13 matches found
Linux Missing Lockdown Exploit
Linux suffers from a missing locking between ELF coredump code and userfaultfd VMA modification. Linux: missing locking between ELF coredump code and userfaultfd VMA modification Related CVE Numbers: CVE-2019-11599. elfcoredump has a comment back from something like 2.5.43-C3 that says: / We no...
CVE-2017-17080
elf.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29.1, does not validate sizes of core notes, which allows remote attackers to cause a denial of service bfdgetl32 heap-based buffer over-read and application crash via a crafted object file, related to...
Linux kernel 2.2 ldd core Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/344/info Due to a rare and subtle bug in the 2.2.0 kernel, a linux machine can be forced to reboot by an unpriviliged local user. The reason for this is because of the invalid ELF core layout and the fact that munmap wipe...
Linux Kernel 2.2.x.2.3.x/2.4.x/2.5.x/2.6.x ELF Core Dump Local Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13589/info The Linux kernel is susceptible to a local buffer-overflow vulnerability when attempting to create ELF coredumps. This issue is due to an integer-overflow flaw that results in a kernel buffer overflow during a...
kernel security and bug fix update
2.6.9-89.35.1.0.1.EL - XEN fix cpu hotplug crash Joe Jin orabug 7521308 - XEN Bring up vcpus before khelper init Joe Jin orabug 7521308 - XEN flush the tlb cache immediately Dave McCracken, Scott Shi orabug 9138767 - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug...
kernel security update
2.6.9-89.0.29.0.1.EL - XEN fix cpu hotplug crash Joe Jin orabug 7521308 - XEN Bring up vcpus before khelper init Joe Jin orabug 7521308 - XEN flush the tlb cache immediately Dave McCracken, Scott Shi orabug 9138767 - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug...
kernel security and bug fix update
2.6.9-89.0.18.0.1.EL - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug 6845794 - fix enomem due to larger mtu size page alloc Zach Brown orabug 5486128 - backout patch sysrq-b that queues upto keventd thread Guru Anbalagane orabug 6125546 - netrx/netpoll race...
kernel security and bug fix update
2.6.9-78.0.13.0.1.EL - fix entropy flag in bnx2 driver to generate entropy pool John Sobecki orabug 5931647 - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug 6845794 - fix enomem due to larger mtu size page alloc Zach Brown orabug 5486128 - fix percpu api bugon wit...
security flaw
The elfcoredump function in binfmtelf.c for Linux kernel 2.x.x to 2.2.27-rc2, 2.4.x to 2.4.31-pre1, and 2.6.x to 2.6.12-rc4 allows local users to execute arbitrary code via an ELF binary that, in certain conditions involving the createelftables function, causes a negative length argument to pass ...
Linux kernel ELF core dump privilege elevation
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, since it became clear from the discussion in January about the uselib vulnerability, that the Linux community prefers full, non-embargoed disclosure of kernel bugs, I release full details right now. However to follows at least some of the...
Linux Kernel 2.2.x/2.3.x/2.4.x/2.5.x/2.6.x - ELF Core Dump Local Buffer Overflow (PoC)
/ source: https://www.securityfocus.com/bid/13589/info The Linux kernel is susceptible to a local buffer-overflow vulnerability when attempting to create ELF coredumps. This issue is due to an integer-overflow flaw that results in a kernel buffer overflow during a 'copyfromuser' call. To exploit...
Linux Kernel 2.2 - ldd core Force Reboot (Denial of Service)
Linux Kernel 2.2 - ldd core Force Reboot Denial of Service source: https://www.securityfocus.com/bid/344/info Due to a rare and subtle bug in the 2.2.0 kernel, a linux machine can be forced to reboot by an unpriviliged local user. The reason for this is because of the invalid ELF core layout and...
Linux Kernel 2.2 - 'ldd core' Force Reboot (Denial of Service)
source: https://www.securityfocus.com/bid/344/info Due to a rare and subtle bug in the 2.2.0 kernel, a linux machine can be forced to reboot by an unpriviliged local user. The reason for this is because of the invalid ELF core layout and the fact that munmap wipes out a vital page table entry. On...