A flaw was found in the way PTRACE_TRACEME functionality was handled in the Linux kernel. The kernel's implementation of ptrace can inadvertently grant elevated permissions to an attacker who can then abuse the relationship between the tracer and the process being traced. This flaw could allow a local, unprivileged user to increase their privileges on the system or cause a denial of service.
Tag: Linux
ASA-2019-00384 – London Trust Media Private Internet Access: Argument Injection
A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v82 for Linux could allow an authenticated, local attacker to run arbitrary code with elevated privileges.
ASA-2019-00379 – London Trust Media Private Internet Access: Arbitrary File Overwrite
A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v82 for Linux and macOS could allow an authenticated, local attacker to overwrite arbitrary files.
ASA-2019-00367 – Linux kernel: Excessive resource consumption for TCP connections with low MSS allows remote denial of service
An excessive resource consumption flaw was found in the way the Linux kernel's networking subsystem processed TCP segments. If the Maximum Segment Size (MSS) of a TCP connection was set to low values, such as 48 bytes, it can leave as little as 8 bytes for the user data, which significantly increases the Linux kernel's resource (CPU, Memory, and Bandwidth) utilization. A remote attacker could use this flaw to cause a denial of service (DoS) by repeatedly sending network traffic on a TCP connection with low TCP MSS.
ASA-2019-00366 – Linux kernel: Excessive resource consumption while processing SACK blocks allows remote denial of service
An excessive resource consumption flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment (SACK) segments. While processing SACK segments, the Linux kernel's socket buffer (SKB) data structure becomes fragmented, which leads to increased resource utilization to traverse and process these fragments as further SACK segments are received on the same TCP connection. A remote attacker could use this flaw to cause a denial of service (DoS) by sending a crafted sequence of SACK segments on a TCP connection.