Red Hat Security Advisory 2013-1645-02 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's IPv6 implementation handled certain UDP packets when the UDP Fragmentation Offload feature was enabled. A remote attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system.
97d65ec407c60f5d7fb845675304c446d1888daf065dc7d8976e4e16c33033abRed Hat Security Advisory 2013-1034-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Information leaks in the Linux kernel could allow a local, unprivileged user to leak kernel memory to user-space. An information leak was found in the Linux kernel's POSIX signals implementation. A local, unprivileged user could use this flaw to bypass the Address Space Layout Randomization security feature.
34121c82d03fd50f83ba71ea63684236a7136524febb537bcf818b837e55a165Ubuntu Security Notice 1882-1 - Kees Cook discovered a flaw in the Linux kernel's iSCSI subsystem. A remote unauthenticated attacker could exploit this flaw to cause a denial of service (system crash) or potentially gain administrative privileges. An information leak was discovered in the Linux kernel when inotify is used to monitor the /dev/ptmx device. A local user could exploit this flaw to discover keystroke timing and potentially discover sensitive information like password length. Various other issues were also addressed.
18f860d32ffeb032bd1144854bf0e161f2340320da8039ec6381f98604a9bc2eUbuntu Security Notice 1881-1 - An information leak was discovered in the Linux kernel when inotify is used to monitor the /dev/ptmx device. A local user could exploit this flaw to discover keystroke timing and potentially discover sensitive information like password length. An information leak was discovered in the Linux kernel's tkill and tgkill system calls when used from compat processes. A local user could exploit this flaw to examine potentially sensitive kernel memory. Various other issues were also addressed.
8e65cc1062bc15c589787f9d1f6787a38e54a3eac0cdb039d2a6e76a56f92352Ubuntu Security Notice 1880-1 - An information leak was discovered in the Linux kernel when inotify is used to monitor the /dev/ptmx device. A local user could exploit this flaw to discover keystroke timing and potentially discover sensitive information like password length. An information leak was discovered in the Linux kernel's tkill and tgkill system calls when used from compat processes. A local user could exploit this flaw to examine potentially sensitive kernel memory. Various other issues were also addressed.
80c1944a6fe727a9ecbe1de5b6a4c5f0c12de2baaab465d1efd8c6aaa419b901Ubuntu Security Notice 1879-1 - Kees Cook discovered a flaw in the Linux kernel's iSCSI subsystem. A remote unauthenticated attacker could exploit this flaw to cause a denial of service (system crash) or potentially gain administrative privileges. An information leak was discovered in the Linux kernel when inotify is used to monitor the /dev/ptmx device. A local user could exploit this flaw to discover keystroke timing and potentially discover sensitive information like password length. Various other issues were also addressed.
1c3ecd77d4143079e7c7df7f41d484fa02e23b0c552fe0663d9c1d0a64d272f3Ubuntu Security Notice 1878-1 - An information leak was discovered in the Linux kernel when inotify is used to monitor the /dev/ptmx device. A local user could exploit this flaw to discover keystroke timing and potentially discover sensitive information like password length. A flaw was discovered in the Linux kernel's perf events subsystem for Intel Sandy Bridge and Ivy Bridge processors. A local user could exploit this flaw to cause a denial of service (system crash). Various other issues were also addressed.
223ac43b65f7cec8dd19c93cc238ada7f5bc8988fa2619242e58e518af0df071Ubuntu Security Notice 1877-1 - Andrew Honig reported a flaw in the way KVM (Kernel-based Virtual Machine) emulated the IOAPIC. A privileged guest user could exploit this flaw to read host memory or cause a denial of service (crash the host). An information leak was discovered in the Linux kernel's rcvmsg path for ATM (Asynchronous Transfer Mode). A local user could exploit this flaw to examine potentially sensitive information from the kernel's stack memory. Various other issues were also addressed.
664f8dd42098daff23ab037e3fc2fe893b486fba3c9ae90ce65c103f83f06adbUbuntu Security Notice 1876-1 - Andrew Honig reported a flaw in the way KVM (Kernel-based Virtual Machine) emulated the IOAPIC. A privileged guest user could exploit this flaw to read host memory or cause a denial of service (crash the host). An information leak was discovered in the Linux kernel's rcvmsg path for ATM (Asynchronous Transfer Mode). A local user could exploit this flaw to examine potentially sensitive information from the kernel's stack memory. Various other issues were also addressed.
b0bcd07769ce523797619d01e9fb9358efd25a1ad660480c9ba650a4b8c228e2Ubuntu Security Notice 1837-1 - An information leak was discovered in the Linux kernel's crypto API. A local user could exploit this flaw to examine potentially sensitive information from the kernel's stack memory. An information leak was discovered in the Linux kernel's rcvmsg path for ATM (Asynchronous Transfer Mode). A local user could exploit this flaw to examine potentially sensitive information from the kernel's stack memory. Various other issues were also addressed.
a149e6791afe53949e5c21b09601ee39e3868e3706f7403265a6e6902dba012bRed Hat Security Advisory 2013-0829-01 - Security fixes: It was found that the kernel-rt update RHBA-2012:0044 introduced an integer conversion issue in the Linux kernel's Performance Events implementation. This led to a user-supplied index into the perf_swevent_enabled array not being validated properly, resulting in out-of-bounds kernel memory access. A local, unprivileged user could use this flaw to escalate their privileges. A public exploit for CVE-2013-2094 that affects Red Hat Enterprise MRG 2 is available. Refer to Red Hat Knowledge Solution 373743, linked to in the References, for further information and mitigation instructions for users who are unable to immediately apply this update.
00fadee46a5e7a81db412e709a930a32fe89a5061478a9d3640649e6c28b0cc4Debian Linux Security Advisory 2669-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation.
bcfe3afbb4182656ff4cebf2d30b08f1bd994ad473bc4830c1ed33aa786d930e
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed