9 matches found
EUVD-2009-4111
Malware in sbrugna...
Use-after-Free
The kernel package is vulnerable to Use-after-Free. A deficiency in the fasynchelper implementation allows a local, unprivileged user to leverage a use-after-free of locked, asynchronous file descriptors to cause a denial of service or privilege escalation...
Linux Kernel 2.6.x 'fasync_helper()' Local Privilege Escalation Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/37806/info Linux kernel is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complet...
RHEL 5 : kernel (RHSA-2010:0046)
Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux...
CVE-2009-4141
CVE-2009-4141 is a local-privilege escalation in the Linux kernel (fs/fcntl.c: fasync_helper) where enabling O_ASYNC on a locked file and closing it can grant privileges. Affected: Linux kernel before 2.6.33-rc4-git1. Root cause: use-after-free in fasync_helper. Mitigation: apply the upstream pat...
CVE-2009-4141
Use-after-free vulnerability in the fasynchelper function in fs/fcntl.c in the Linux kernel before 2.6.33-rc4-git1 allows local users to gain privileges via vectors that include enabling OASYNC aka FASYNC or FIOASYNC on a locked file, and then closing this file...
Linux Kernel 'fasync_helper()'本地特权提升漏洞
Bugraq ID: 37806 CVE ID:CVE-2009-4141 Linux是一款开放源代码的操作系统。 Linux内核处理锁定fasync文件描述符存在安全漏洞,允许攻击者以内核特权执行任意代码或使系统崩溃。 根据Linus分析,“问题是相同文件描述符可在多个fasync列表上,它可以在特定fasync列表上存在一次,但是文件锁定比较特殊,会使用 'fl-flfasync'列表无视在什么底层设备驱动或其他的情况下增加任意文件到它所属的fasync列表中。" 这个问题是因为它不正确假定某个文件只能在一个fasync列表中,所以fasynchelper会清除FASYNC标记。...
Linux Kernel 2.6.28 - fasync_helper() Local Privilege Escalation
Linux Kernel 2.6.28 - fasynchelper Local Privilege Escalation / source: https://www.securityfocus.com/bid/37806/info Linux kernel is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to execute arbitrary code with kernel-level privileges. Successful...
Linux Kernel < 2.6.28 - 'fasync_helper()' Local Privilege Escalation
/ source: https://www.securityfocus.com/bid/37806/info Linux kernel is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected...