[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

ALAS-2016-669 ---- kernel perf

ID: oval:org.secpod.oval:def:1600366Date: (C)2016-05-19   (M)2023-12-07
Class: PATCHFamily: unix




When running as a Xen 64-bit PV guest, user mode processes not supposed to be able to access I/O ports may be granted such permission, potentially resulting in one or more of in-guest privilege escalation, guest crashes , or in-guest information leaks. In some cases, the kernel did not correctly fix backward jumps in a new eBPF program, which could allow arbitrary reads. The kernel incorrectly accounted for the number of in-flight fds over a unix domain socket to the original opener of the file descriptor. Another process could arbitrarily deplete the original file opener"s maximum open files resource limit. A resource-exhaustion vulnerability was found in the kernel, where an unprivileged process could allocate and accumulate far more file descriptors than the process#039; limit. A local, unauthenticated user could exploit this flaw by sending file descriptors over a Unix socket and then closing them to keep the process#039; fd count low, thereby creating kernel-memory or file-descriptors exhaustion

Platform:
Amazon Linux AMI
Product:
kernel
perf
Reference:
ALAS-2016-669
CVE-2016-3157
CVE-2016-2847
CVE-2016-2550
CVE-2016-2383
CVE    4
CVE-2016-2383
CVE-2016-2550
CVE-2016-3157
CVE-2016-2847
...
CPE    5
cpe:/o:amazon:linux
cpe:/o:linux:linux_kernel:4.4.8
cpe:/o:linux:linux_kernel:4.5.0:rc7
cpe:/o:linux:linux_kernel
...

© SecPod Technologies