[Forgot Password]
Login  Register Subscribe

24128

 
 

131615

 
 

112965

 
 

909

 
 

87888

 
 

136

Paid content will be excluded from the download.


Download | Alert*
OVAL

DSA-4266-1 linux -- linux

ID: oval:org.secpod.oval:def:603479Date: (C)2018-08-07   (M)2018-09-13
Class: PATCHFamily: unix




Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation or denial of service. CVE-2018-5390 Juha-Matti Tilli discovered that a remote attacker can trigger the worst case code paths for TCP stream reassembly with low rates of specially crafted packets leading to remote denial of service. CVE-2018-13405 Jann Horn discovered that the inode_init_owner function in fs/inode.c in the Linux kernel allows local users to create files with an unintended group ownership allowing attackers to escalate privileges by making a plain file executable and SGID.

Platform:
Debian 9.x
Product:
linux-image-4.9
Reference:
DSA-4266-1
CVE-2018-5390
CVE-2018-13405
CVE    2
CVE-2018-5390
CVE-2018-13405
CPE    6
cpe:/a:linux:linux_image:4.9
cpe:/o:canonical:ubuntu_linux:16.04::~~lts~~~
cpe:/o:canonical:ubuntu_linux:14.04::~~lts~~~
cpe:/o:debian:debian_linux:9.x
...

© SecPod Technologies