517 matches found
FireWire IOCTL integer overflow in different BSD-based Unix system
Negative IOCTL paramter value allows read access to kernel memory...
FreeBSD-SA-06:25.kmem
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-06:25.kmem Security Advisory The FreeBSD Project Topic: Kernel memory disclosure in firewire4 Category: core Module: sysdev Announced: 2006-12-06 Credits: Rodrigo...
FreeBSD Security Advisory FreeBSD-SA-06:25.kmem
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-06:25.kmem Security Advisory The FreeBSD Project Topic: Kernel memory disclosure in firewire4 Category: core Module: sysdev Announced: 2006-12-06 Credits: Rodrigo...
FreeBSD -- Kernel memory disclosure in firewire(4)
Problem Description: In the FWGCROM ioctl, a signed integer comparison is used instead of an unsigned integer comparison when computing the length of a buffer to be copied from the kernel into the calling application. Impact: A user in the "operator" group can read the contents of kernel memory...
CVE-2006-6013
Integer signedness error in the fwioctl FWIOCTL function in the FireWire IEEE-1394 drivers dev/firewire/fwdev.c in various BSD kernels, including DragonFlyBSD, FreeBSD 5.5, MidnightBSD 0.1-CURRENT before 20061115, NetBSD-current before 20061116, NetBSD-4 before 20061203, and TrustedBSD, allows...
CVE-2006-6013
Integer signedness error in the fwioctl FWIOCTL function in the FireWire IEEE-1394 drivers dev/firewire/fwdev.c in various BSD kernels, including DragonFlyBSD, FreeBSD 5.5, MidnightBSD 0.1-CURRENT before 20061115, NetBSD-current before 20061116, NetBSD-4 before 20061203, and TrustedBSD, allows...
CVE-2006-6013
The CVE-2006-6013 issue affects the FireWire (IEEE-1394) driver fwdev.c in several BSDs, where in the FW_GCROM ioctl a signed integer comparison is used to compute the length of a buffer copied from kernel memory, effectively enabling a local user to read arbitrary kernel memory contents when cro...
CVE-2006-6013
Integer signedness error in the fwioctl FWIOCTL function in the FireWire IEEE-1394 drivers dev/firewire/fwdev.c in various BSD kernels, including DragonFlyBSD, FreeBSD 5.5, MidnightBSD 0.1-CURRENT before 20061115, NetBSD-current before 20061116, NetBSD-4 before 20061203, and TrustedBSD, allows...
NetBSD all versions FireWire IOCTL kernel integer overflow information disclousure
NetBSD all versions FireWire IOCTL kernel integer overflow information disclousure 11/15/2006 Notice =================== This bug has been specially discovered for the Month of Kernel Bugs and to the Hackers to Hackers Conference III http://www.h2hc.org.br/en/. Summary =================== Firewir...
CVE-2002-1573
CVE-2002-1573 refers to an unspecified vulnerability in the Linux kernel’s pcilynx ieee1394 (pcilynx.c) driver, affected in kernels before 2.4.20 and related to wrap handling. The initial description notes unknown impact and attack vectors; public detail is limited. Public references describe the...
Fedora Core 3 : kernel-2.6.11-1.27_FC3 (2005-392)
Tue May 17 2005 Dave Jones - Remove the unused and outdated Xen patches from the FC3 tree. - Mon May 16 2005 Dave Jones - Rebase to 2.6.11.10, fixing CVE-2005-1264 - Thu May 12 2005 Dave Jones - Rebase to 2.6.11.9, fixing CVE-2005-1263 - Tue May 10 2005 Dave Jones - Fix two bugs in x86-64 page...
CVE-2004-1038
A design error in the IEEE1394 specification allows attackers with physical access to a device to read and write to sensitive memory using a modified FireWire/IEEE 1394 client, thus bypassing intended restrictions that would normally require greater degrees of physical access to exploit. NOTE: th...
CVE-2004-1038
A design error in the IEEE1394 specification allows attackers with physical access to a device to read and write to sensitive memory using a modified FireWire/IEEE 1394 client, thus bypassing intended restrictions that would normally require greater degrees of physical access to exploit. NOTE: th...
CVE-2004-1038
CVE-2004-1038 describes a design error in the IEEE1394 (FireWire) specification that can allow attackers with physical access to read/write sensitive memory via a modified FireWire client, bypassing intended access restrictions. The issue is a local vulnerability in the FireWire stack that could ...
Fedora Core 2 : kernel-2.6.6-1.427 (2004-137)
An updated kernel is available that brings the kernel to the 2.6.7-rc3 base level. This new kernel provides a significant number of bug fixes and improvements for USB, the keyboard/mouse subsystem and the VM. This kernel also fixes the high profile bugs about not working on VIA C3 processors 1206...
CVE-2004-0658
CVE-2004-0658 describes an integer overflow in the hpsb_alloc_packet function of the IEEE 1394 (Firewire) driver (versions 2.4 and 2.6). This vulnerability can allow local users to cause a denial of service (crash) and potentially execute arbitrary code through the functions raw1394_write, state_...
Linux FireWire drivers integer overflow
Integer overflows in different functions...