Lucene search
SecurityvulnsSECURITYVULNS:DOC:30928HistoryJul 21, 2014 - 12:00 a.m.
[oss-security] CVE-2014-4943: Linux privilege escalation in ppp over l2tp sockets
2014-07-2100:00:00
vulners.com
40
CVE-2014-4943 is a flaw in the Linux kernel allowing an unprivileged user
to escalate to kernel privilege when CONFIG_PPPOL2TP is enabled. If built
as a module, a work-around to limit this to just the root user would be
to add this to /etc/modprobe.conf:
alias pppox-proto-1 off
blacklist l2tp_ppp
Upstream commit:
https://git.kernel.org/linus/3cf521f7dc87c031617fd47e4b7aa2593c2f3daf
-Kees
– Kees Cook @outflux.net
Related
prion
prion
Design/Logic Flaw
2014-07-19 19:55:00
canvas
canvas
Immunity Canvas: LINUX_PPPOL2TP
2014-07-19 19:55:00
cve
cve
CVE-2014-4943
2014-07-19 19:55:00
debiancve
debiancve
CVE-2014-4943
2014-07-19 19:55:00
ubuntucve
ubuntucve
CVE-2014-4943
2014-07-16 00:00:00
zdt
zdt
Linux Kernel PPP-over-L2TP Socket Level Handling - Crash PoC
2015-03-05 00:00:00
f5
f5
K15482 : Linux kernel vulnerability CVE-2014-4943
2014-08-05 00:00:00
SOL15482 - Linux kernel vulnerability CVE-2014-4943
2014-08-05 00:00:00
exploitpack
exploitpack
Linux Kernel 3.15.6 - PPP-over-L2TP Socket Level Handling Crash (PoC)
2015-03-04 00:00:00
nessus
nessus
Fedora 20 : kernel-3.15.6-200.fc20 (2014-8519)
2014-07-21 00:00:00
RHEL 6 : kernel (RHSA-2014:1025)
2014-11-11 00:00:00
Oracle Linux 7 : kernel (ELSA-2014-0923)
2014-07-24 00:00:00
exploitdb
exploitdb
Linux x86 - Socket Re-use Shellcode 50 bytes
2014-07-14 00:00:00
Linux Kernel 3.15.6 - PPP-over-L2TP Socket Level Handling Crash (PoC)
2015-03-04 00:00:00
redhat
redhat
(RHSA-2014:1025) Important: kernel security and bug fix update
2014-08-06 00:00:00
(RHSA-2014:0924) Important: kernel security update
2014-07-23 00:00:00
(RHSA-2014:0925) Important: kernel security update
2014-07-23 00:00:00
openvas
openvas
RedHat Update for kernel RHSA-2014:0923-01
2014-07-28 00:00:00
Oracle Linux Local Check: ELSA-2014-0924
2015-10-06 00:00:00
Oracle Linux Local Check: ELSA-2014-0923
2015-10-06 00:00:00
oraclelinux
oraclelinux
kernel security update
2014-07-23 00:00:00
unbreakable enterprise kernel security update
2014-07-18 00:00:00
kernel security update
2014-07-23 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2014-07-16 00:00:00
Linux kernel vulnerabilities
2014-07-16 00:00:00
Linux kernel (EC2) vulnerabilities
2014-07-16 00:00:00
centos
centos
kernel, perf, python security update
2014-07-25 12:19:52
kernel, perf, python security update
2014-07-25 13:22:28
osv
osv
linux - security update
2014-07-29 00:00:00
linux-2.6 - security update
2014-12-09 00:00:00
debian
debian
[SECURITY] [DSA 2992-1] linux security update
2014-07-29 06:42:00
[SECURITY] [DSA 2992-1] linux security update
2014-07-29 06:42:00
[SECURITY] [DLA 103-1] linux-2.6 security update
2014-12-09 01:05:55
kitploit
kitploit
Tails 1.1.1 - The Amnesic Incognito Live System
2014-09-09 02:58:00
securityvulns
securityvulns
[USN-2289-1] Linux kernel vulnerabilities
2014-07-21 00:00:00
Linux kernel multiple security vulnerabilities
2014-07-21 00:00:00
suse
suse
Security update for Linux kernel (important)
2014-10-22 21:04:47
Security update for Linux kernel (important)
2014-10-23 01:08:35
Security update for the Linux Kernel (important)
2014-09-16 19:04:20
fedora
fedora
[SECURITY] Fedora 20 Update: kernel-3.15.6-200.fc20
2014-07-20 03:26:08
[SECURITY] Fedora 20 Update: kernel-3.15.7-200.fc20
2014-08-01 06:02:53
[SECURITY] Fedora 20 Update: kernel-3.15.10-201.fc20
2014-08-30 03:58:11
Related for SECURITYVULNS:DOC:30928