4 matches found
EUVD-2008-4535
Malware in sbrugna...
Linux Kernel 'do_splice_from()'本地安全绕过漏洞
BUGTRAQ ID: 31903 CVE ID:CVE-2008-4554 CNCVE ID:CNCVE-20084554 Linux是一款开放源代码的操作系统。 Linux在执行部分文件操作时'dosplicefrom'函数不正确拒绝文件描述符,本地攻击者可以利用漏洞绕过本地安全限制。 攻击者可以绕过append-only限制,破坏系统文件。 RedHat Fedora 9 0 RedHat Fedora 8 0 Linux kernel 2.6.26 4 Linux kernel 2.6.26 3 Linux kernel 2.6.26 .6 Linux kernel 2.6.26...
Fedora 9 : kernel-2.6.26.6-79.fc9 (2008-8929)
Update kernel from version 2.6.26.5 to 2.6.26.6: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26.6 CVE-2008-3831 An IOCTL in the i915 driver was not properly restricted to users with the proper capabilities to use it. CVE-2008-4410 The vmiwriteldtentry function in...
Remote file inclusion
The dosplicefrom function in fs/splice.c in the Linux kernel before 2.6.27 does not reject file descriptors that have the OAPPEND flag set, which allows local users to bypass append mode and make arbitrary changes to other locations in the file...