Red Hat Security Advisory 2016-2133-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.
37c030bbcf1cd6e45a1b8825b9a5094acebdd82a48b955df8a2df108e41be8e2
Red Hat Security Advisory 2016-2128-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the Linux kernel's keyring handling code: the key_reject_and_link() function could be forced to free an arbitrary memory block. An attacker could use this flaw to trigger a use-after-free condition on the system, potentially allowing for privilege escalation.
064109d1f9097273e59a95ac536bdb2ed8465248b5e65eb33343f64e67309daa
Red Hat Security Advisory 2016-2076-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the Linux kernel's keyring handling code, where in key_reject_and_link() an uninitialized variable would eventually lead to arbitrary free address which could allow attacker to use a use-after-free style attack. This issue was discovered by David Howells.
6bae7f24e59ae8d9804491e44f28a64f6dba1d6ca0ae8933e059b905c9c951b8
Red Hat Security Advisory 2016-2074-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the Linux kernel's keyring handling code, where in key_reject_and_link() an uninitialized variable would eventually lead to arbitrary free address which could allow attacker to use a use-after-free style attack. This issue was discovered by David Howells.
211ff6324147cd5d6e78cc99ed7c543902711980e783ba11bb9ddb0f06682e31
Red Hat Security Advisory 2016-2006-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the Linux kernel's keyring handling code, where in key_reject_and_link() an uninitialized variable would eventually lead to arbitrary free address which could allow attacker to use a use-after-free style attack. A heap-based buffer overflow vulnerability was found in the Linux kernel's hiddev driver. This flaw could allow a local attacker to corrupt kernel memory, possible privilege escalation or crashing the system.
32ce72b5b458c557f4ab3d50ce8702dedabed061461192aef785dc0d826191e4
Red Hat Security Advisory 2016-1657-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the Linux kernel's keyring handling code, where in key_reject_and_link() an uninitialised variable would eventually lead to arbitrary free address which could allow attacker to use a use-after-free style attack. A flaw was found in the way certain interfaces of the Linux kernel's Infiniband subsystem used write() as bi-directional ioctl() replacement, which could lead to insufficient memory security checks when being invoked using the splice() system call. A local unprivileged user on a system with either Infiniband hardware present or RDMA Userspace Connection Manager Access module explicitly loaded, could use this flaw to escalate their privileges on the system.
4043f793bb96834574d7f4614976b19cff587e4500e977d8646b0c4f8fcb4824
Ubuntu Security Notice 3050-1 - Ben Hawkes discovered that the Linux netfilter implementation did not correctly perform validation when handling IPT_SO_SET_REPLACE events. A local unprivileged attacker could use this to cause a denial of service or possibly execute arbitrary code with administrative privileges. Vitaly Kuznetsov discovered that the Linux kernel did not properly suppress hugetlbfs support in X86 paravirtualized guests. An attacker in the guest Various other issues were also addressed.
25d3e707bc3e04dc34cc4046ae0bd60268ea7d5bb3ac12b317f68afd34cc10d8
Ubuntu Security Notice 3051-1 - It was discovered that the keyring implementation in the Linux kernel did not ensure a data structure was initialized before referencing it after a n error condition occurred. A local attacker could use this to cause a denial of service. Kangjie Lu discovered an information leak in the netlink implementation of the Linux kernel. A local attacker could use this to obtain sensitive information from kernel memory. Various other issues were also addressed.
6a2979ef146941bff45ef030836a1ac3c64a52306361f465ba3afdff4daf283a
Ubuntu Security Notice 3057-1 - Ben Hawkes discovered an integer overflow in the Linux netfilter implementation. On systems running 32 bit kernels, a local unprivileged attacker could use this to cause a denial of service or possibly execute arbitrary code with administrative privileges. It was discovered that the keyring implementation in the Linux kernel did not ensure a data structure was initialized before referencing it after an error condition occurred. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
030e1271bb7566a819d82ae5638f21d1a8b8bbeb3b2002fca12d928335283dcb
Ubuntu Security Notice 3056-1 - Ben Hawkes discovered an integer overflow in the Linux netfilter implementation. On systems running 32 bit kernels, a local unprivileged attacker could use this to cause a denial of service or possibly execute arbitrary code with administrative privileges. It was discovered that the keyring implementation in the Linux kernel did not ensure a data structure was initialized before referencing it after an error condition occurred. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
5a5993fff7c587291f866734e6a557eea74f65989a06449853d48bcfa78b8f7d
Ubuntu Security Notice 3054-1 - Ben Hawkes discovered an integer overflow in the Linux netfilter implementation. On systems running 32 bit kernels, a local unprivileged attacker could use this to cause a denial of service or possibly execute arbitrary code with administrative privileges. It was discovered that the keyring implementation in the Linux kernel did not ensure a data structure was initialized before referencing it after an error condition occurred. A local attacker could use this to cause a deni al of service. Various other issues were also addressed.
986a7a499ec97cecc4959f3265ef183088e85d94ade8531bcecc680ad7399f86
Ubuntu Security Notice 3055-1 - Ben Hawkes discovered an integer overflow in the Linux netfilter implementation. On systems running 32 bit kernels, a local unprivileged attacker could use this to cause a denial of service or possibly execute arbitrary code with administrative privileges. It was discovered that the keyring implementation in the Linux kernel did not ensure a data structure was initialized before referencing it after an error condition occurred. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
cf8c4be620feb49866d70f13c5c9925d654ba881ecacc4029183bc41fcb626f0
Ubuntu Security Notice 3053-1 - A missing permission check when settings ACLs was discovered in nfsd. A local user could exploit this flaw to gain access to any file by setting an ACL. It was discovered that the keyring implementation in the Linux kernel did not ensure a data structure was initialized before referencing it after an error condition occurred. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
868205ccfbb5b02685dc08d99775077c773f785d462ef9352d2b3cec71ffebc3
Ubuntu Security Notice 3049-1 - Ben Hawkes discovered that the Linux netfilter implementation did not correctly perform validation when handling IPT_SO_SET_REPLACE events. A local unprivileged attacker could use this to cause a denial of service or possibly execute arbitrary code with administrative privileges. Vitaly Kuznetsov discovered that the Linux kernel did not properly suppress hugetlbfs support in X86 paravirtualized guests. An attacker in the guest Various other issues were also addressed.
2b1009ae36d1ddcfe36aada07f3b8fd8c1364c30c25979dfd492e6fd7e67f232
Ubuntu Security Notice 3052-1 - It was discovered that the keyring implementation in the Linux kernel did not ensure a data structure was initialized before referencing it after an error condition occurred. A local attacker could use this to cause a denial of service. Kangjie Lu discovered an information leak in the netlink implementation o f the Linux kernel. A local attacker could use this to obtain sensitive information from kernel memory. Various other issues were also addressed.
b8de8320f66e8abd1152325a365a4aade72e43e9d61f7e60e750b220bdff2663
Red Hat Security Advisory 2016-1539-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. These updated kernel packages include several security issues and numerous bug fixes, some of which you can see below. Space precludes documenting all of these bug fixes in this advisory.
a0ebfcaea69e03370b97678ac5b2af09385693a06588a694af826744d11bfd62
Red Hat Security Advisory 2016-1532-02 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. A flaw was found in the Linux kernel's keyring handling code, where in key_reject_and_link() an uninitialised variable would eventually lead to arbitrary free address which could allow attacker to use a use-after-free style attack. The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass intended access restrictions and modify the attributes of arbitrary overlay files via a crafted application.
ae0ec067d76f883f07ac5ae1dac7a6ee3601b9b24f9fbd3814d99d690ead6941
Red Hat Security Advisory 2016-1541-03 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. A flaw was found in the Linux kernel's keyring handling code, where in key_reject_and_link() an uninitialised variable would eventually lead to arbitrary free address which could allow attacker to use a use-after-free style attack. The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass intended access restrictions and modify the attributes of arbitrary overlay files via a crafted application.
993b6f46bf8ef0fd9c20f5a4cd5b31000f1cfdfbbebb96d3af8403e94e254c62
Debian Linux Security Advisory 3607-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
0d223b304d17753a1ce52094557c77094582be1a5339c862d34ee91a630a21d9