Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Linux Kernel KVM KVM_ASSIGN_PCI_DEVICE IOCTL Denial of Service Vulnerability
Quote:
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
The vulnerability is caused due to KVM not properly restricting the KVM_ASSIGN_PCI_DEVICE IOCTL, which can be exploited to stop PCI devices from working by sending specially crafted IOCTLs.
Linux Kernel "igmp_heard_query()" Denial of Service Vulnerability
Quote:
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an error within the "igmp_heard_query()" function (net/ipv4/igmp.c) and can be exploited to cause a kernel crash via specially crafted IGMP queries.
Linux Kernel "xfs_acl_from_disk()" Integer Overflow Vulnerability
Quote:
A vulnerability has been reported in the Linux Kernel, which potentially can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to an integer overflow within the "xfs_acl_from_disk()" function (fs/xfs/xfs_acl.c) and can be exploited to corrupt kernel memory.
Successful exploitation requires physical access to systems that automatically mount inserted media devices or that a user is tricked into mounting a malicious filesystem (e.g. USB drives).
Linux Kernel DRM "drm_mode_dirtyfb_ioctl()" Integer Overflow Vulnerability
Quote:
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges.
The vulnerability is caused due to an integer overflow error within the "drm_mode_dirtyfb_ioctl()" function (drivers/gpu/drm/crm_crtc.c) and can be exploited to cause a memory corruption by sending specially crafted IOCTLs.
Linux Kernel KVM "syscall" Emulation Denial of Service Vulnerability
Quote:
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service).
The vulnerability is caused due to KVM not properly handling the "syscall" instruction (opcode 0f05) in certain CPU modes on certain CPU models, which can be exploited to e.g. crash 32bit guest machines and potentially cause 64bit guest machines to behave incorrectly by running a specially crafted executable.
Linux Kernel "/proc/<pid>/mem" Privilege Escalation Vulnerability
Quote:
A vulnerability has been discovered in the Linux Kernel, which can be exploited by malicious, local users to gain escalated privileges.
The vulnerability is caused due to the kernel not properly restricting access to "/proc/<pid>/mem" file, which can be exploited to gain escalated privileges by e.g. writing into the memory of a privileged process.
Linux Kernel "__split_huge_page()" Race Condition Denial of Service Vulnerability
Quote:
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users and malicious, local users in a guest virtual machine cause a DoS (Denial of Service).
The vulnerability is caused due to a race condition when handling PMD table entries after a "bad pmd" occurs and can be exploited to cause a kernel crash.
Linux Kernel "ext4_fill_flex_info()" Denial of Service Vulnerability
Quote:
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
The vulnerability is caused due to an error within the "ext4_fill_flex_info()" function in fs/ext4/super.c when mounting a file system and can be exploited to cause a division by zero.
Linux Kernel NFSv4 Denial of Service Vulnerability
Quote:
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an error when handling certain NFSv4 responses to ACL attribute requests and can be exploited to e.g. cause a crash by connecting to a malicious NFSv4 server.
Linux Kernel Huge Pages Memory Leak Denial of Service Vulnerability
Quote:
A vulnerability has been reported in Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
The vulnerability is caused due to a memory leak within the handling of huge pages and can be exploited to exhaust available memory resulting in various processes being terminated and a kernel panic.
Successful exploitation requires the kernel to be configured with the CONFIG_HUGETLB_PAGE feature.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.