Posted by Ralf Spenneberg on Nov 15
OS-S Security Advisory 2016-22
Local DoS: Linux Kernel EXT4 Memory Corruption / SLAB-Out-of-Bounds Read
Date:
October 31th, 2016
Authors:
Sergej Schumilo, Ralf Spenneberg
CVE:
Not yet assigned
CVSS:
4.9 (AV:L/AC:L/Au:N/C:N/I:N/A:C)
Severity:
Critical
Ease of Exploitation:
Trivial
Vulnerability Type:
Memory Corruption / SLAB-Out-of-Bounds Read
Abstract:
Mounting a crafted EXT4 image read-only leads to a memory corruption and
SLAB-Out-of-Bounds…
Posted by Ralf Spenneberg on Nov 15
OS-S Security Advisory 2016-21
Local DoS: Linux Kernel Nullpointer Dereference via keyctl
Date:
October 31th, 2016
Authors:
Sergej Schumilo, Ralf Spenneberg, Hendrik Schwartke
CVE:
Not yet assigned
CVSS:
4.9 (AV:L/AC:L/Au:N/C:N/I:N/A:C)
Severity:
Potentially critical. If the kernel is compiled with the option
“Panic-On-Oops”, this vulnerability may lead to a kernel panic.
Ease of Exploitation:
Trivial
Vulnerability Type:
Local unprivileged…
Posted by Hector Marco on Nov 15
Hello All,
Affected package
—————-
Cryptsetup <= 2:1
CVE-ID
——
CVE-2016-4484
Description
———–
A vulnerability in Cryptsetup, concretely in the scripts that unlock the
system partition when the partition is ciphered using LUKS (Linux
Unified Key Setup).
This vulnerability allows to obtain a root initramfs shell on affected
systems. The vulnerability is very reliable because it doesn’t depend on
specific systems or…
Posted by Hector Marco-Gisbert on Nov 15
Hello,
We have found that systems that use Dracut instead of initramfs are
also vulnerables (tested on Fedora 24 x86_64).
Regards,
Hector Marco & Ismael Ripoll.
Posted by Berend-Jan Wever on Nov 15
Throughout November, I plan to release details on vulnerabilities I
found in web-browsers which I’ve not released before. This is the
eleventh entry in that series. Unfortunately I won’t be able to publish
everything within one month at the current rate, so I may continue to
publish these through December and January.
The below information is available in more detail on my blog at
http://blog.skylined.nl/20161115001.html.
Follow me on…
Red Hat Enterprise Linux: New devtoolset-6-gcc packages are now available as a part of Red Hat Developer
Toolset 6.0 for Red Hat Enterprise Linux.
Red Hat Enterprise Linux: New devtoolset-6-dwz packages are now available as a part of Red Hat Developer
Toolset 6.0 for Red Hat Enterprise Linux.
Red Hat Enterprise Linux: New devtoolset-6-oprofile packages are now available as a part of Red Hat
Developer Toolset 6.0 for Red Hat Enterprise Linux.
Red Hat Enterprise Linux: Updated rh-java-common packages that fix several bugs and add various
enhancements are now available as a part of Red Hat Software Collections 2.3 for
Red Hat Enterprise Linux.
Red Hat Enterprise Linux: New devtoolset-6-valgrind packages are now available as a part of Red Hat
Developer Toolset 6.0 for Red Hat Enterprise Linux.