SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5370)

This kernel update fixes quite a number of security problems : - A remote attacker could crash the IPSec/IPv6 stack by sending a bad ESP packet. This requires the host to be able to receive such packets default filtered by the firewall. CVE-2007-6282 - A problem in SIT IPv6 tunnel handling could ...

Linux Kernel 2.6.31-rc4 - nfs4_proc_lock() Denial of Service

Linux Kernel 2.6.31-rc4 - nfs4proclock Denial of Service / Description of problem: execution of a particular program from the Arachne suite reliably causes a kernel panic due to a NULL-pointer dereference in nfs4proclock. Version-Release number of selected component if applicable:...

Linux Kernel locks_remove_flock()本地竞争条件漏洞

BUGTRAQ ID: 33237 CVECAN ID: CVE-2008-4307 Linux Kernel是开放源码操作系统Linux所使用的内核。 RHEL4/5内核处理POSIX锁定时fcntl调用可能与关闭相同文件描述符出现竞争，本地攻击者可以利用这个漏洞导致拒绝服务或获得权限提升。 fcntl以如下方式获得POSIX锁定： sysfcntl fget dofcntl fcntlsetlk fput if!count fput locksremoveflock fcntlsetlk调用可能阻塞很长时间，允许同一进程中的其他线程关闭文件描述符： sysclose filpclos...

SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5375)

This kernel update fixes quite a number of security problems : - A remote attacker could crash the IPSec/IPv6 stack by sending a bad ESP packet. This requires the host to be able to receive such packets default filtered by the firewall. CVE-2007-6282 - A problem in SIT IPv6 tunnel handling could ...

Linux Kernel fcntl_setlk()函数本地竞争条件漏洞

BUGTRAQ ID: 29076 CVECAN ID: CVE-2008-1669 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux kernel没有对fcntl功能应用某些保护机制，本地攻击者可以在SMP系统上利用fcntlsetlk与close调用之间的竞争条件获得对文件描述符表的不正确序列访问，这可能导致拒绝服务的情况。 Linux kernel 2.6.25.2 Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...