19 matches found
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-408758)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-408758 advisory. In the Linux kernel, the following vulnerability has been resolved: resource: fix regionintersects vs addmemorydrivermanaged On a system with CXL memory, the resourc...
CVE-2024-49878
In the Linux kernel, the following vulnerability has been resolved: resource: fix regionintersects vs addmemorydrivermanaged On a system with CXL memory, the resource tree /proc/iomem related to CXL memory may look like something as follows. 490000000-50fffffff : CXL Window 0 490000000-50fffffff ...
CVE-2024-49878 resource: fix region_intersects() vs add_memory_driver_managed()
In the Linux kernel, the following vulnerability has been resolved: resource: fix regionintersects vs addmemorydrivermanaged On a system with CXL memory, the resource tree /proc/iomem related to CXL memory may look like something as follows. 490000000-50fffffff : CXL Window 0 490000000-50fffffff ...
Improper Access Control
Linux kernel is vulnerable to improper access control. The vulnerability exists because the mm subsystem in the Linux kernel does not properly enforce the CONFIGSTRICTDEVMEM protection mechanism. Local users could read or write to kernel memory locations in the first megabyte and bypass...
CVE-2017-7889
The mm subsystem in the Linux kernel through 4.10.10 does not properly enforce the CONFIGSTRICTDEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte and bypass slab-allocation access restrictions via an application that opens the...
Design/Logic Flaw
The mm subsystem in the Linux kernel through 3.2 does not properly enforce the CONFIGSTRICTDEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte and bypass slab-allocation access restrictions via an application that opens the...
CVE-2017-7889
CVE-2017-7889 affects the Linux kernel mm subsystem (up to 3.2); a local attacker with access to /dev/mem can read/write kernel memory due to CONFIG_STRICT_DEVMEM not being properly enforced in arch/x86/mm/init.c and drivers/char/mem.c. Public details: Debian security advisories show fixes (e.g.,...
CVE-2017-7889
The mm subsystem in the Linux kernel through 3.2 does not properly enforce the CONFIGSTRICTDEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte and bypass slab-allocation access restrictions via an application that opens the...
CVE-2017-7889
The mm subsystem in the Linux kernel through 3.2 does not properly enforce the CONFIGSTRICTDEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte and bypass slab-allocation access restrictions via an application that opens the...
PT-2017-2348 · Linux +5 · Linux Kernel +5
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.3 Description: The issue is related to the mm subsystem in the Linux kernel, which does not properly enforce the CONFIG STRICT DEVMEM protection mechanism. This allows local users to read or write to kernel...
Linux Kernel (x86-64) - Rowhammer Privilege Escalation
Linux Kernel x86-64 - Rowhammer Privilege Escalation Sources: http://googleprojectzero.blogspot.ca/2015/03/exploiting-dram-rowhammer-bug-to-gain.html https://code.google.com/p/google-security-research/issues/detail?id=283 Full PoC:...
Upclient 5.0 b7 Command Line Argument Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7703/info upclient has been reported prone to a buffer overflow vulnerability when handling command line arguments of excessive length. It is possible for a local attacker to seize control of the vulnerable application an...
BubbleMon 1.x Kernel Memory File Descriptor Leakage Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5714/info It has been reported that BubbleMon is vulnerable to a leakage of open file descriptors that may result in unauthorized disclosure of kernel memory. It is allegedly possible for attackers to inherit the open fil...
ASCPU 0.60 Kernel Memory File Descriptor Leakage Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5716/info It has been reported that ascpu is vulnerable to a leakage of open file descriptors that may result in unauthorized disclosure of kernel memory. It is allegedly possible for attackers to inherit the open file...
WMMon 1.0 b2 Memory Character File Open File Descriptor Read Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5718/info It has been reported that wmmon is vulnerable to a leakage of open file descriptors that may result in unauthorized disclosure of kernel memory. It is allegedly possible for attackers to inherit the open file...
Linux Kernel 2.6.x chown() Group Ownership Alteration Exploit
No description provided by source. / $Id: raptorchown.c,v 1.1 2004/12/04 14:44:38 raptor Exp $ raptorchown.c - syschown missing DAC controls on Linux Copyright c 2004 Marco Ivaldi [email protected] Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of file...
autofs default doesn't set nodev in /net
The default configuration for autofs 5 autofs5 in some Linux distributions, such as Red Hat Enterprise Linux RHEL 4 and 5, does not specify the nodev mount option for the -hosts map, which allows local users to access "important devices" by operating a remote NFS server and creating special devic...
CVE-2002-1826
grsecurity 1.9.4 for Linux kernel 2.4.18 allows local users to bypass read-only permissions by using mmap to directly map /dev/mem or /dev/kmem to kernel memory...
CVE-2002-1826
grsecurity 1.9.4 for Linux kernel 2.4.18 allows local users to bypass read-only permissions by using mmap to directly map /dev/mem or /dev/kmem to kernel memory...