CVE-2022-1247

An issue found in linux-kernel that leads to a race condition in roseconnect. The rose driver uses roseneigh-use to represent how many objects are using the roseneigh. When a user wants to delete a roseroute via roseioctl, the rose driver calls rosedelnode and removes neighbours only if their...

CVE-2009-3002

The Linux kernel before 2.6.31-rc7 does not initialize certain data structures within getname functions, which allows local users to read the contents of some kernel memory locations by calling getsockname on 1 an AFAPPLETALK socket, related to the atalkgetname function in net/appletalk/ddp.c; 2 ...

Memory corruption

The Linux kernel before 2.6.31-rc7 does not initialize certain data structures within getname functions, which allows local users to read the contents of some kernel memory locations by calling getsockname on 1 an AFAPPLETALK socket, related to the atalkgetname function in net/appletalk/ddp.c; 2 ...

Debian DSA-1794-1 : linux-2.6 - denial of service/privilege escalation/information leak

Several vulnerabilities have been discovered in the Linux kernel that may lead to denial of service, privilege escalation, or information leak. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-4307 Bryn M. Reeves reported a denial of service in the N...

Linux Kernel af_rose实现整数溢出漏洞

BUGTRAQ ID: 34654 CVECAN ID: CVE-2009-1265 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的sys/net/afrose.c文件中的rosesendmsg函数没有正确地验证报文中的len值。假设len为很大的值，如0xfffffff8，则size就可能会被溢出： size = len + AX25BPQHEADERLEN + AX25MAXHEADERLEN + ROSEMINLEN; 导致生成的缓冲区过小： if skb = sockallocsendskbsk, size, msg-msgflag...