Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 07:58:27 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1715349233&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Kernel%20Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2Ffiles%2Ftags%2Fkernel%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1715349233.1338191907.1338191907.1338191907.1%3B%2B__utmz%3D32867617.1338191907.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/113049/USN-1454-1.txt http://packetstormsecurity.org/files/113049/USN-1454-1.txt http://packetstormsecurity.org/files/113049/Ubuntu-Security-Notice-USN-1454-1.html Fri, 25 May 2012 21:02:04 GMT Ubuntu Security Notice 1454-1 - A flaw was found in the Linux's kernels ext4 file system when mounted with a journal. A local, unprivileged user could exploit this flaw to cause a denial of service. http://packetstormsecurity.org/files/113034/USN-1453-1.txt http://packetstormsecurity.org/files/113034/USN-1453-1.txt http://packetstormsecurity.org/files/113034/Ubuntu-Security-Notice-USN-1453-1.html Fri, 25 May 2012 20:08:29 GMT Ubuntu Security Notice 1453-1 - A flaw was found in the Linux's kernels ext4 file system when mounted with a journal. A local, unprivileged user could exploit this flaw to cause a denial of service. A flaw was found in the Linux kernel's KVM (Kernel Virtual Machine) virtual cpu setup. An unprivileged local user could exploit this flaw to crash the system leading to a denial of service. Steve Grubb reported a flaw with Linux fscaps (file system base capabilities) when used to increase the permissions of a process. For application on which fscaps are in use a local attacker can disable address space randomization to make attacking the process with raised privileges easier. Various other issues were also addressed. http://packetstormsecurity.org/files/113033/USN-1452-1.txt http://packetstormsecurity.org/files/113033/USN-1452-1.txt http://packetstormsecurity.org/files/113033/Ubuntu-Security-Notice-USN-1452-1.html Fri, 25 May 2012 20:08:16 GMT Ubuntu Security Notice 1452-1 - A flaw was found in the Linux kernel's KVM (Kernel Virtual Machine) virtual cpu setup. An unprivileged local user could exploit this flaw to crash the system leading to a denial of service. Steve Grubb reported a flaw with Linux fscaps (file system base capabilities) when used to increase the permissions of a process. For application on which fscaps are in use a local attacker can disable address space randomization to make attacking the process with raised privileges easier. Various other issues were also addressed. http://packetstormsecurity.org/files/113019/sa49191.txt http://packetstormsecurity.org/files/113019/sa49191.txt http://packetstormsecurity.org/files/113019/Secunia-Security-Advisory-49191.html Thu, 24 May 2012 02:20:28 GMT Secunia Security Advisory - A vulnerability has been reported in Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service). http://packetstormsecurity.org/files/112911/USN-1448-1.txt http://packetstormsecurity.org/files/112911/USN-1448-1.txt http://packetstormsecurity.org/files/112911/Ubuntu-Security-Notice-USN-1448-1.html Tue, 22 May 2012 00:25:24 GMT Ubuntu Security Notice 1448-1 - A flaw was found in the Linux kernel's KVM (Kernel Virtual Machine) virtual cpu setup. An unprivileged local user could exploit this flaw to crash the system leading to a denial of service. Steve Grubb reported a flaw with Linux fscaps (file system base capabilities) when used to increase the permissions of a process. For application on which fscaps are in use a local attacker can disable address space randomization to make attacking the process with raised privileges easier. Various other issues were also addressed. http://packetstormsecurity.org/files/112903/RHSA-2012-0676-01.txt http://packetstormsecurity.org/files/112903/RHSA-2012-0676-01.txt http://packetstormsecurity.org/files/112903/Red-Hat-Security-Advisory-2012-0676-01.html Tue, 22 May 2012 00:19:59 GMT Red Hat Security Advisory 2012-0676-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for the standard Red Hat Enterprise Linux kernel. A flaw was found in the way the KVM_CREATE_IRQCHIP ioctl was handled. Calling this ioctl when at least one virtual CPU already existed could lead to a NULL pointer dereference later when the VCPU is scheduled to run. A malicious user in the kvm group on the host could use this flaw to crash the host. A flaw was found in the way device memory was handled during guest device removal. Upon successful device removal, memory used by the device was not properly unmapped from the corresponding IOMMU or properly released from the kernel, leading to a memory leak. A malicious user in the kvm group on the host who has the ability to assign a device to a guest could use this flaw to crash the host. http://packetstormsecurity.org/files/112931/sa49149.txt http://packetstormsecurity.org/files/112931/sa49149.txt http://packetstormsecurity.org/files/112931/Secunia-Security-Advisory-49149.html Mon, 21 May 2012 05:56:38 GMT Secunia Security Advisory - A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious people to cause a DoS (Denial of Service). http://packetstormsecurity.org/files/112929/sa49262.txt http://packetstormsecurity.org/files/112929/sa49262.txt http://packetstormsecurity.org/files/112929/Secunia-Security-Advisory-49262.html Mon, 21 May 2012 05:56:32 GMT Secunia Security Advisory - OpenVZ has issued an update for the kernel. This fixes two vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service). http://packetstormsecurity.org/files/112894/sa49187.txt http://packetstormsecurity.org/files/112894/sa49187.txt http://packetstormsecurity.org/files/112894/Secunia-Security-Advisory-49187.html Mon, 21 May 2012 04:17:49 GMT Secunia Security Advisory - A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service). http://packetstormsecurity.org/files/112846/USN-1445-1.txt http://packetstormsecurity.org/files/112846/USN-1445-1.txt http://packetstormsecurity.org/files/112846/Ubuntu-Security-Notice-USN-1445-1.html Fri, 18 May 2012 14:07:47 GMT Ubuntu Security Notice 1445-1 - A flaw was found in the Linux's kernels ext4 file system when mounted with a journal. A local, unprivileged user could exploit this flaw to cause a denial of service. A flaw was found in the Linux kernel's KVM (Kernel Virtual Machine) virtual cpu setup. An unprivileged local user could exploit this flaw to crash the system leading to a denial of service. Steve Grubb reported a flaw with Linux fscaps (file system base capabilities) when used to increase the permissions of a process. For application on which fscaps are in use a local attacker can disable address space randomization to make attacking the process with raised privileges easier. Various other issues were also addressed. http://packetstormsecurity.org/files/112791/PRE-SA-2012-03.txt http://packetstormsecurity.org/files/112791/PRE-SA-2012-03.txt http://packetstormsecurity.org/files/112791/Linux-Kernel-HFS-Plus-Buffer-Overflow.html Wed, 16 May 2012 23:25:02 GMT PRE-CERT Security Advisory - The Linux kernel contains a vulnerability in the driver for HFS plus file systems that may be exploited for code execution or privilege escalation. A specially-crafted HFS plus filesystem can cause a buffer overflow via the memcpy() call of hfs_bnode_read() (in fs/hfsplus/bnode.c). http://packetstormsecurity.org/files/112768/sa49178.txt http://packetstormsecurity.org/files/112768/sa49178.txt http://packetstormsecurity.org/files/112768/Secunia-Security-Advisory-49178.html Wed, 16 May 2012 02:00:44 GMT Secunia Security Advisory - SUSE has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users and malicious, local users in a guest virtual machine to cause a DoS (Denial of Service). http://packetstormsecurity.org/files/112731/RHSA-2012-0670-01.txt http://packetstormsecurity.org/files/112731/RHSA-2012-0670-01.txt http://packetstormsecurity.org/files/112731/Red-Hat-Security-Advisory-2012-0670-01.html Tue, 15 May 2012 21:57:32 GMT Red Hat Security Advisory 2012-0670-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. When a set user ID application is executed, certain personality flags for controlling the application's behavior are cleared. It was found that those flags were not cleared if the application was made privileged via file system capabilities. A local, unprivileged user could use this flaw to change the behavior of such applications, allowing them to bypass intended restrictions. Note that for default installations, no application shipped by Red Hat for Red Hat Enterprise MRG is made privileged via file system capabilities. http://packetstormsecurity.org/files/112730/RHSA-2012-0571-01.txt http://packetstormsecurity.org/files/112730/RHSA-2012-0571-01.txt http://packetstormsecurity.org/files/112730/Red-Hat-Security-Advisory-2012-0571-01.html Tue, 15 May 2012 21:57:17 GMT Red Hat Security Advisory 2012-0571-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's journal_unmap_buffer() function handled buffer head states. On systems that have an ext4 file system with a journal mounted, a local, unprivileged user could use this flaw to cause a denial of service. A flaw was found in the way the KVM_CREATE_IRQCHIP ioctl was handled. Calling this ioctl when at least one virtual CPU already existed could lead to a NULL pointer dereference later when the VCPU is scheduled to run. A local, unprivileged user on a KVM host could use this flaw to crash the host. http://packetstormsecurity.org/files/112629/dsa-2469-1.txt http://packetstormsecurity.org/files/112629/dsa-2469-1.txt http://packetstormsecurity.org/files/112629/Debian-Security-Advisory-2469-1.html Fri, 11 May 2012 15:50:53 GMT Debian Linux Security Advisory 2469-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. http://packetstormsecurity.org/files/112587/CORE-2011-1123.txt http://packetstormsecurity.org/files/112587/CORE-2011-1123.txt http://packetstormsecurity.org/files/112587/Windows-Kernel-ReadLayoutFile-Heap-Overflow.html Thu, 10 May 2012 04:13:47 GMT Core Security Technologies Advisory - There is a bug in the ReadLayoutFile Windows Kernel function that can be leveraged into a local privilege escalation exploit, potentially usable in a client-side attack scenario or after a remote intrusion by other means. http://packetstormsecurity.org/files/112576/video_entropyd-2.0.tgz http://packetstormsecurity.org/files/112576/video_entropyd-2.0.tgz http://packetstormsecurity.org/files/112576/Video-Entropyd-2.0.html Thu, 10 May 2012 03:45:21 GMT video-entropyd is a program to add entropy data from video4linux devices to the kernel random driver. http://packetstormsecurity.org/files/112534/USN-1440-1.txt http://packetstormsecurity.org/files/112534/USN-1440-1.txt http://packetstormsecurity.org/files/112534/Ubuntu-Security-Notice-USN-1440-1.html Wed, 09 May 2012 00:18:13 GMT Ubuntu Security Notice 1440-1 - A flaw was found in the Linux's kernels ext4 file system when mounted with a journal. A local, unprivileged user could exploit this flaw to cause a denial of service. Sasha Levin discovered a flaw in the permission checking for device assignments requested via the kvm ioctl in the Linux kernel. A local user could use this flaw to crash the system causing a denial of service. Various other issues were also addressed. http://packetstormsecurity.org/files/112533/USN-1432-1.txt http://packetstormsecurity.org/files/112533/USN-1432-1.txt http://packetstormsecurity.org/files/112533/Ubuntu-Security-Notice-USN-1432-1.html Wed, 09 May 2012 00:17:44 GMT Ubuntu Security Notice 1432-1 - A flaw was found in the Linux's kernels ext4 file system when mounted with a journal. A local, unprivileged user could exploit this flaw to cause a denial of service. A flaw was discovered in the Linux kernel's cifs file system. An unprivileged local user could exploit this flaw to crash the system leading to a denial of service. A flaw was found in the Linux kernel's ext4 file system when mounting a corrupt filesystem. A user-assisted remote attacker could exploit this flaw to cause a denial of service. Various other issues were also addressed. http://packetstormsecurity.org/files/112528/sa48889.txt http://packetstormsecurity.org/files/112528/sa48889.txt http://packetstormsecurity.org/files/112528/Secunia-Security-Advisory-48889.html Tue, 08 May 2012 04:17:28 GMT Secunia Security Advisory - Ubuntu has issued an update for the kernel. This fixes two vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service). http://packetstormsecurity.org/files/112479/vmware-backdoor.txt http://packetstormsecurity.org/files/112479/vmware-backdoor.txt http://packetstormsecurity.org/files/112479/VMware-Backdoor-Response-Uninitialized-Memory-Potential-VM-Break.html Sun, 06 May 2012 01:39:42 GMT The vulnerability described in this document could hypothetically be exploited by unprivileged code running in a VMware virtual machine (guest) in order to execute code in the host VMX process, thereby breaking out of the virtual machine; however, such exploitation has not been proven. In the event that arbitrary code execution in the VMX process is possible, kernel privileges can be obtained on a Windows host by abusing the VMX process's special access to a VMware driver, meaning the maximum possible impact of this vulnerability is elevation from unprivileged guest code execution to host kernel code execution. http://packetstormsecurity.org/files/112409/win32k-dos.txt http://packetstormsecurity.org/files/112409/win32k-dos.txt http://packetstormsecurity.org/files/112409/Microsoft-Windows-XP-Win32k.sys-Denial-Of-Service.html Wed, 02 May 2012 21:06:58 GMT Microsoft Windows XP Win32k.sys local kernel denial of service exploit. http://packetstormsecurity.org/files/112356/USN-1433-1.txt http://packetstormsecurity.org/files/112356/USN-1433-1.txt http://packetstormsecurity.org/files/112356/Ubuntu-Security-Notice-USN-1433-1.html Tue, 01 May 2012 21:33:57 GMT Ubuntu Security Notice 1433-1 - A flaw was found in the Linux's kernels ext4 file system when mounted with a journal. A local, unprivileged user could exploit this flaw to cause a denial of service. Sasha Levin discovered a flaw in the permission checking for device assignments requested via the kvm ioctl in the Linux kernel. A local user could use this flaw to crash the system causing a denial of service. Various other issues were also addressed. http://packetstormsecurity.org/files/112355/USN-1431-1.txt http://packetstormsecurity.org/files/112355/USN-1431-1.txt http://packetstormsecurity.org/files/112355/Ubuntu-Security-Notice-USN-1431-1.html Tue, 01 May 2012 21:33:44 GMT Ubuntu Security Notice 1431-1 - A flaw was found in the Linux's kernels ext4 file system when mounted with a journal. A local, unprivileged user could exploit this flaw to cause a denial of service. Sasha Levin discovered a flaw in the permission checking for device assignments requested via the kvm ioctl in the Linux kernel. A local user could use this flaw to crash the system causing a denial of service. Various other issues were also addressed. http://packetstormsecurity.org/files/112351/RHSA-2012-0531-01.txt http://packetstormsecurity.org/files/112351/RHSA-2012-0531-01.txt http://packetstormsecurity.org/files/112351/Red-Hat-Security-Advisory-2012-0531-01.html Tue, 01 May 2012 21:32:23 GMT Red Hat Security Advisory 2012-0531-01 - The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. A flaw was found in the way libtasn1 decoded DER data. An attacker could create carefully-crafted DER encoded input that, when parsed by an application that uses libtasn1, could cause the application to crash.