Linux Kernel copy_from_user_mmap_sem()函数内存访问漏洞

BUGTRAQ ID: 27796 CVECAN ID: CVE-2008-0010 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的实现上存在漏洞，本地攻击者可能利用此漏洞获取内核内存的敏感信息。 Linux Kernel的fs/splice.c文件中的copyfromusermmapsem函数未经验证用户提供的指针便使用copyfromuserinatomic拷贝了用户进程内存中的数据： ---8--- fs/splice.c:1188 ---8--- partial = copyfromuserinatomicdst, src, n;...

Debian Security Advisory DSA 1494-2 (linux-2.6)

The remote host is missing an update to linux-2.6 announced via advisory DSA 1494-2. OpenVAS Vulnerability Test $Id: deb14942.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1494-2 linux-2.6 Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

Debian DSA-1494-2 : linux-2.6 - missing access checks

The vmsplice system call did not properly verify address arguments passed by user space processes, which allowed local attackers to overwrite arbitrary kernel memory, gaining root privileges CVE-2008-0010, CVE-2008-0600 . In the vserver-enabled kernels, a missing access check on certain symlinks ...