MiracleLinux 3 : kernel-2.6.18-8.17AXS3 (AXSA:2008-82:04)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2008-82:04 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. CVE-2007-5498: The Xen hypervisor block backend driver for Linux...

SUSE CVE-2008-1375

Race condition in the directory notification subsystem dnotify in Linux kernel 2.6.x before 2.6.24.6, and 2.6.25 before 2.6.25.1, allows local users to cause a denial of service OOPS and possibly gain privileges via unspecified vectors...

Oracle Linux 5 : kernel (ELSA-2008-0233)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2008-0233 advisory. - Update: fs fix race condition in dnotify Alexander Viro 439758 CVE-2008-1375 - Update: xen ia64: ftp stress test fixes between HVM/Dom0 Tetsu Yamamot...

SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5370)

This kernel update fixes quite a number of security problems : - A remote attacker could crash the IPSec/IPv6 stack by sending a bad ESP packet. This requires the host to be able to receive such packets default filtered by the firewall. CVE-2007-6282 - A problem in SIT IPv6 tunnel handling could ...

Mandriva Linux Security Advisory : kernel (MDVSA-2008:105)

The CIFS filesystem in the Linux kernel before 2.6.22, when Unix extension support is enabled, does not honor the umask of a process, which allows local users to gain privileges. CVE-2007-3740 The drm/i915 component in the Linux kernel before 2.6.22.2, when used with i965G and later chipsets,...

Ubuntu Update for linux-source-2.6.15/20/22 vulnerabilities USN-618-1

Ubuntu Update for Linux kernel vulnerabilities USN-618-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN6181.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for linux-source-2.6.15/20/22 vulnerabilities USN-618-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH...

Ubuntu: Security Advisory (USN-618-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu Update for linux vulnerabilities USN-614-1

Ubuntu Update for Linux kernel vulnerabilities USN-614-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN6141.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for linux vulnerabilities USN-614-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5375)

This kernel update fixes quite a number of security problems : - A remote attacker could crash the IPSec/IPv6 stack by sending a bad ESP packet. This requires the host to be able to receive such packets default filtered by the firewall. CVE-2007-6282 - A problem in SIT IPv6 tunnel handling could ...

USN-614-1: Linux kernel vulnerabilities

It was discovered that PowerPC kernels did not correctly handle reporting certain system details. By requesting a specific set of information, a local attacker could cause a system crash resulting in a denial of service. CVE-2007-6694 A race condition was discovered between dnotify fcntl and clos...

kernel security and bug fix update

2.6.18-53.1.19.0.1.el5 - NET Add entropy support to e1000 and bnx2 John Sobecki ORA 6045759 - NET Fix msi issue with kexec/kdump Michael Chan ORA 6219364 - MM Fix allocpagesnode static nid' race made kernel crash Joe Jin ORA 6187457 - splice Fix bad unlockpage in error case Jens Axboe ORA 6263574...

kernel: race condition in dnotify (local DoS, local roothole possible)

Race condition in the directory notification subsystem dnotify in Linux kernel 2.6.x before 2.6.24.6, and 2.6.25 before 2.6.25.1, allows local users to cause a denial of service OOPS and possibly gain privileges via unspecified vectors...

kernel: add rcu_read_lock() to fcheck() in both dnotify, locks.c and fix fcntl store/load race in locks.c

Linux kernel before 2.6.25.2 does not apply a certain protection mechanism for fcntl functionality, which allows local users to 1 execute code in parallel or 2 exploit a race condition to obtain "re-ordered access to the descriptor table."...

kernel: race condition in dnotify (local DoS, local roothole possible)

Race condition in the directory notification subsystem dnotify in Linux kernel 2.6.x before 2.6.24.6, and 2.6.25 before 2.6.25.1, allows local users to cause a denial of service OOPS and possibly gain privileges via unspecified vectors...

kernel: add rcu_read_lock() to fcheck() in both dnotify, locks.c and fix fcntl store/load race in locks.c

Linux kernel before 2.6.25.2 does not apply a certain protection mechanism for fcntl functionality, which allows local users to 1 execute code in parallel or 2 exploit a race condition to obtain "re-ordered access to the descriptor table."...

kernel: race condition in dnotify (local DoS, local roothole possible)

Race condition in the directory notification subsystem dnotify in Linux kernel 2.6.x before 2.6.24.6, and 2.6.25 before 2.6.25.1, allows local users to cause a denial of service OOPS and possibly gain privileges via unspecified vectors...

Linux Kernel dnotify.c文件本地竞争条件漏洞

BUGTRAQ ID: 29003 CVECAN ID: CVE-2008-1375 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的dnotify子系统在fcntl和close调用之间存在竞争条件，在最后一个描述符已经离开current-files之后可以将dnotifystruct注入到inode的列表中，这可能导致系统崩溃或获得root用户权限。 Linux kernel 2.6.25.1 厂商补丁： Debian ------ Debian已经为此发布了一个安全公告（DSA-1565-1）以及相应补丁: DSA-1565-1：New...

CVE-2008-1375

CVE-2008-1375 describes a race condition in the Linux kernel’s directory notification subsystem (dnotify). It affects Linux kernel 2.6.x before 2.6.24.6, and 2.6.25 before 2.6.25.1. Successful exploitation could allow local users to cause a denial of service (OOPS) and possibly gain privileges vi...