21 matches found
Linux kernel cm4000_cs.c competition condition vulnerability
Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. Linux kernel 6.0.6 and earlier versions have a contention condition vulnerability that originates in drivers/char/pcmcia/cm4000cs.c when calling open if cmmopen and cm4000detach, an attacker can exploit...
Ubuntu 16.04 ESM / 18.04 LTS : Linux kernel vulnerabilities (USN-5073-1)
The remote Ubuntu 16.04 ESM / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5073-1 advisory. Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM ...
F5 Networks BIG-IP : Linux kernel vulnerability (K01512680)
An issue was discovered in the Linux kernel before 5.0.4. There is a use-after-free upon attempted read access to /proc/ioports after the ipmisi module is removed, related to drivers/char/ipmi/ipmisiintf.c, drivers/char/ipmi/ipmisimemio.c, and drivers/char/ipmi/ipmisiportio.c.CVE-2019-11811 Impac...
DEBIAN-CVE-2020-16166
The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG, aka CID-f227e3ec3b5c. This is related to drivers/char/random.c and kernel/time/timer.c...
Design/Logic Flaw
The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG, aka CID-f227e3ec3b5c. This is related to drivers/char/random.c and kernel/time/timer.c...
CVE-2019-11811
An issue was discovered in the Linux kernel before 5.0.4. There is a use-after-free upon attempted read access to /proc/ioports after the ipmisi module is removed, related to drivers/char/ipmi/ipmisiintf.c, drivers/char/ipmi/ipmisimemio.c, and drivers/char/ipmi/ipmisiportio.c...
Improper Access Control
Linux kernel is vulnerable to improper access control. The vulnerability exists because the mm subsystem in the Linux kernel does not properly enforce the CONFIGSTRICTDEVMEM protection mechanism. Local users could read or write to kernel memory locations in the first megabyte and bypass...
CVE-2019-9003
In the Linux kernel before 4.20.5, attackers can trigger a drivers/char/ipmi/ipmimsghandler.c use-after-free and OOPS by arranging for certain simultaneous execution of the code, as demonstrated by a "service ipmievd restart" loop...
Linux RNG Flaws
Linux RNG flaws CVE-2018-1108 There are several issues in drivers/char/random.c, in particular related to the behavior of the /dev/urandom RNG during and shortly after boot. I'm sending this to [email protected] and Theodore Ts'o for now; it might make sense to also add Jason Donenfeld, since...
OracleVM 3.4 : Unbreakable / etc (OVMSA-2018-0017) (Meltdown)
The remote OracleVM system is missing necessary patches to address critical security updates : - drivers/char/mem.c: deny access in open operation when securelevel is set Ethan Zhao Orabug: 27234850 Orabug: 27234850 - hugetlb: fix nrpmds accounting with shared page tables Kirill A. Shutemov Orabu...
CVE-2014-9883
Integer overflow in drivers/char/diag/diagdci.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 2013 devices allows attackers to gain privileges or obtain sensitive information via a crafted application, aka Android internal bug 28769912 and Qualcomm internal bug CR565160...
CVE-2014-9873
CVE-2014-9873 describes an integer underflow in Qualcomm components, specifically in drivers/char/diag/diag_dci.c, affecting Android on Nexus 5 and Nexus 7 (2013) devices prior to 2016-08-05. The flaw allows a crafted application to gain privileges or access sensitive information via the affected...
Linux Kernel 2.6.x 'drivers/char/tty_ldisc.c' NULL Pointer Dereference Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/36191/info The Linux kernel is prone to a local denial-of-service vulnerability. Attackers can exploit this issue to crash the affected kernel, denying service to legitimate users. Given the nature of this issue, attacker...
CVE-2011-1160
The tpmopen function in drivers/char/tpm/tpm.c in the Linux kernel before 2.6.39 does not initialize a certain buffer, which allows local users to obtain potentially sensitive information from kernel memory via unspecified vectors...
Linux Kernel drivers/char/tpm/tpm.c信息泄露漏洞
BUGTRAQ ID: 46866 CVE ID: CVE-2011-1160 Linux Kernel是Linux操作系统的内核。 Linux Kernel在drivers/char/tpm/tpm.c的实现上存在信息泄露漏洞,本地攻击者可利用此漏洞从栈中获取敏感信息 Linux kernel 2.6.x OpenVZ Project OpenVZ 028stab091.1 厂商补丁: Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.kernel.org/...
Session fixation
The nttyioctltiocgicount function in drivers/char/nozomi.c in the Linux kernel 2.6.36.1 and earlier does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call...
CVE-2010-4076
The rsioctl function in drivers/char/amiserial.c in the Linux kernel 2.6.36.1 and earlier does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call...
Race condition
Race condition in the ttyfasync function in drivers/char/ttyio.c in the Linux kernel before 2.6.32.6 allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other impact via unknown vectors, related to the putttyqueue and fsetown...
Design/Logic Flaw
The releaseonetty function in drivers/char/ttyio.c in the Linux kernel before 2.6.34-rc4 omits certain required calls to the putpid function, which has unspecified impact and local attack vectors...
CVE-2010-1162
The releaseonetty function in drivers/char/ttyio.c in the Linux kernel before 2.6.34-rc4 omits certain required calls to the putpid function, which has unspecified impact and local attack vectors...