what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 14 of 14 RSS Feed

CVE-2016-2384

Status Candidate

Overview

Double free vulnerability in the snd_usbmidi_create function in sound/usb/midi.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (panic) or possibly have unspecified other impact via vectors involving an invalid USB descriptor.

Related Files

Linux Kernel 3.x usb-midi Local Privilege Escalation
Posted May 12, 2017
Authored by Andrey Konovalov

Linux kernel version 3.x (Ubuntu 14.04 / Mint 17.3 / Fedora 22) double-free usb-midi SMEP local privilege escalation exploit.

tags | exploit, kernel, local
systems | linux, fedora, ubuntu
advisories | CVE-2016-2384
SHA-256 | e7882ec726796b90a0e6bf5db2b33500a6997e2fba0c1e07b3cf8985646d15b1
Red Hat Security Advisory 2017-0817-01
Posted Mar 21, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0817-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: It was discovered that a remote attacker could leverage the generation of IPv6 atomic fragments to trigger the use of fragmentation in an arbitrary IPv6 flow and could subsequently perform any type of a fragmentation-based attack against legacy IPv6 nodes that do not implement RFC6946.

tags | advisory, remote, arbitrary, kernel
systems | linux, redhat
advisories | CVE-2016-10088, CVE-2016-10142, CVE-2016-2069, CVE-2016-2384, CVE-2016-6480, CVE-2016-7042, CVE-2016-7097, CVE-2016-8399, CVE-2016-9576
SHA-256 | 597c633d164dd5b659055724a7f94dfa6104bd1ddf58babc8fd4e61d37290908
Red Hat Security Advisory 2016-2584-02
Posted Nov 3, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2584-02 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: It was found that the Linux kernel's IPv6 implementation mishandled socket options. A local attacker could abuse concurrent access to the socket options to escalate their privileges, or cause a denial of service via a crafted sendmsg system call.

tags | advisory, denial of service, kernel, local
systems | linux, redhat
advisories | CVE-2013-4312, CVE-2015-8374, CVE-2015-8543, CVE-2015-8746, CVE-2015-8812, CVE-2015-8844, CVE-2015-8845, CVE-2015-8956, CVE-2016-2053, CVE-2016-2069, CVE-2016-2117, CVE-2016-2384, CVE-2016-2847, CVE-2016-3070, CVE-2016-3156, CVE-2016-3699, CVE-2016-3841, CVE-2016-4569, CVE-2016-4578, CVE-2016-4581, CVE-2016-4794, CVE-2016-5829, CVE-2016-6136, CVE-2016-6198, CVE-2016-6327, CVE-2016-6480
SHA-256 | 88a2bd8c0f30988120dd0ca735846a15c63a1e9c06edc72ce61959751724fbc4
Red Hat Security Advisory 2016-2574-02
Posted Nov 3, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2574-02 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: It was found that the Linux kernel's IPv6 implementation mishandled socket options. A local attacker could abuse concurrent access to the socket options to escalate their privileges, or cause a denial of service via a crafted sendmsg system call.

tags | advisory, denial of service, kernel, local
systems | linux, redhat
advisories | CVE-2013-4312, CVE-2015-8374, CVE-2015-8543, CVE-2015-8746, CVE-2015-8812, CVE-2015-8844, CVE-2015-8845, CVE-2015-8956, CVE-2016-2053, CVE-2016-2069, CVE-2016-2117, CVE-2016-2384, CVE-2016-2847, CVE-2016-3070, CVE-2016-3156, CVE-2016-3699, CVE-2016-3841, CVE-2016-4569, CVE-2016-4578, CVE-2016-4581, CVE-2016-4794, CVE-2016-5412, CVE-2016-5828, CVE-2016-5829, CVE-2016-6136, CVE-2016-6198, CVE-2016-6327, CVE-2016-6480
SHA-256 | a58b7b5d58e92d5a084026c53f5461e431441e86891787922c799b50ae4376ed
Ubuntu Security Notice USN-2930-3
Posted Mar 16, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2930-3 - Ben Hawkes discovered that the Linux netfilter implementation did not correctly perform validation when handling IPT_SO_SET_REPLACE events. A local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. Ben Hawkes discovered an integer overflow in the Linux netfilter implementation. On systems running 32 bit kernels, a local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-7566, CVE-2015-8767, CVE-2016-0723, CVE-2016-2384, CVE-2016-2782, CVE-2016-3134, CVE-2016-3135
SHA-256 | 707b4c115844dc4faebd1fec2fb66e92b60bc56880df0b10e6b9c05bdd62934a
Ubuntu Security Notice USN-2932-1
Posted Mar 14, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2932-1 - Ben Hawkes discovered that the Linux netfilter implementation did not correctly perform validation when handling IPT_SO_SET_REPLACE events. A local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. It was discovered that the Linux kernel did not properly enforce rlimits for file descriptors sent over UNIX domain sockets. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, unix, ubuntu
advisories | CVE-2013-4312, CVE-2015-7566, CVE-2015-7833, CVE-2015-8767, CVE-2016-0723, CVE-2016-2069, CVE-2016-2384, CVE-2016-2543, CVE-2016-2544, CVE-2016-2545, CVE-2016-2546, CVE-2016-2547, CVE-2016-2548, CVE-2016-2549, CVE-2016-2782, CVE-2016-3134
SHA-256 | 421e9b597b70eb12baf1034ebec4b0f03c77c60ff4b5609c4b1772fba3fc09e2
Ubuntu Security Notice USN-2931-1
Posted Mar 14, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2931-1 - Ben Hawkes discovered that the Linux netfilter implementation did not correctly perform validation when handling IPT_SO_SET_REPLACE events. A local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. It was discovered that the Linux kernel did not properly enforce rlimits for file descriptors sent over UNIX domain sockets. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, unix, ubuntu
advisories | CVE-2013-4312, CVE-2015-8767, CVE-2016-2069, CVE-2016-2384, CVE-2016-2543, CVE-2016-2544, CVE-2016-2545, CVE-2016-2546, CVE-2016-2547, CVE-2016-2548, CVE-2016-2549, CVE-2016-3134
SHA-256 | 6bc8eb0e863f5ff313e1303d61fb180c1611348de244e844ea6a7c11d6d95665
Ubuntu Security Notice USN-2930-1
Posted Mar 14, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2930-1 - Ben Hawkes discovered that the Linux netfilter implementation did not correctly perform validation when handling IPT_SO_SET_REPLACE events. A local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. Ben Hawkes discovered an integer overflow in the Linux netfilter implementation. On systems running 32 bit kernels, a local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-7566, CVE-2015-8767, CVE-2016-0723, CVE-2016-2384, CVE-2016-2782, CVE-2016-3134, CVE-2016-3135
SHA-256 | ed1c28d1f6926b5c4e80d7b1b903f009cbd310cf3df495217bf6754b73d4b552
Ubuntu Security Notice USN-2930-2
Posted Mar 14, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2930-2 - Ben Hawkes discovered that the Linux netfilter implementation did not correctly perform validation when handling IPT_SO_SET_REPLACE events. A local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. Ben Hawkes discovered an integer overflow in the Linux netfilter implementation. On systems running 32 bit kernels, a local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-7566, CVE-2015-8767, CVE-2016-0723, CVE-2016-2384, CVE-2016-2782, CVE-2016-3134, CVE-2016-3135
SHA-256 | 784ffb71077a2e0d18d41c091e7b0b99dbbca2a74a4e518c63a09f12ca39889c
Ubuntu Security Notice USN-2928-1
Posted Mar 14, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2928-1 - Andrey Konovalov discovered that the ALSA USB MIDI driver incorrectly performed a double-free. A local attacker with physical access could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2016-2384
SHA-256 | db84bdcc9caad691623d082ad1ea4b919567f3705dbb31fda1345c4c69a24489
Ubuntu Security Notice USN-2929-2
Posted Mar 14, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2929-2 - Ben Hawkes discovered that the Linux netfilter implementation did not correctly perform validation when handling IPT_SO_SET_REPLACE events. A local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. It was discovered that the Linux kernel did not properly enforce rlimits for file descriptors sent over UNIX domain sockets. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, unix, ubuntu
advisories | CVE-2013-4312, CVE-2015-7566, CVE-2015-7833, CVE-2016-0723, CVE-2016-2384, CVE-2016-2543, CVE-2016-2544, CVE-2016-2545, CVE-2016-2546, CVE-2016-2547, CVE-2016-2548, CVE-2016-2549, CVE-2016-2782, CVE-2016-3134
SHA-256 | bba28e71e6033f96152af947621cf4933d97e21957cc2f1f70e31e20ab20f622
Ubuntu Security Notice USN-2929-1
Posted Mar 14, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2929-1 - Ben Hawkes discovered that the Linux netfilter implementation did not correctly perform validation when handling IPT_SO_SET_REPLACE events. A local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. It was discovered that the Linux kernel did not properly enforce rlimits for file descriptors sent over UNIX domain sockets. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, unix, ubuntu
advisories | CVE-2013-4312, CVE-2015-7566, CVE-2015-7833, CVE-2016-0723, CVE-2016-2384, CVE-2016-2543, CVE-2016-2544, CVE-2016-2545, CVE-2016-2546, CVE-2016-2547, CVE-2016-2548, CVE-2016-2549, CVE-2016-2782, CVE-2016-3134
SHA-256 | 74db26f13d1ccc003a0c966de150041aa382179ecd7ddc90dd8983e9af63a533
Ubuntu Security Notice USN-2928-2
Posted Mar 14, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2928-2 - Andrey Konovalov discovered that the ALSA USB MIDI driver incorrectly performed a double-free. A local attacker with physical access could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2016-2384
SHA-256 | 0548ba874506e42d15a13b5b301f1959e1ec7b5fd2d22c19353fda781c5a77b3
Debian Security Advisory 3503-1
Posted Mar 4, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3503-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service, information leak or data loss.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2013-4312, CVE-2015-7566, CVE-2015-8767, CVE-2015-8785, CVE-2015-8812, CVE-2015-8816, CVE-2015-8830, CVE-2016-0723, CVE-2016-0774, CVE-2016-2069, CVE-2016-2384, CVE-2016-2543, CVE-2016-2544, CVE-2016-2545, CVE-2016-2546, CVE-2016-2547, CVE-2016-2548, CVE-2016-2549, CVE-2016-2550
SHA-256 | 25d671ba26bfc929fa9034f00895f1f88acf0c87420ac9187d367f3130e8b078
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close