CVE-2018-20669

An issue where a provided address with accessok is not checked was discovered in i915gemexecbuffer2ioctl in drivers/gpu/drm/i915/i915gemexecbuffer.c in the Linux kernel through 4.19.13. A local attacker can craft a malicious IOCTL function call to overwrite arbitrary kernel memory, resulting in a...

CVE-2018-20669

A flaw was found in the Linux kernel where a provided address with accessok is not checked before accessing userspace data in certain situations. Lack of such checks in i915gemexecbuffer2ioctl in drivers/gpu/drm/i915/i915gemexecbuffer.c may allow a local unprivileged attacker to possible escalate...

openSUSE Security Update : the Linux Kernel (openSUSE-2017-891)

The openSUSE Leap 42.2 kernel was updated to 4.4.79 to receive various security and bugfixes. The following security bugs were fixed : - CVE-2017-7542: The ip6find1stfragopt function in net/ipv6/outputcore.c in the Linux kernel allowed local users to cause a denial of service integer overflow and...

Linux Kernel (ARMARM64) - perf_event_open() Arbitrary Memory Read

Linux Kernel ARMARM64 - perfeventopen Arbitrary Memory Read perfeventopen offers to collect various pieces of information when an event occurs, including a user stack backtrace PERFSAMPLECALLCHAIN. To collect a user stack backtrace, the kernel grabs the userland register state if the event occure...

Linux Kernel (ARM/ARM64) - 'perf_event_open()' Arbitrary Memory Read

perfeventopen offers to collect various pieces of information when an event occurs, including a user stack backtrace PERFSAMPLECALLCHAIN. To collect a user stack backtrace, the kernel grabs the userland register state if the event occured in kernelspace: the userland register state that was...

CVE-2010-4258

The doexit function in kernel/exit.c in the Linux kernel before 2.6.36.2 does not properly handle a KERNELDS getfs value, which allows local users to bypass intended accessok restrictions, overwrite arbitrary kernel memory locations, and gain privileges by leveraging a 1 BUG, 2 NULL pointer...

Null pointer dereference

The doexit function in kernel/exit.c in the Linux kernel before 2.6.36.2 does not properly handle a KERNELDS getfs value, which allows local users to bypass intended accessok restrictions, overwrite arbitrary kernel memory locations, and gain privileges by leveraging a 1 BUG, 2 NULL pointer...

CVE-2010-4258

The doexit function in kernel/exit.c in the Linux kernel before 2.6.36.2 does not properly handle a KERNELDS getfs value, which allows local users to bypass intended accessok restrictions, overwrite arbitrary kernel memory locations, and gain privileges by leveraging a 1 BUG, 2 NULL pointer...

Linux Kernel 2.6.37 (RedHat Ubuntu 10.04) - Full-Nelson.c Local Privilege Escalation

Linux Kernel 2.6.37 RedHat Ubuntu 10.04 - Full-Nelson.c Local Privilege Escalation / Linux Kernel = 2.6.37 local privilege escalation by Dan Rosenberg @djrbliss on twitter Usage: gcc full-nelson.c -o full-nelson ./full-nelson This exploit leverages three vulnerabilities to get root, all of which...

Linux kernel 2.6.x do_io_submit()函数整数溢出漏洞

BUGTRAQ ID: 43353 CVECAN ID: CVE-2010-3067 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的fs/aio.c文件中的doiosubmit函数存在整数溢出漏洞，本地用户可以通过iosubmit调用导致拒绝服务。 iosubmit系统调用直接调用了doiosubmit函数： SYSCALLDEFINE3iosubmit, aiocontextt, ctxid, long, nr, struct iocb user user , iocbpp return doiosubmitctxid, nr,...

kernel security update

2.6.18-194.11.4.0.1.el5 - xen check to see if hypervisor supports memory reservation change Chuck Anderson orabug 7556514 - Add entropy support to igb John Sobecki orabug 7607479 - nfs convert ENETUNREACH to ENOTCONN orabug 7689332 - NET Add xen pv/bonding netconsole support Tina Yang orabug...

Ubuntu 5.04 / 5.10 / 6.06 LTS : linux-source-2.6.10/-2.6.12/-2.6.15 vulnerabilities (USN-311-1)

A race condition was discovered in the doaddcounters functions. Processes which do not run with full root privileges, but have the CAPNETADMIN capability can exploit this to crash the machine or read a random piece of kernel memory. In Ubuntu there are no packages that are affected by this, so th...

CVE-2006-2448

Linux kernel before 2.6.16.21 and 2.6.17, when running on PowerPC, does not perform certain required accessok checks, which allows local users to read arbitrary kernel memory on 64-bit systems signal64.c and cause a denial of service crash and possibly read kernel memory on 32-bit systems...

CVE-2006-2448

Concrete details found: CVE-2006-2448 affects the Linux kernel on PowerPC, specifically versions before 2.6.16.21 and 2.6.17. The root cause is missing access_ok checks in PowerPC signal handling (signal_64.c, potentially signal_32.c). Impact as stated: local users could read arbitrary kernel mem...