Monthly Archives: February 2017

Full Disclosure

Call for Papers: FIRST Amsterdam Technical Colloquium (TC) April 2017

Posted by Jeff Bollinger on Feb 07

We would like to announce a “Save the Date” and “Call for Speakers” for
the annual FIRST Amsterdam Technical Colloquium (TC). The main event,
hosted by Cisco Systems in Amsterdam, Netherlands will be a plenary
style conference held on the 25th and 26th of April 2017. We are also
offering an optional, free, training on Monday April 24th.

The event website: https://www.first.org/events/colloquia/amsterdam2017

Event…

NVD

CVE-2016-10044

The aio_mount function in fs/aio.c in the Linux kernel before 4.7.7 does not properly restrict execute access, which makes it easier for local users to bypass intended SELinux W^X policy restrictions, and consequently gain privileges, via an io_setup system call.

NVD

CVE-2014-9914

Race condition in the ip4_datagram_release_cb function in net/ipv4/datagram.c in the Linux kernel before 3.15.2 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging incorrect expectations about locking during multithreaded access to internal data structures for IPv4 UDP sockets.