kernel: netns vs proto registration ordering

net/ipv4/ipgre.c in the Linux kernel before 2.6.34, when ipgre is configured as a module, allows remote attackers to cause a denial of service OOPS by sending a packet during module loading...

RHEL 5 : systemtap (RHSA-2011:1089)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2011:1089 advisory. SystemTap is an instrumentation system for systems running the Linux kernel. The system allows developers to write scripts to collect data on the...

systemtap: signed module loading race condition

The insertmodule function in runtime/staprun/staprunfuncs.c in the systemtap runtime tool staprun in SystemTap before 1.6 does not properly validate a module when loading it, which allows local users to gain privileges via a race condition between the signature validation and the module...

kernel: netns vs proto registration ordering

net/ipv4/ipgre.c in the Linux kernel before 2.6.34, when ipgre is configured as a module, allows remote attackers to cause a denial of service OOPS by sending a packet during module loading...

PT-2012-1535 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.34 Description: The issue affects the tunnels implementation in the Linux kernel, allowing remote attackers to cause a denial of service by sending a packet during module loading when tunnel functionality is...

PT-2012-1534 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.34 Description: The issue affects the Linux kernel, specifically the ip gre module. It allows remote attackers to cause a denial of service by sending a packet during module loading, resulting in an OOPS...

Ubuntu 10.10 : linux vulnerabilities (USN-1160-1)

Dan Rosenberg discovered that IRDA did not correctly check the size of buffers. On non-x86 systems, a local attacker could exploit this to read kernel heap memory, leading to a loss of privacy. CVE-2010-4529 Dan Rosenburg discovered that the CAN subsystem leaked kernel addresses into the /proc...

kernel: CAP_SYS_MODULE bypass via CAP_NET_ADMIN

The devload function in net/core/dev.c in the Linux kernel before 2.6.38 allows local users to bypass an intended CAPSYSMODULE capability requirement and load arbitrary modules by leveraging the CAPNETADMIN capability...

openSUSE Security Update : libltdl-3 (libltdl-3-1638)

libtool: libltdl may load modules from the current working directory. CVE-2009-3736 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update libltdl-3-1638. The text...

dstat security update

0.6.6-3.1 - removed . and ./plugins from module loading path 538469...

blender / gedit / gnumeric / vim / eog python scripts code execution

sys.path variable manipulation is possible to load arbitrary modules...

Important: Red Hat Bug Fix Advisory: dlm-kernel bug fix update

Updated dlm-kernel packages that fix module loading issues and various bugs are now available for Red Hat Enterprise Linux 4 Update 5, kernel release 2.6.9-55.0.6.EL. The dlm-kernel modules allow the Distributed Lock Manager dlm to communicate with the kernel. These updated dlm-kernel packages ar...

CVE-2004-0986

Iptables before 1.2.11, under certain conditions, does not properly load the required modules at system startup, which causes the firewall rules to fail to load and protect the system from remote attackers...

CVE-2004-2686

Directory traversal vulnerability in the vfsgetvfssw function in Solaris 2.6, 7, 8, and 9 allows local users to load arbitrary kernel modules via crafted 1 mount or 2 sysfs system calls. NOTE: this might be the same issue as CVE-2004-1767, but there are insufficient details to be sure...

CVE-2004-0986

The CVE-2004-0986 issue affects iptables before 1.2.11, where under certain conditions the required modules fail to load at system startup, causing firewall rules to not be loaded and leaving the system potentially exposed to remote attackers. Connected advisories (SUSE, Debian DSA-580-1, Ubuntu ...

[SECURITY] [DSA 580-1] New iptables packages fix modprobe failure

-------------------------------------------------------------------------- Debian Security Advisory DSA 580-1 [email protected] http://www.debian.org/security/ Martin Schulze November 1st, 2004 http://www.debian.org/security/faq -...

DSA-580-1 iptables - missing initialisation

Bulletin has no description...

Solaris priocntl exploit

Moderator note: Messages with links to technical details outside of the message are not approved. Because of the potential delay waiting for another submission, the original message has been modified to include the details. Details follow: Solaris's Got Big problem on System Call priocntl...

Solaris priocntl() privelege escalation

During external module loaging path is not checked...

SuSE Security Announcement: modules

-----BEGIN PGP SIGNED MESSAGE----- SuSE Security Announcement Package: modules Announcement-ID: SuSE-SA:2000:44 Date: Monday, November 13th, 2000 10:00 MEST Affected SuSE versions: 6.4, 7.0 Vulnerability Type: local root compromise Severity 1-10: 8 SuSE default package: yes Other affected systems...