9 matches found
SUSE CVE-2010-1083
The processcomplcompat function in drivers/usb/core/devio.c in Linux kernel 2.6.x through 2.6.32, and possibly other versions, does not clear the transfer buffer before returning to userspace when a USB command fails, which might make it easier for physically proximate attackers to obtain sensiti...
CentOS 5 : kernel (CESA-2010:0723)
Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...
VMSA-2011-0012 : VMware ESXi and ESX updates to third-party libraries and ESX Service Console
a. ESX third-party update for Service Console kernel This update takes the console OS kernel package to kernel-2.6.18-238.9.1 which resolves multiple security issues. The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the names CVE-2010-1083, CVE-2010-2492, CVE-2010-2798,...
VMSA-2011-0012:VMware ESXi and ESX updates to third party libraries and ESX Service Console
VMSA-2011-0012.3 VMware ESX third party updates for Service Console packages glibc and dhcp VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2011-0012.3 VMware Security Advisory Synopsis: VMware ESX third party updates for Service Console packages glibc and dhcp VMware Security...
Debian Security Advisory DSA 2053-1 (linux-2.6)
The remote host is missing an update to linux-2.6 announced via advisory DSA 2053-1. OpenVAS Vulnerability Test $Id: deb20531.nasl 6614 2017-07-07 12:09:12Z cfischer $ Description: Auto-generated from advisory DSA 2053-1 linux-2.6 Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc...
[SECURITY] [DSA 2053-1] New Linux 2.6.26 packages fix several issues
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ---------------------------------------------------------------------- Debian Security Advisory DSA-2053-1 [email protected] http://www.debian.org/security/ dann frazier May 25, 2010 http://www.debian.org/security/faq -...
CVE-2010-1083
The processcomplcompat function in drivers/usb/core/devio.c in Linux kernel 2.6.x through 2.6.32, and possibly other versions, does not clear the transfer buffer before returning to userspace when a USB command fails, which might make it easier for physically proximate attackers to obtain sensiti...
CVE-2010-1083
The processcomplcompat function in drivers/usb/core/devio.c in Linux kernel 2.6.x through 2.6.32, and possibly other versions, does not clear the transfer buffer before returning to userspace when a USB command fails, which might make it easier for physically proximate attackers to obtain sensiti...
Linux kernel 2.6.x USB接口本地信息泄露漏洞
BUGTRAQ ID: 39042 CVE ID: CVE-2010-1083 Linux Kernel是开放源码操作系统Linux所使用的内核。 在出现设备通讯失败的时候(如USB超时)Linux Kernel的drivers/usb/core/devio.c文件中的processcompl和processcomplcompat函数将transfer缓冲区未经修改的返回给了用户空间进程,其中可能包含有最近释放的内核数据。 Linux kernel 2.6.x 厂商补丁: Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...