Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Linux Kernel FASYNC Use-After-Free Privilege Escalation Vulnerability
Quote:
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to gain escalated privileges.
The vulnerability is caused due to a use-after-free error within the handling of file descriptors with the FASYNC flag set. This can be exploited to e.g. cause a crash or execute arbitrary code with kernel privileges.
Some vulnerabilities have been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges.
The vulnerabilities are caused due to various problems related to "do_mremap()" and "MREMAP_FIXED", which can be exploited to e.g. cause a system crash on certain architectures.
Linux Kernel 64bit Personality Handling Denial of Service
Quote:
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
The vulnerability is caused due to an error when setting the personality of a process, which can be exploited to cause a kernel crash by e.g. executing a 64bit application with a missing ELF interpreter out of a 32bit application and causing a segmentation fault.
Successful exploitation requires a 64bit system and may also require that core dumps are enabled.
Linux Kernel connector Denial of Service Security Issue
Quote:
A security issue has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
The security issue is caused due to an error within the notification code in drivers/connector/connector.c, which can be exploited to trigger an out-of-memory condition.
Linux Kernel KVM "pit_ioport_read()" Denial of Service
Quote:
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users in a KVM guest to cause a DoS (Denial of Service).
The vulnerability is caused due to an error within the "pit_ioport_read()" function in arch/x86/kvm/i8254.c, which can be exploited to e.g. crash the KVM host by reading from the "/dev/port" device in a KVM guest.
Successful exploitation may require root privileges in the KVM guest.
Some vulnerabilities have been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, and potentially gain escalated privileges.
1) A vulnerability is caused due to the "do_pages_move()" function in mm/migrate.c not properly verifying the node values received from userspace, which can be exploited to cause a crash or disclose memory via a specially crafted "move_pages" system call.
2) A vulnerability is caused due to a NULL pointer dereference error within the "wake_futex_pi()" function in kernel/futex.c, which can be exploited to cause a crash and potentially gain escalated privileges.
Some vulnerabilities have been reported in the Linux Kernel, which can be exploited by malicious, local users in a KVM guest to cause a DoS (Denial of Service) and potentially gain escalated privileges.
The vulnerabilities are caused due to KVM's x86 code emulation functionality not properly checking CPL and IOPL privileges, which can be exploited to execute arbitrary code with escalated privileges.
Linux Kernel USB Information Disclosure and Denial of Service
Quote:
A weakness and a vulnerability have been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and disclose potentially sensitive information.
1) The vulnerability is caused due to the "processcompl()" and "processcompl_compat()" functions in drivers/usb/core/devio.c potentially returning kernel memory content to userspace processes, which can be exploited to e.g. disclose potentially sensitive information.
2) The weakness is caused due to a memory leak when handling certain error cases in drivers/usb/core/devio.c, which can be exploited to e.g. cause a DoS due to memory exhaustion.
Note: Successful exploitation requires access to USB userspace devices.
Linux Kernel TCP RTO Calculation Denial of Service
Quote:
A vulnerability has been reported in the Linux kernel, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an error when calculating retransmission timeouts (RTO), which can be exploited to e.g. cause a high CPU and network load on an affected system.
Successful exploitation may require that TCP timestamps are disabled.
The vulnerability is reported in the 2.6.32.x kernel tree.
Linux Kernel hda-intel Driver "azx_position_ok()" Denial of Service
Quote:
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
The vulnerability is caused due to a division by zero within the "azx_position_ok()" function in sound/pci/hda/hda_intel.c, which can be exploited to crash the system.
Note: Successful exploitation may require that the hda-intel driver is used.
The vulnerability is reported in version 2.6.32.7 and 2.6.33-rc6 on a system using the AMD780V chipset. Other versions may also be affected.
Linux Kernel Video Output Status Denial of Service
Quote:
A security issue has been reported in the Linux kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
The security issue is caused due to an error while reading the status of video output devices on certain ThinkPad platforms. This can be exploited to cause a kernel crash by reading data from /proc/acpi/ibm/video.
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an error within the "l2cap_config_rsp()" function in net/bluetooth/l2cap.c, which can be exploited to cause a kernel crash by sending a specially crafted packet.
Linux Kernel r128 NULL Pointer Dereference Vulnerability
Quote:
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or potentially gain escalated privileges.
The vulnerability is caused due an error in several r128 IOCTL handlers and can be exploited to trigger a NULL-pointer dereference via certain IOCTLs.
Linux Kernel "cifs_create()" NULL Pointer Dereference
Quote:
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
The vulnerability is caused due to a NULL-pointer dereference error within the "cifs_create()" function in fs/cifs/dir.c. This can be exploited to cause a crash when a file without an associated "nameidata" structure is created.
The vulnerability is reported in version 2.6.29-rc6 and later.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.