322 matches found
[USN-1529-1] Linux kernel vulnerabilities
========================================================================== Ubuntu Security Notice USN-1529-1 August 10, 2012 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
USN-1532-1 : linux-ti-omap4 vulnerabilities
An error was discovered in the Linux kernel's network TUN/TAP device implementation. A local user with access to the TUN/TAP interface which is not available to unprivileged users until granted by a root user could exploit this flaw to crash the system or potential gain administrative privileges...
Ubuntu 12.04 LTS : linux vulnerabilities (USN-1529-1)
A flaw was discovered in the Linux kernel's macvtap device driver, which is used in KVM Kernel-based Virtual Machine to create a network bridge between host and guest. A privleged user in a guest could exploit this flaw to crash the host, if the vhostnet module is loaded with the...
USN-1532-1: Linux kernel (OMAP4) vulnerabilities
An error was discovered in the Linux kernel's network TUN/TAP device implementation. A local user with access to the TUN/TAP interface which is not available to unprivileged users until granted by a root user could exploit this flaw to crash the system or potential gain administrative privileges...
USN-1529-1: Linux kernel vulnerabilities
A flaw was discovered in the Linux kernel's macvtap device driver, which is used in KVM Kernel-based Virtual Machine to create a network bridge between host and guest. A privleged user in a guest could exploit this flaw to crash the host, if the vhostnet module is loaded with the...
USN-1514-1: Linux kernel (OMAP4) vulnerabilities
A flaw was discovered in the Linux kernel's macvtap device driver, which is used in KVM Kernel-based Virtual Machine to create a network bridge between host and guest. A privleged user in a guest could exploit this flaw to crash the host, if the vhostnet module is loaded with the...
Moderate: Red Hat Security Advisory: kernel-rt security and bug fix update
Updated kernel-rt packages that fix two security issues and two bugs are now available for Red Hat Enterprise MRG 2.1. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...
kernel: epoll: can leak file descriptors when returning -ELOOP
The epollctl system call in fs/eventpoll.c in the Linux kernel before 3.2.24 does not properly handle ELOOP errors in EPOLLCTLADD operations, which allows local users to cause a denial of service file-descriptor consumption and system crash via a crafted application that attempts to create a...
Scientific Linux Security Update : kernel on SL6.x i386/x86_64
The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues : - Multiple buffer overflow flaws were found in the Linux kernel's Management Module Support for Message Passing Technology MPT based controllers. A local,...
kernel: excessive in kernel CPU consumption when creating large nested epoll structures
The epoll implementation in the Linux kernel 2.6.37.2 and earlier does not properly traverse a tree of epoll file descriptors, which allows local users to cause a denial of service CPU consumption via a crafted application that makes epollcreate and epollctl system calls...
Unbreakable Enterprise kernel Security update
2.6.32-300.29.2 - epoll: epollwait should not use timespecaddns Eric Dumazet - epoll: clear the tfilechecklist on -ELOOP Joe Jin CVE-2012-3375 - Don't limit non-nested epoll paths Jason Baron - epoll: kabi fixups for epoll limit wakeup paths Joe Jin CVE-2011-1083 - epoll: limit paths Jason Baron...
Unbreakable Enterprise kernel Security update
2.6.39-200.29.2 - epoll: clear the tfilechecklist on -ELOOP Joe Jin CVE-2012-3375 - Don't limit non-nested epoll paths Jason Baron - epoll: kabi fixups for epoll limit wakeup paths Joe Jin CVE-2011-1083 - epoll: limit paths Jason Baron CVE-2011-1083 - cred: copyprocess should clear...
CentOS 6 : kernel (CESA-2012:0862)
Updated kernel packages that fix two security issues, address several hundred bugs and add numerous enhancements are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 6. This is the third regular update. The Red Hat Security Response Team has rated...
kernel: epoll: can leak file descriptors when returning -ELOOP
The epollctl system call in fs/eventpoll.c in the Linux kernel before 3.2.24 does not properly handle ELOOP errors in EPOLLCTLADD operations, which allows local users to cause a denial of service file-descriptor consumption and system crash via a crafted application that attempts to create a...
kernel security and bug fix update
2.6.18-308.11.1.el5 - net ixgbe: remove flow director stats Andy Gospodarek 832169 830226 - net ixgbe: fix default return value for ixgbecacheringfdir Andy Gospodarek 832169 830226 - net ixgbe: reverting setup redirection table for multiple packet buffers Andy Gospodarek 832169 830226...
Linux Kernel 'fs/eventpoll.c'本地拒绝服务漏洞
Bugtraq ID: 54283 Linux Kernel是Linux操作系统的内核。 当处理epoll描述符返回值时linux内核存在一个错误,允许本地攻击者利用漏洞消耗大量CPU,造成拒绝服务攻击。 0 Linux Kernel 3.2.x 厂商补丁: Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.kernel.org/ The Linux Kernel is prone to a local denial-of-service vulnerability. Successful exploits will all...
Linux Kernel 3.2.24 - fseventpoll.c Local Denial of Service
Linux Kernel 3.2.24 - fseventpoll.c Local Denial of Service / The Linux Kernel is prone to a local denial-of-service vulnerability. Successful exploits will allow attackers to cause the kernel to crash, denying service to legitimate users. / include include include int main struct sockaddrin addr...
Medium: kernel
Issue Overview: A flaw was found in the way the Linux kernel's Event Poll epoll subsystem handled large, nested epoll structures. A local, unprivileged user could use this flaw to cause a denial of service. A malicious Network File System version 4 NFSv4 server could return a crafted reply to a...
PT-2012-1190 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.2.24 Description: The epoll ctl system call in fs/eventpoll.c does not properly handle ELOOP errors in EPOLL CTL ADD operations, allowing local users to cause a denial of service file-descriptor consumption an...
UBUNTU-CVE-2012-3375
The epollctl system call in fs/eventpoll.c in the Linux kernel before 3.2.24 does not properly handle ELOOP errors in EPOLLCTLADD operations, which allows local users to cause a denial of service file-descriptor consumption and system crash via a crafted application that attempts to create a...