Download
| Alert*
oval:org.secpod.oval:def:1600346
Perception Point Research identified a use-after-free vulnerability, representing a local privilege escalation vulnerability in the Linux kernel. Their post contains a detailed analysis of the bug.kernel-4.1.13-19.30.amzn1 and earlier versions are impacted. oval:org.secpod.oval:def:110082 The kernel meta package oval:org.secpod.oval:def:400704 The SUSE Linux Enterprise 12 SP1 kernel was updated to receive a security fix. Following security bug was fixed: - A reference leak in keyring handling with join_session_keyring could lead to local attackers gain root privileges. . oval:org.secpod.oval:def:1501311 The join_session_keyring function in security/keys/process_keys.c in the Linux kernel mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and use-after-free) via crafted keyctl commands. oval:org.secpod.oval:def:1501316 The join_session_keyring function in security/keys/process_keys.c in the Linux kernel mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and use-after-free) via crafted keyctl commands. oval:org.secpod.oval:def:1501314 The join_session_keyring function in security/keys/process_keys.c in the Linux kernel mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and use-after-free) via crafted keyctl commands. oval:org.secpod.oval:def:1501318 Several flaws were found in the way the Linux kernel's networking implementation handled UDP packets with incorrect checksum values. A remote attacker could potentially use these flaws to trigger an infinite loop in the kernel, resulting in a denial of service on the system, or cause a denial of ser ... oval:org.secpod.oval:def:1501319 The join_session_keyring function in security/keys/process_keys.c in the Linux kernel mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and use-after-free) via crafted keyctl commands. oval:org.secpod.oval:def:110113 The kernel meta package oval:org.secpod.oval:def:702939 linux-raspi2: Linux kernel for Raspberry Pi 2 The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:52674 linux-lts-utopic: Linux hardware enablement kernel from Utopic The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:702938 linux-lts-vivid: Linux hardware enablement kernel from Vivid The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:52676 linux: Linux kernel The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:400678 The SUSE Linux Enterprise 12 kernel was updated to receive a security fix. Following security bug was fixed: - A reference leak in keyring handling with join_session_keyring could lead to local attackers gain root privileges. . oval:org.secpod.oval:def:702936 linux: Linux kernel The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:52675 linux-lts-wily: Linux hardware enablement kernel from Wily The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:203832 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A use-after-free flaw was found in the way the Linux kernel"s key management subsystem handled keyring object reference counting in certain error path of the join_session_keyring function. A local, unprivileged u ... oval:org.secpod.oval:def:501754 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A use-after-free flaw was found in the way the Linux kernel"s key management subsystem handled keyring object reference counting in certain error path of the join_session_keyring function. A local, unprivileged u ... oval:org.secpod.oval:def:52678 linux-lts-vivid: Linux hardware enablement kernel from Vivid The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:702931 linux-lts-utopic: Linux hardware enablement kernel from Utopic The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:602340 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation or denial-of-service. CVE-2013-4312 Tetsuo Handa discovered that it is possible for a process to open far more files than the process" limit leading to denial-of-service conditions. CVE-2015-7566 ... oval:org.secpod.oval:def:702935 linux-lts-wily: Linux hardware enablement kernel from Wily The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:702934 linux-lts-trusty: Linux hardware enablement kernel from Trusty The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:702933 linux: Linux kernel The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:702932 linux: Linux kernel The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:1501326 A use-after-free flaw was found in the way the Linux kernel's key management subsystem handled keyring object reference counting in certain error path of the join_session_keyring() function. A local, unprivileged user could use this flaw to escalate their privileges on the system. |