what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 14 of 14 RSS Feed

CVE-2012-4565

Status Candidate

Overview

The tcp_illinois_info function in net/ipv4/tcp_illinois.c in the Linux kernel before 3.4.19, when the net.ipv4.tcp_congestion_control illinois setting is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) by reading TCP stats.

Related Files

Ubuntu Security Notice USN-1704-2
Posted Feb 2, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1704-2 - USN-1704-1 fixed vulnerabilities in the Linux kernel. Due to an unrelated regression inotify/fanotify stopped working after upgrading. This update fixes the problem. Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. Jon Howell reported a flaw in the Linux kernel's KVM (Kernel-based virtual machine) subsystem's handling of the XSAVE feature. On hosts, using qemu userspace, without the XSAVE feature an unprivileged local attacker could exploit this flaw to crash the system. Dmitry Monakhov reported a race condition flaw the Linux ext4 filesystem that can expose stale data. An unprivileged user could exploit this flaw to cause an information leak. A flaw was discovered in the Linux kernel's handling of script execution when module loading is enabled. A local attacker could exploit this flaw to cause a leak of kernel stack contents. Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service. A flaw was discovered in the Linux kernel's handling of new hot-plugged memory. An unprivileged local user could exploit this flaw to cause a denial of service by crashing the system. Florian Weimer discovered that hypervkvpd, which is distributed in the Linux kernel, was not correctly validating source addresses of netlink packets. An untrusted local user can cause a denial of service by causing hypervkvpd to exit. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, tcp, vulnerability
systems | linux, ubuntu
advisories | CVE-2012-0957, CVE-2012-4461, CVE-2012-4508, CVE-2012-4530, CVE-2012-4565, CVE-2012-5517, CVE-2012-5532
SHA-256 | e9e792aadc97786927427c783a1b1572627f4f272916fcaa582f0780c5890272
Ubuntu Security Notice USN-1704-1
Posted Jan 23, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1704-1 - Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. Jon Howell reported a flaw in the Linux kernel's KVM (Kernel-based virtual machine) subsystem's handling of the XSAVE feature. On hosts, using qemu userspace, without the XSAVE feature an unprivileged local attacker could exploit this flaw to crash the system. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2012-0957, CVE-2012-4461, CVE-2012-4508, CVE-2012-4530, CVE-2012-4565, CVE-2012-5517, CVE-2012-5532, CVE-2012-0957, CVE-2012-4461, CVE-2012-4508, CVE-2012-4530, CVE-2012-4565, CVE-2012-5517, CVE-2012-5532
SHA-256 | cee34c70ba2a3639f0d2c6c944ab8c33eaab079317385ea3e05356964547c138
Red Hat Security Advisory 2012-1580-01
Posted Dec 19, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1580-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the RHSA-2012:0862 update did not correctly fix the CVE-2011-4131 issue. A malicious Network File System version 4 server could return a crafted reply to a GETACL request, causing a denial of service on the client. A divide-by-zero flaw was found in the TCP Illinois congestion control algorithm implementation in the Linux kernel. If the TCP Illinois congestion control algorithm were in use, a local, unprivileged user could trigger this flaw and cause a denial of service.

tags | advisory, denial of service, kernel, local, tcp
systems | linux, redhat
advisories | CVE-2012-2100, CVE-2012-2375, CVE-2012-4444, CVE-2012-4565, CVE-2012-5517
SHA-256 | 957596f7bcdc61679ba3f425db589377b65fa466ef93391d0d3a1cc7386991f1
Ubuntu Security Notice USN-1653-1
Posted Dec 4, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1653-1 - Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2012-4565
SHA-256 | 25dbc32f4481135cb784c26cf3323fd9be5f2611d4444404eaf7b8702ea2e461
Red Hat Security Advisory 2012-1491-01
Posted Dec 4, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1491-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way Netlink messages without SCM_CREDENTIALS data set were handled. When not explicitly set, the data was sent but with all values set to 0, including the process ID and user ID, causing the Netlink message to appear as if it were sent with root privileges. A local, unprivileged user could use this flaw to send spoofed Netlink messages to an application, possibly resulting in the application performing privileged operations if it relied on SCM_CREDENTIALS data for the authentication of Netlink messages.

tags | advisory, kernel, local, root, spoof
systems | linux, redhat
advisories | CVE-2012-0957, CVE-2012-2133, CVE-2012-3400, CVE-2012-3430, CVE-2012-3511, CVE-2012-3520, CVE-2012-4508, CVE-2012-4565
SHA-256 | 9fc196ee7e1a6d99be88df166bba11b7dfc2a6af8804a850b507161ce71b9c93
Ubuntu Security Notice USN-1652-1
Posted Nov 30, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1652-1 - Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2012-0957, CVE-2012-4565, CVE-2012-0957, CVE-2012-4565
SHA-256 | e2ab2490ada83b444a66c52183f126e16e8175d3cffdad175af3f948c4a2e280
Ubuntu Security Notice USN-1651-1
Posted Nov 30, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1651-1 - Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2012-4565
SHA-256 | 050be699e44be98ae2ca0aff99370d56139223bf52fe876c8f83644c51ece493
Ubuntu Security Notice USN-1650-1
Posted Nov 30, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1650-1 - Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2012-4565
SHA-256 | ea0d826ac97c808d41bf039a736c91d3f83693af9097f54d42f504187da73d53
Ubuntu Security Notice USN-1649-1
Posted Nov 30, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1649-1 - Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2012-0957, CVE-2012-4565, CVE-2012-0957, CVE-2012-4565
SHA-256 | 50d96a46ae540807a3cbac6d9da2f0a742defbec6c2aeb63630420490e1280e4
Ubuntu Security Notice USN-1648-1
Posted Nov 30, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1648-1 - Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2012-0957, CVE-2012-4565, CVE-2012-0957, CVE-2012-4565
SHA-256 | 4eb660e26fd88a32afdbb6f4745741f275f50287259f53e6fcf824c0f62ee4ce
Ubuntu Security Notice USN-1647-1
Posted Nov 30, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1647-1 - Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2012-0957, CVE-2012-4565, CVE-2012-0957, CVE-2012-4565
SHA-256 | bc7bae042dda4167991eaaa3aba4772592c4a371088803032bf38ec4fc7d8f3b
Ubuntu Security Notice USN-1646-1
Posted Nov 30, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1646-1 - Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2012-0957, CVE-2012-4565, CVE-2012-0957, CVE-2012-4565
SHA-256 | e417f1d428863d8eb7268db89617f507396def202c65c7aa89768f7915d5e0be
Ubuntu Security Notice USN-1645-1
Posted Nov 30, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1645-1 - Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2012-0957, CVE-2012-4565, CVE-2012-0957, CVE-2012-4565
SHA-256 | 4d3dae198ecc5f0fab30ae0aa3248050f97447564d01f2bdf33aa7274130728c
Ubuntu Security Notice USN-1644-1
Posted Nov 30, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1644-1 - Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2012-0957, CVE-2012-4565, CVE-2012-0957, CVE-2012-4565
SHA-256 | 5a24998d89af0c468b0e5534c8e4d28d186288d82114644816fad0f143a37bfb
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close