4 matches found
Information Disclosure
kernel is vulnerable to information disclosure. The vulnerability exists as the dotruncate and genericfilesplicewrite functions did not clear the setuid and setgid bits. This could allow a local unprivileged user to obtain access to privileged information...
CentOS Update for kernel CESA-2008:0972 centos4 x86_64
Check for the Version of kernel OpenVAS Vulnerability Test CentOS Update for kernel CESA-2008:0972 centos4 x8664 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
Linux Kernel 'generic_file_splice_write()' Local Privilege Escalation Vulnerabil
The Linux kernel is prone to a local privilege-escalation vulnerability related to the 'genericfilesplicewrite' function. Local attackers can exploit this issue to gain superuser privileges. Successful exploits will result in the complete compromise of the computer. Versions prior to Linux kernel...
Design/Logic Flaw
The genericfilesplicewrite function in fs/splice.c in the Linux kernel before 2.6.19 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified...