52 matches found
SUSE CVE-2004-1235
Race condition in the 1 loadelflibrary and 2 binfmtaout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor...
SUSE CVE-2019-11191
The Linux kernel through 5.0.7, when CONFIGIA32AOUT is enabled and ia32aout is loaded, allows local users to bypass ASLR on setuid a.out programs if any exist because installexeccreds is called too late in loadaoutbinary in fs/binfmtaout.c, and thus the ptracemayaccess check has a race condition...
SUSE CVE-2020-27534
util/binfmtmisc/check.go in Builder in Docker Engine before 19.03.9 calls os.OpenFile with a potentially unsafe qemu-check temporary pathname, constructed with an empty first argument in an ioutil.TempDir call...
PT-2020-16700 · Docker · Docker Engine +1
Name of the Vulnerable Software and Affected Versions: Docker Engine versions prior to 19.03.9 Description: The issue arises from the util/binfmt misc/check.go file in the Builder component of Docker Engine, where it calls os.OpenFile with a potentially unsafe temporary pathname for qemu-check...
kernel: stack disclosure in binfmt_script load_script()
The loadscript function in fs/binfmtscript.c in the Linux kernel before 3.7.2 does not properly handle recursion, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...
PT-2012-5462 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.7.2 Description: The issue concerns the load script function in fs/binfmt script.c, which does not properly handle recursion. This allows local users to obtain sensitive information from kernel stack memory vi...
DSA-1069-1 kernel-source-2.4.18 - several
Bulletin has no description...
security flaw
Race condition in the 1 loadelflibrary and 2 binfmtaout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor...
security flaw
The binfmtelf loader binfmtelf.c in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, may create an interpreter name string that is not NULL terminated, which could cause strings longer than PATHMAX to be used, leading to buffer overflows that allow local users to cause a denial of service...
CVE-2004-1074
The CVE-2004-1074 issue is in the Linux kernel binfmt handling when memory overcommit is enabled. A malformed a.out binary can trigger a local denial of service (kernel oops). The available documents confirm this CVE is referenced in multiple advisories and vulnerability lists, but do not provide...
binfmt_elf.txt
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Synopsis: Linux kernel binfmtelf loader vulnerabilities Product: Linux kernel Version: 2.4 up to to and including 2.4.27, 2.6 up to to and including 2.6.8 Vendor: http://www.kernel.org/ URL: http://isec.pl/vulnerabilities/isec-0017-binfmtelf.txt CVE:...
Linux Kernel (<= 2.4.27 2.6.8) binfmt_elf Executable File Read Exploit
No description provided by source. / binfmtelf executable file read vulnerability gcc -O3 -fomit-frame-pointer elfdump.c -o elfdump Copyright c 2004 iSEC Security Research. All Rights Reserved. THIS PROGRAM IS FOR EDUCATIONAL PURPOSES ONLY IT IS PROVIDED "AS IS" AND WITHOUT ANY WARRANTY. COPYING,...