An Integer overflow vulnerability has been disclosed by Qualys Research Labs. The vulnerability is assigned CVE-2018-14634. The issue affects kernels with commit b6a2fea39318 without da029c11e6b1. Red Hat Enterprise Linux and CentOS are vulnerable. Upon successful exploitation a local attacker can gain root privileges on the target machine. A PoC is available online. Red Hat has addressed this … Continue reading “Integer Overflow in create_elf_tables() : CVE–2018-14634”
Tag: Ubuntu
Orpheus’ Lyre Vulnerability
The Orpheus’ lyre is a critical vulnerability in the implementation of the Kerberos protocol. The name has its roots in the Greek mythology where Orpheus plays his lyre to put Cerberus to sleep. Cerberus is the three headed dog the guards the entrance to the Underworld. Kerberos is named after Cerberus. Kerberos is heavily used by MS … Continue reading “Orpheus’ Lyre Vulnerability”