2019 matches found
CVE-2004-0228
CVE-2004-0228 refers to an integer signedness error in the cpufreq /proc handler (cpufreq_procctl) of the Linux 2.6 kernel, enabling local users to escalate privileges to kernel level. The issue is discussed in multiple advisories (e.g., SUSE, Gentoo GLSA 200407-02, Fedora 2004-111) as part of Li...
Important: Red Hat Security Advisory: kernel security update
Updated kernel packages that address various security vulnerabilities are now available for Red Hat Enterprise Linux. The Linux kernel handles the basic functions of the operating system. Security issues have been found that affect the versions of the Linux kernel shipped with Red Hat Enterprise...
CVE-2003-0501
The /proc filesystem in Linux allows local users to obtain sensitive information by opening various entries in /proc/self before executing a setuid program, which causes the program to fail to change the ownership and permissions of those entries...
CVE-2003-0501
The /proc filesystem in Linux allows local users to obtain sensitive information by opening various entries in /proc/self before executing a setuid program, which causes the program to fail to change the ownership and permissions of those entries...
CVE-2003-0501
The CVE-2003-0501 issue concerns the Linux /proc filesystem allowing a local attacker to read sensitive information by opening entries in /proc/self before a setuid program runs, potentially preventing proper ownership/permission changes. Connected advisories confirm this can be triggered in Linu...
Linux Kernel 2.2.x2.4.x - proc Filesystem Information Disclosure
Linux Kernel 2.2.x2.4.x - proc Filesystem Information Disclosure / source: https://www.securityfocus.com/bid/8002/info A potential information disclosure vulnerability has been reported for the Linux /proc filesystem, specifically when invoking setuid applications. As a result, an unprivileged us...
Linux Kernel 2.2.x/2.4.x - '/proc' Filesystem Information Disclosure
/ source: https://www.securityfocus.com/bid/8002/info A potential information disclosure vulnerability has been reported for the Linux /proc filesystem, specifically when invoking setuid applications. As a result, an unprivileged user may be able to read the contents of a setuid application's...
Linux Kernel 2.2 - mmap() Local Denial of Service
Linux Kernel 2.2 - mmap Local Denial of Service / source: https://www.securityfocus.com/bid/6420/info A denial of service vulnerability has been discovered in the Linux 2.2 kernel. It has been reported that it is possible for an unprivileged user to cause the kernel to stop responding due to a bu...
CVE-2002-1231
SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to cause a denial of service via an rcp call on /proc...
Few bugs in linux kernel
Few bugs in different drivers and in /proc fs...
Linux Kernel 2.2/2.4 - procfs Stream redirection to Process Memory Privilege Escalation
/ source: https://www.securityfocus.com/bid/2937/info The Linux /proc filesystem is a virtual filesystem provided by the Linux Kernel as an interface to some process and system information and parameters. Under certain circumstances, an access validation error may exist in the handling of...
Linux Kernel 2.22.4 - procfs Stream redirection to Process Memory Privilege Escalation
Linux Kernel 2.22.4 - procfs Stream redirection to Process Memory Privilege Escalation / source: https://www.securityfocus.com/bid/2937/info The Linux /proc filesystem is a virtual filesystem provided by the Linux Kernel as an interface to some process and system information and parameters. Under...
CVE-2000-1146
Recourse ManTrap 1.6 allows attackers to cause a denial of service via a sequence of commands that navigate into and out of the /proc/self directory and executing various commands such as ls or pwd...
CVE-2000-0094
The CVE-2000-0094 entry concerns BSD procfs allowing local privilege escalation to root by manipulating the /proc/pid/mem interface through a modified file descriptor for stderr. The vulnerability is rooted in the procfs interface and enables a local attacker to gain full privileges, as described...
CVE-1999-0401
CVE-1999-0401 describes a race condition in Linux kernel 2.2.1 that allows local users to read arbitrary memory from /proc files. The vulnerability arises from a race in the /proc handling in Linux 2.2.1, enabling partial/possible disclosure of memory contents to unprivileged local users. Affecte...
FreeBSD 3.4 / NetBSD 1.4.1 / OpenBSD 2.6 - '/proc' FileSystem
// source: https://www.securityfocus.com/bid/940/info Certain BSD derivative operating systems use an implantation of the /proc filesystem which is vulnerable to attack from malicious local users. This attack will gain the user root access to the host. The proc file system was originally designed...
FreeBSD 3.4 NetBSD 1.4.1 OpenBSD 2.6 - proc FileSystem
FreeBSD 3.4 NetBSD 1.4.1 OpenBSD 2.6 - proc FileSystem // source: https://www.securityfocus.com/bid/940/info Certain BSD derivative operating systems use an implantation of the /proc filesystem which is vulnerable to attack from malicious local users. This attack will gain the user root access to...
linux2.2.1-proc-smp-race-sniffer.txt
Date: Tue, 2 Feb 1999 17:39:13 +0100 From: Andrea Arcangeli To: [email protected] Subject: patch /proc race fixes for 2.2.1 fwd This is a short analysis I've done yesterday about the array.c /proc/pid/... races of Linux-2.2.0 and Linux-2.2.1. These races was leading to very easily reproducible...
PT-2010-5666 · Suse +2 · Suse Linux Enterprise +5
Name of the Vulnerable Software and Affected Versions: SUSE Linux Enterprise versions prior to 2.6.39.4 btrfs-kmp-xen affected versions not specified btrfs-kmp-pae affected versions not specified kernel-desktop-devel affected versions not specified Description: The issue allows local users to...