PT-2022-34140 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 2.6.35 through 5.10.136 Description: The issue is related to a use-after-free in the ath9k hif usb rx cb function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel...

UVI-2021-1001438 net: fix uninit-value in caif_seqpkt_sendmsg

net: fix uninit-value in caifseqpktsendmsg This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.277 by commit...

UVI-2021-1000540 mld: fix panic in mld_newpack()

mld: fix panic in mldnewpack This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.9 by commit a76fb9ba545289379acf409653ad5f74417be59c, it was...

Linux kernel 'include/linux/init_task.h' denial of service vulnerability

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A security vulnerability exists in the file include/linux/inittask.h in versions of Linux kernel prior to 2.6.35. This vulnerability can be exploited by a local attacker to...

CVE-2010-5328

include/linux/inittask.h in the Linux kernel before 2.6.35 does not prevent signals with a process group ID of zero from reaching the swapper process, which allows local users to cause a denial of service system crash by leveraging access to this process group...

UBUNTU-CVE-2010-5328

include/linux/inittask.h in the Linux kernel before 2.6.35 does not prevent signals with a process group ID of zero from reaching the swapper process, which allows local users to cause a denial of service system crash by leveraging access to this process group...

Linux Kernel 2.6.35 - Network Namespace Remote Denial of Service

Linux Kernel 2.6.35 - Network Namespace Remote Denial of Service source: https://www.securityfocus.com/bid/50938/info The Linux kernel is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause an out-of-memory error in certain linux applications, resulting ...

CVE-2011-3380

Openswan 2.6.29 through 2.6.35 allows remote attackers to cause a denial of service NULL pointer dereference and pluto IKE daemon crash via an ISAKMP message with an invalid KEYLENGTH attribute, which is not properly handled by the error handling function...

CVE-2011-3380

CVE-2011-3380 affects Openswan 2.6.29–2.6.35, allowing remote denial of service via a NULL pointer dereference in the pluto IKE daemon when handling an ISAKMP message with an invalid KEY_LENGTH attribute. The issue arises from improper error handling for that attribute, leading to a crash. Severa...

Linux Kernel SCTP INIT/INIT-ACK块长度远程拒绝服务漏洞

Bugtraq ID: 47308 Linux是一款开放源代码的操作系统。 在计算INIT/INIT-ACK块长度时，代码只计算了参数长度，而没有计算参数的零填充长度，如AUTH HMACS参数和CHUNKS参数。没有计算零填充长度参数可导致内核触发oops。 Linux kernel 2.6.38 Linux kernel 2.6.37 Linux kernel 2.6.37 Linux kernel 2.6.36 Linux kernel 2.6.35 Linux kernel 2.6.35 Linux kernel 2.6.35 Linux kernel 2.6.34 Linux...

kernel: ecryptfs_uid_hash() buffer overflow

Buffer overflow in the ecryptfsuidhash macro in fs/ecryptfs/messaging.c in the eCryptfs subsystem in the Linux kernel before 2.6.35 might allow local users to gain privileges or cause a denial of service system crash via unspecified vectors...

Integer overflow

Integer overflow in the rdscmsgrdmaargs function net/rds/rdma.c in Linux kernel 2.6.35 allows local users to cause a denial of service crash and possibly trigger memory corruption via a crafted Reliable Datagram Sockets RDS request, a different vulnerability than CVE-2010-3865...

GnackTrack R2 - Penetration Testing linux !

"GnackTracksh is a Live and installable Linux distribution designed for Penetration Testing and is based on Ubuntu. Although this sounds like BackTrack, it's most certainly not; it's very similar but based on the much loved GNOME!" This release does NOT contain Nessus pre-installed as the authors...

Linux Kernel "pipe_fcntl()"本地拒绝服务漏洞

BUGTRAQ ID: 45125 CVECAN ID: CVE-2010-4256 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel在实现上存在本地拒绝服务漏洞，本地攻击者可利用此漏洞造成内核崩溃，拒绝服务合法用户。 Linux kernel 2.6.35-rc1 - 2.6.37 厂商补丁： Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.kernel.org/...

PT-2010-4090 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.35 Description: The issue allows local users to overwrite an append-only file. This can be achieved via a BTRFS IOC CLONE or BTRFS IOC CLONE RANGE ioctl call that specifies the append-only file as a donor...

PT-2010-4091 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.35 Description: The issue is related to an integer overflow in the btrfs ioctl clone function, which might allow local users to obtain sensitive information. This can be achieved via a BTRFS IOC CLONE RANGE...

PT-2010-4424 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.35 Description: The issue allows remote authenticated users to read unlinked files or read and overwrite disk blocks that are currently assigned to an active file but were previously assigned to an unlinked...

PT-2010-4056 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.35 Description: A buffer overflow issue exists in the ecryptfs uid hash macro, potentially allowing local users to gain privileges or cause a system crash. The issue is related to the eCryptfs subsystem in t...