escalate their privileges on the system.
1a2e527298ad69b36cf3c97378fa9634fd9b0bc9ef66a9c4a6fdf6769fb4a7cfUbuntu Security Notice 2840-2 - Dmitry Vyukov discovered that the Linux kernel's keyring handler attempted to garbage collect incompletely instantiated keys. A local unprivileged attacker could use this to cause a denial of service (system crash).
24c157bc5fb11507b05110e988d7bc8ac2a3a57436e0dee3534be4d8df1784a6Ubuntu Security Notice 2843-3 - =E9=83=AD=E6=B0=B8=E5=88=9A discovered that the ppp implementation in the Linux kernel did not ensure that certain slot numbers are valid. A local attacker with the privilege to call ioctl() on /dev/ppp could cause a denial of service (system crash). Dmitry Vyukov discovered that the Linux kernel's keyring handler attempted to garbage collect incompletely instantiated keys. A local unprivileged attacker could use this to cause a denial of service (system crash). Various other issues were also addressed.
49334a6b730ea953bb24db7899076e4caa9a090dbe9937e4c72b50efb8cce3a4Ubuntu Security Notice 2843-2 - Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS. It was discovered that the ppp implementation in the Linux kernel did not ensure that certain slot numbers are valid. A local attacker with the privilege to call ioctl() on /dev/ppp could cause a denial of service (system crash). Various other issues were also addressed.
c5e55d2c73f862fc096ea1440ff05f9e135387c9eb19edd0e68e6a85dc021481Ubuntu Security Notice 2843-1 - Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS. It was discovered that the ppp implementation in the Linux kernel did not ensure that certain slot numbers are valid. A local attacker with the privilege to call ioctl() on /dev/ppp could cause a denial of service (system crash). Various other issues were also addressed.
f479df664dd8312e1d62280d98193f75f0d711e3ff7b1a9290dd88a9b27a19bcUbuntu Security Notice 2840-1 - Dmitry Vyukov discovered that the Linux kernel's keyring handler attempted to garbage collect incompletely instantiated keys. A local unprivileged attacker could use this to cause a denial of service (system crash). Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS. Various other issues were also addressed.
80fb709cf813138ac610699be9a980c35f20439568f9d3a1af1dc62faaed2bb6Red Hat Security Advisory 2015-2636-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's file system implementation handled rename operations in which the source was inside and the destination was outside of a bind mount. A privileged user inside a container could use this flaw to escape the bind mount and, potentially, escalate their privileges on the system. It was found that the x86 ISA is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way delivering of benign exceptions such as #AC and #DB is handled. A privileged user inside a guest could use these flaws to create denial of service conditions on the host kernel.
4c9d3dc7b4a5862f13ddb25c6fe1d7ed8bae4329d542c363dd404d810e5e5967Ubuntu Security Notice 2829-2 - It was discovered that the SCTP protocol implementation in the Linux kernel performed an incorrect sequence of protocol-initialization steps. A local attacker could use this to cause a denial of service (system crash). Dmitry Vyukov discovered that the Linux kernel's keyring handler attempted to garbage collect incompletely instantiated keys. A local unprivileged attacker could use this to cause a denial of service (system crash). Various other issues were also addressed.
5e4f710da8e8bbf54975fb1576d44e7ff897febc80e10c3dce85fa2a8b83ab06Ubuntu Security Notice 2829-1 - It was discovered that the SCTP protocol implementation in the Linux kernel performed an incorrect sequence of protocol-initialization steps. A local attacker could use this to cause a denial of service (system crash). Dmitry Vyukov discovered that the Linux kernel's keyring handler attempted to garbage collect incompletely instantiated keys. A local unprivileged attacker could use this to cause a denial of service (system crash). Various other issues were also addressed.
e5abdf2008e62ef43b3ae503e90de529e5809783c88d0f8c0761fc3ccbd0f5fdUbuntu Security Notice 2826-1 - It was discovered that the SCTP protocol implementation in the Linux kernel performed an incorrect sequence of protocol-initialization steps. A local attacker could use this to cause a denial of service (system crash). Dmitry Vyukov discovered that the Linux kernel's keyring handler attempted to garbage collect incompletely instantiated keys. A local unprivileged attacker could use this to cause a denial of service (system crash). Various other issues were also addressed.
a46cac37588ee91b5f88a74d036718a72a40eb593bde4fc8fd7dd5be31746a37Ubuntu Security Notice 2824-1 - Dmitry Vyukov discovered that the Linux kernel's keyring handler attempted to garbage collect incompletely instantiated keys. A local unprivileged attacker could use this to cause a denial of service (system crash).
7db7a7fae1c43f0a5515c9f7cba84ce7e29596eab26c0f8629bd42187783f008Ubuntu Security Notice 2823-1 - It was discovered that the SCTP protocol implementation in the Linux kernel performed an incorrect sequence of protocol-initialization steps. A local attacker could use this to cause a denial of service (system crash). Dmitry Vyukov discovered that the Linux kernel's keyring handler attempted to garbage collect incompletely instantiated keys. A local unprivileged attacker could use this to cause a denial of service (system crash). Various other issues were also addressed.
b571488b07c4a6634118c61047b479fdea699b8487c5473f9b60f7ecedacf73dDebian Linux Security Advisory 3396-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service.
57b221cf0f2e7a2aa4558d8d243981e0dfe2d84128caace2acf4863b4c84035f
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed