[oss-security] CVE-2014-0206 -- Linux kernel: kernel memory disclosure in io_getevents()

A kernel memory disclosure was introduced in aioreadeventsring in v3.10 by commit a31ad380bed817aa25f8830ad23e1a0480fef797. The changes made to aioreadeventsring failed to correctly limit the index into ctx-ringpages, allowing an attacker to cause the subsequent kmap of an arbitrary page with a...

Linux Kernel PPC64/IA64 (AIO) - Local Denial of Service

// // Proof of Concept by Daniel McNeil // compile using cc -o aiodioread aiodioread.c -laio // define XOPENSOURCE 600 define GNUSOURCE include include include include include include include include include include int pagesize; char iobuf; iocontextt myctx; int aiomaxio = 4; / do a AIO DIO writ...