Lonial Con discovered that the netfilter subsystem in the Linux kernel contained a memory leak when handling certain element flush operations. A local attacker could use this to expose sensitive information (kernel memory). Xingyuan Mo discovered that the netfilter subsystem in the Linux kernel did not properly handle inactive elements in its PIPAPO data structure, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Various other issues were also addressed.
9e5eb976874c7a13fcf2a71119849f5abece485528a92084501d9c7e0d3b4529Red Hat Security Advisory 2024-2628-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
34a94982b76fcf3016ad9300e411ab551524f8a6c02eabf3f898b8ddead1ea42Red Hat Security Advisory 2024-2627-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
31e38156376a835ffc709b182640e466f408748254c682079bd97014d15edd09Red Hat Security Advisory 2024-2621-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include information leakage, privilege escalation, and use-after-free vulnerabilities.
c0ab1228ff9631c40f7ba7a67ebe0cb98a66d5194f5937e26da67792d764f154Red Hat Security Advisory 2024-2585-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include a use-after-free vulnerability.
96ca21e4a6fbf36094a1c99d4ceb2665e0649aa6c0b3203d07006f3ecd6f20caRed Hat Security Advisory 2024-2582-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include a use-after-free vulnerability.
cf6e33390d694bb53f2f32d9cb0d66189b0b8ed1a6a942e9a47676d2b3102f56Proof of concept code that demonstrates how the Windows kernel suffers from a privilege escalation vulnerability due to a double-fetch in PspBuildCreateProcessContext that leads to a stack buffer overflow.
0d419f34140c82908299252d3794e80651aedada14ee132d75462cbcf8700e96Proof of concept code that demonstrates how the Windows kernel suffers from a privilege escalation vulnerability due to a double-fetch in NtQueryInformationThread that leads to an arbitrary write.
17303e9dc06042a7d7b761657e3f97ac797834b1b9703bc726107b814b22b014This is the full Windows privilege escalation exploit produced from the blog Exploiting the NT Kernel in 24H2: New Bugs in Old Code and Side Channels Against KASLR.
359dac8448d7ce433fa3541cbb436c20ba5d34c9e0efb99cd95d1c887c779304Red Hat Security Advisory 2024-2394-03 - An update for kernel is now available for Red Hat Enterprise Linux 9. Issues addressed include code execution, double free, integer overflow, memory exhaustion, memory leak, null pointer, out of bounds access, out of bounds read, out of bounds write, privilege escalation, and use-after-free vulnerabilities.
86435dbd1e42e1cb6babcb7c70863a0ed35c27cc178b52ec0cd6a1f94cb358cdUbuntu Security Notice 6743-3 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
2348dfa67ffc549ba9ae3c52fded90704b226cc905290d9d0c8793bb8506cba7Ubuntu Security Notice 6742-2 - Daniele Antonioli discovered that the Secure Simple Pairing and Secure Connections pairing in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials. A physically proximate attacker placed between two Bluetooth devices could use this to subsequently impersonate one of the paired devices. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
186243d4c27faa63ab8d52c327cc0396d841121b76a1d45b444edac2801ebb9aRed Hat Security Advisory 2024-2008-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include null pointer and use-after-free vulnerabilities.
f6604872f9738f90d793a14dc674b87d1138b1ddd1b1eb98840861eb73a98907Red Hat Security Advisory 2024-2006-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include null pointer and use-after-free vulnerabilities.
92b8892766becabc268bb4cead897720601f1c2d2aaa2e4e2cf4014debd0e83eRed Hat Security Advisory 2024-2004-03 - An update for kernel is now available for Red Hat Enterprise Linux 7. Issues addressed include null pointer and use-after-free vulnerabilities.
e2a9e7575ecfd8a0b9813e82fbc8048a14cbca6b30b6e9ce56f005e6994ad8feRed Hat Security Advisory 2024-2003-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Issues addressed include null pointer and use-after-free vulnerabilities.
4804a43ffba4b6317981e06f2ed0609904d5ccecf29eabc8ea285586701fe7f1Ubuntu Security Notice 6743-2 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
ad9c04adbcdee9be436a8df29d9d071201aa865ba8141b9946f2a4e52cb9ffe9Ubuntu Security Notice 6743-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
5e5f229563e3c429730da05f62649d804fe5fcc3df71db82f33e6fe0ba5299c1Ubuntu Security Notice 6742-1 - Daniele Antonioli discovered that the Secure Simple Pairing and Secure Connections pairing in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials. A physically proximate attacker placed between two Bluetooth devices could use this to subsequently impersonate one of the paired devices. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
234102586def229a208c315fa397cd1db7c7bc4c31eab695d1718ef42f88ce93Ubuntu Security Notice 6741-1 - Daniele Antonioli discovered that the Secure Simple Pairing and Secure Connections pairing in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials. A physically proximate attacker placed between two Bluetooth devices could use this to subsequently impersonate one of the paired devices. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
c6b3855c5a30ae98458ae3e5b1858440f9d4c3d136432f67ecdd3beeeb05fc11Ubuntu Security Notice 6740-1 - Wei Chen discovered that a race condition existed in the TIPC protocol implementation in the Linux kernel, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service. It was discovered that the virtio network implementation in the Linux kernel did not properly handle file references in the host, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly expose sensitive information.
444f68d723cc469e212afdb8cada5cf6504c7f71ead1646805559424b443f87eUbuntu Security Notice 6739-1 - It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could use this to cause a denial of service. Wei Chen discovered that a race condition existed in the TIPC protocol implementation in the Linux kernel, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service.
5f4dadac1f0ffbad1948bc44ea21d9526e86681e856c3a3cb7fb406e90965bf4Red Hat Security Advisory 2024-1882-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a use-after-free vulnerability.
9e10ada3ddb528acb9ccbcfdd5961551f172a10a3b49d7e80a65876978d4f1f1Red Hat Security Advisory 2024-1881-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include null pointer and use-after-free vulnerabilities.
acea5cb9cd1b6c350fd4c7a2ed9b9beb19ec417f14f50e1f89fe7aea71333885Red Hat Security Advisory 2024-1877-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include denial of service, information leakage, null pointer, and use-after-free vulnerabilities.
3db2b9f4e0af541aa428e404d176897254826c7b0bc083b76e4ff77025a7d43a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed