1295 matches found
apr security update
CentOS Errata and Security Advisory CESA-2011:0507 Updated apr packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS...
Moderate: Red Hat Security Advisory: apr security update
Updated apr packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...
kernel: xfs: prevent leaking uninitialized stack memory in FSGEOMETRY_V1
The xfsfsgeometry function in fs/xfs/xfsfsops.c in the Linux kernel before 2.6.38-rc6-git3 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FSGEOMETRYV1 ioctl call...
kernel: xfs: prevent leaking uninitialized stack memory in FSGEOMETRY_V1
The xfsfsgeometry function in fs/xfs/xfsfsops.c in the Linux kernel before 2.6.38-rc6-git3 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FSGEOMETRYV1 ioctl call...
kernel security and bug fix update
2.6.32-71.24.1.el6 - fs Revert 'fs inotify: stop kernel memory leak on file creation failure' Eric Paris 656831 656832 CVE-2010-4250 2.6.32-71.23.1.el6 - x86 Revert 'x86 mtrr: Assume SYSCFGTom2ForceMemTypeWB exists on all future AMD CPUs' Frank Arnold 683813 652208 2.6.32-71.22.1.el6 - rebuild...
CVE-2011-1082
fs/eventpoll.c in the Linux kernel before 2.6.38 places epoll file descriptors within other epoll data structures without properly checking for 1 closed loops or 2 deep chains, which allows local users to cause a denial of service deadlock or stack memory consumption via a crafted application tha...
Code injection
fs/eventpoll.c in the Linux kernel before 2.6.38 places epoll file descriptors within other epoll data structures without properly checking for 1 closed loops or 2 deep chains, which allows local users to cause a denial of service deadlock or stack memory consumption via a crafted application tha...
Ubuntu Update for linux vulnerabilities USN-1090-1
Ubuntu Update for Linux kernel vulnerabilities USN-1090-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN10901.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for linux vulnerabilities USN-1090-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH,...
CVE-2011-0711
The xfsfsgeometry function in fs/xfs/xfsfsops.c in the Linux kernel before 2.6.38-rc6-git3 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FSGEOMETRYV1 ioctl call...
CVE-2011-0719
Samba 3.x before 3.3.15, 3.4.x before 3.4.12, and 3.5.x before 3.5.7 does not perform range checks for file descriptors before use of the FDSET macro, which allows remote attackers to cause a denial of service stack memory corruption, and infinite loop or daemon crash by opening a large number of...
Memory corruption
Samba 3.x before 3.3.15, 3.4.x before 3.4.12, and 3.5.x before 3.5.7 does not perform range checks for file descriptors before use of the FDSET macro, which allows remote attackers to cause a denial of service stack memory corruption, and infinite loop or daemon crash by opening a large number of...
CVE-2011-0719
CVE-2011-0719 affects Samba 3.x before 3.3.15, 3.4.x before 3.4.12, and 3.5.x before 3.5.7. The flaw is missing range checks for file descriptors before use of FD_SET, enabling remote attackers to trigger a denial of service through opening many files, causing stack memory corruption, an infinite...
CVE-2011-0719
Samba 3.x before 3.3.15, 3.4.x before 3.4.12, and 3.5.x before 3.5.7 does not perform range checks for file descriptors before use of the FDSET macro, which allows remote attackers to cause a denial of service stack memory corruption, and infinite loop or daemon crash by opening a large number of...
CVE-2011-0719
Samba 3.x before 3.3.15, 3.4.x before 3.4.12, and 3.5.x before 3.5.7 does not perform range checks for file descriptors before use of the FDSET macro, which allows remote attackers to cause a denial of service stack memory corruption, and infinite loop or daemon crash by opening a large number of...
Ubuntu Update for linux vulnerabilities USN-1072-1
Ubuntu Update for Linux kernel vulnerabilities USN-1072-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN10721.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for linux vulnerabilities USN-1072-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH,...
USN-1072-1: Linux kernel vulnerabilities
Gleb Napatov discovered that KVM did not correctly check certain privileged operations. A local attacker with access to a guest kernel could exploit this to crash the host system, leading to a denial of service. CVE-2010-0435 Dave Chinner discovered that the XFS filesystem did not correctly order...
CVE-2011-0539
The keycertify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7, when generating legacy certificates using the -t command-line option in ssh-keygen, does not initialize the nonce field, which might allow remote attackers to obtain sensitive stack memory contents or make it easier to conduct...
CVE-2011-0539
The keycertify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7, when generating legacy certificates using the -t command-line option in ssh-keygen, does not initialize the nonce field, which might allow remote attackers to obtain sensitive stack memory contents or make it easier to conduct...
CVE-2011-0539
The keycertify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7, when generating legacy certificates using the -t command-line option in ssh-keygen, does not initialize the nonce field, which might allow remote attackers to obtain sensitive stack memory contents or make it easier to conduct...
CVE-2011-0539
The keycertify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7, when generating legacy certificates using the -t command-line option in ssh-keygen, does not initialize the nonce field, which might allow remote attackers to obtain sensitive stack memory contents or make it easier to conduct...