CVE-2016-9637 Red Hat Update for Xen Security (RHSA-2016:2963)

漏洞类别:RedHat

漏洞等级:

漏洞信息

Xen is a virtual machine monitor

An out of bounds array access issue was found in the Xen virtual machine monitor, built with the QEMU ioport support. It could occur while doing ioport read/write operations, if guest was to supply a 32bit address parameter. A privileged guest user/process could use this flaw to potentially escalate their privileges on a host. (CVE-2016-9637)

漏洞危害

A privileged guest user/process could use this flaw to potentially escalate their privileges on a host.

解决方案

Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

Refer to Red Hat security advisory RHSA-2016:2963 to address this issue and obtain more information.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

RHSA-2016:2963: Red Hat Enterprise Linux

0day

CVE-2016-7117 Red Hat Update for Kernel Security (RHSA-2016:2962)

漏洞类别:RedHat

漏洞等级:

漏洞信息

The kernel packages contain the Linux kernel, the core of any Linux operating system.

A use-after-free vulnerability was found in the kernels socket recvmmsg subsystem. This may allows remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function. (CVE-2016-7117, Important)

漏洞危害

On successful exploitation it allows remote attackers to corrupt memory and may allow execution of arbitrary code.

解决方案

Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

Refer to Red Hat security advisory RHSA-2016:2962 to address this issue and obtain more information.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

RHSA-2016:2962: Red Hat Enterprise Linux

上一篇:CVE-2016-9579

0day

CVE-2016-9636 Oracle Enterprise Linux Security Update for gstreamer-plugins-good (ELSA-2016-2975)

漏洞类别:OEL

漏洞等级:

漏洞信息

Oracle Enterprise Linux has released security update for gstreamer-plugins-good to fix the vulnerabilities.

Affected Products:
Oracle Linux 6

漏洞危害

Successful exploitation of the vulnerabilities may allow an remote attacker to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application.

解决方案

To resolve this issue, upgrade to the latest packages which contain a patch. Refer to Oracle Enterprise Linux advisoryOracle Linux 6 for updates and patch information.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

ELSA-2016-2975: Oracle Linux 6

0day

CVE-2016-9445Oracle Enterprise Linux Security Update for gstreamer-plugins-bad-free (ELSA-2016-2974)

漏洞类别:OEL

漏洞等级:

漏洞信息

Oracle Enterprise Linux has released security update for gstreamer-plugins-bad-free to fix the vulnerabilities.

Affected Products:
Oracle Linux 6

漏洞危害

Sucessful exploitation may cause information leakage.

解决方案

To resolve this issue, upgrade to the latest packages which contain a patch. Refer to Oracle Enterprise Linux advisoryOracle Linux 6 for updates and patch information.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

ELSA-2016-2974: Oracle Linux 6

0day

CVE-2016-9899 Oracle Enterprise Linux Security Update for thunderbird (ELSA-2016-2973)

漏洞类别:OEL

漏洞等级:

漏洞信息

Oracle Enterprise Linux has released security update for thunderbird to fix the vulnerabilities.

Affected Products:
Oracle Linux 7
Oracle Linux 6

漏洞危害

Successful exploitation allows attacker to compromise the system.

解决方案

To resolve this issue, upgrade to the latest packages which contain a patch. Refer to Oracle Enterprise Linux advisoryOracle Linux 7 Oracle Linux 6 for updates and patch information.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

ELSA-2016-2973: Oracle Linux 7

ELSA-2016-2973: Oracle Linux 6

0day

CVE-2016-1248 Oracle Enterprise Linux Security Update for vim (ELSA-2016-2972)

漏洞类别:OEL

漏洞等级:

漏洞信息

Oracle Enterprise Linux has released security update for vim to fix the vulnerabilities.

Affected Products:
Oracle Linux 7
Oracle Linux 6

漏洞危害

Successful exploitation may lead to the execution of arbitrary code

解决方案

To resolve this issue, upgrade to the latest packages which contain a patch. Refer to Oracle Enterprise Linux advisoryOracle Linux 7 Oracle Linux 6 for updates and patch information.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

ELSA-2016-2972: Oracle Linux 7

ELSA-2016-2972: Oracle Linux 6

0day

CVE-2016-9637 Oracle Enterprise Linux Security Update for xen (ELSA-2016-2963)

漏洞类别:OEL

漏洞等级:

漏洞信息

Oracle Enterprise Linux has released security update for xen to fix the vulnerabilities.

Affected Products:
Oracle Linux 5

漏洞危害

A privileged guest user/process could use this flaw to potentially escalate their privileges on a host.

解决方案

To resolve this issue, upgrade to the latest packages which contain a patch. Refer to Oracle Enterprise Linux advisoryOracle Linux 5 for updates and patch information.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

ELSA-2016-2963: Oracle Linux 5

0day

CVE-2016-7117 Oracle Enterprise Linux Security Update for (ELSA-2016-2962-1)

漏洞类别:OEL

漏洞等级:

漏洞信息

Oracle Enterprise Linux has released security update for elsa-2016-2962-1 important: oracle linux 5 kernel to fix the vulnerabilities.

Affected Products:
Oracle Linux 5

漏洞危害

On successful exploitation it allows remote attackers to corrupt memory and may allow execution of arbitrary code.

解决方案

To resolve this issue, upgrade to the latest packages which contain a patch. Refer to Oracle Enterprise Linux advisoryOracle Linux 5 for updates and patch information.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

ELSA-2016-2962: Oracle Linux 5

ELSA-2016-2962

0day

CVE-2016-3710 CentOS Security Update for kvm (CESA-2016:1943)

漏洞类别:CentOS

漏洞等级:

漏洞信息

CentOS has released security update for kvm to fix the vulnerabilities.

Affected Products:

centos 5

漏洞危害

Successful exploitation allows attacker to compromise the system.

解决方案

To resolve this issue, upgrade to the latest packages which contain a patch. Refer to CentOS advisory centos 5 for updates and patch information.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

CESA-2016:1943: centos 5

0day

Adobe Animate Memory Corruption Vulnerability (APSB16-38)

漏洞类别:Local

漏洞等级:

漏洞信息

Design interactive animations with cutting-edge drawing tools and publish them to multiple platforms with Adobe Animate.

This update resolves a critical memory corruption vulnerability (CVE-2016-7866).

Affected Version
Adobe Animate 15.2.1.95 and earlier versions

漏洞危害

On successful exploitation an attacker can gain access of memory to perform malicious activity.

解决方案

Vendor has release update to address this vulnerability. Refer to APSB16-38

Patch:
Following are links for downloading patches to fix the vulnerabilities:

APSB16-38: Windows

APSB16-38: MAC OS X

0day

CVE-2016-7887 Adobe ColdFusion Builder Information Disclosure Vulnerability (APSB16-44)

漏洞类别:Local

漏洞等级:

漏洞信息

Adobe ColdFusion Builder an IDE that can be used to build applications for ColdFusion.

Adobe ColdFusion Builder is exposed to a information disclosure vulnerability (CVE-2016-7887).

Affected Products:
Adobe ColdFusion Builder 2016 Update 2 and earlier versions.
Adobe ColdFusion Builder 3.0.3 and earlier versions.

漏洞危害

Successfully exploiting this vulnerability might allow an attacker to get system sensitive information.

解决方案

Vendor has released updated versions of software to fix this vulnerability. Further more information can be obtained fromAPSB16-44

Patch:
Following are links for downloading patches to fix the vulnerabilities:

APSB16-44

0day

CVE-2016-6213 Ubuntu Security Notification for Linux Vulnerabilities (USN-3162-1)

漏洞类别:Ubuntu

漏洞等级:

漏洞信息

It was discovered that shared bind mounts in a mount namespace exponentially added entries without restriction to the Linux kernel’s mount table.

It was discovered that the KVM implementation for x86/x86_64 in the Linux kernel could dereference a null pointer.

It was discovered that the IP over IEEE 1394 (FireWire) implementation in the Linux kernel contained a buffer overflow when handling fragmented packets.

It was discovered that the TCP implementation in the Linux kernel mishandles socket buffer (skb) truncation.

It was discovered that the keyring implementation in the Linux kernel improperly handled crypto registration in conjunction with successful key- type registration.

It was discovered that the SCTP implementation in the Linux kernel improperly handled validation of incoming data.

漏洞危害

A local attacker could use this to cause a denial of service (system crash). (CVE-2016-6213)

An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the KVM host. (CVE-2016-8630)

A remote attacker could use this to possibly execute arbitrary code with administrative privileges. (CVE-2016-8633)

A local attacker could use this to cause a denial of service (system crash). (CVE-2016-8645)

A local attacker could use this to cause a denial of service (system crash). (CVE-2016-9313)

A remote attacker could use this to cause a denial of service (system crash). (CVE-2016-9555)

0day

CVE-2015-8964 Ubuntu Security Notification for Linux Vulnerabilities (USN-3161-1)

漏洞类别:Ubuntu

漏洞等级:

漏洞信息

A use-after-free condition in the TTY implementation in the Linux kernel.

It was discovered that the Video For Linux Two (v4l2) implementation in the Linux kernel did not properly handle multiple planes when processing a VIDIOC_DQBUF ioctl().

It was discovered that shared bind mounts in a mount namespace exponentially added entries without restriction to the Linux kernel’s mount table.

It was discovered that the KVM implementation for x86/x86_64 in the Linux kernel could dereference a null pointer.

It was discovered that the IP over IEEE 1394 (FireWire) implementation in the Linux kernel contained a buffer overflow when handling fragmented packets.

It was discovered that the TCP implementation in the Linux kernel mishandles socket buffer (skb) truncation.

It was discovered that the SCTP implementation in the Linux kernel improperly handled validation of incoming data.

漏洞危害

A local attacker could use this to expose sensitive information (kernel memory). (CVE-2015-8964)

A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2016-4568)

A local attacker could use this to cause a denial of service (system crash). (CVE-2016-6213)

An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the KVM host. (CVE-2016-8630)

A remote attacker could use this to possibly execute arbitrary code with administrative privileges. (CVE-2016-8633)

A local attacker could use this to cause a denial of service (system crash). (CVE-2016-8645)

A remote attacker could use this to cause a denial of service (system crash). (CVE-2016-9555)

0day

CVE-2016-6213 Ubuntu Security Notification for Linux Vulnerabilities (USN-3160-1)

漏洞类别:Ubuntu

漏洞等级:

漏洞信息

It was discovered that shared bind mounts in a mount namespace exponentially added entries without restriction to the Linux kernel’s mount table.

It was discovered that a race condition existed in the procfs environ_read function in the Linux kernel, leading to an integer underflow.

漏洞危害

A local attacker could use this to cause a denial of service (system crash). (CVE-2016-6213)

A local attacker could use this to expose sensitive information (kernel memory). (CVE-2016-7916)

0day

CVE-2016-7916 Ubuntu Security Notification for Linux Vulnerability (USN-3159-1)

漏洞类别:Ubuntu

漏洞等级:

漏洞信息

It was discovered that a race condition existed in the procfs environ_read function in the Linux kernel, leading to an integer underflow.

漏洞危害

A local attacker could use this to expose sensitive information (kernel memory).

0day

Debian Security Update for php-ssh2 (DSA 3732-2)

漏洞类别:Debian

漏洞等级:

漏洞信息

Debian has released security update for php-ssh2 to fix the vulnerabilities.

漏洞危害

If only DSA-3732-1 is installed, it can cause segfaults in php-ssh2.

解决方案

Refer to Debian security advisory DSA 3732-2 to address this issue and obtain further details.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

DSA 3732-2: Debian

0day

CVE-2016-2123 Ubuntu Security Notification for Samba Vulnerabilities (USN-3158

漏洞类别:Ubuntu

漏洞等级:

漏洞信息

It was discovered that the ndr_pull_dnsp_nam function in Samba contained an integer overflow.

It was discovered that Samba clients always requested a forwardable ticket when using Kerberos authentication.

It was discovered that Kerberos PAC validation implementation in Samba contained multiple vulnerabilities.

漏洞危害

An authenticated attacker could use this to gain administrative privileges. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 16.10. (CVE-2016-2123)

An attacker could use this to impersonate an authenticated user or service. (CVE-2016-2125)

An authenticated attacker could use this to cause a denial of service or gain administrative privileges. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 16.10. (CVE-2016-2126)

0day

CVE-2016-9964 Debian Security Update for python-bottle (DSA 3743-1)

漏洞类别:Debian

漏洞等级:

漏洞信息

Debian has released security update for python-bottle to fix the vulnerabilities.

漏洞危害

Successful exploitation can allowe an attacker to perform CRLF attacks such as HTTP header injection.

解决方案

Refer to Debian security advisory DSA 3743-1 to address this issue and obtain further details.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

DSA 3743-1: Debian

0day

CVE-2016-9956 Debian Security Update for flightgear (DSA 3742-1)

漏洞类别:Debian

漏洞等级:

漏洞信息

Debian has released security update for flightgear to fix the vulnerabilities.

漏洞危害

Successful exploitation of the vulnerabilities can allow a malicious script to overwrite arbitrary files with the privileges of the user running Flight Gear.

解决方案

Refer to Debian security advisory DSA 3742-1 to address this issue and obtain further details.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

DSA 3742-1: Debian

0day

CVE-2016-1254 Debian Security Update for tor (DSA 3741-1)

漏洞类别:Debian

漏洞等级:

漏洞信息

Debian has released security update for tor to fix the vulnerabilities.

漏洞危害

Sucessful exploitation of the vulnerability may cause a Denial of Service.

解决方案

Refer to Debian security advisory DSA 3741-1 to address this issue and obtain further details.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

DSA 3741-1: Debian

0day