kernel: block: floppy: privilege escalation via FDRAWCMD floppy ioctl command

A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free using the kfree function arbitrary kernel memory. CVE-2014-173...

FreeBSD 10 nand Driver IOCTL Kernel Memory Leak Bug

The nand driver in FreeBSD versions 10 and below has a vulnerability that leaks arbitrary kernel memory to the userspace. XADV-2013005 FreeBSD 10 site: http://www.x90c.org References: 1 http://www.unix.com/man-page/freebsd/9/malloc/ 2...

kernel: block: default SCSI command filter does not accomodate commands overlap across device classes

block/scsiioctl.c in the Linux kernel through 3.8 does not properly consider the SCSI device class during authorization of SCSI commands, which allows local users to bypass intended access restrictions via an SGIO ioctl call that leverages overlapping opcodes...

Ubuntu Update for linux USN-1405-1

Ubuntu Update for Linux kernel vulnerabilities USN-1405-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN14051.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for linux USN-1405-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This...

Ubuntu 11.10 : linux vulnerabilities (USN-1405-1)

Paolo Bonzini discovered a flaw in Linux's handling of the SGIO ioctl command. A local user, or user in a VM could exploit this flaw to bypass restrictions and gain read/write access to all data on the affected block device. CVE-2011-4127 A flaw was found in the Linux kernel's ext4 file system wh...

Ubuntu Update for linux USN-1389-1

Ubuntu Update for Linux kernel vulnerabilities USN-1389-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN13891.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for linux USN-1389-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This...

Ubuntu Update for linux-ec2 USN-1388-1

Ubuntu Update for Linux kernel vulnerabilities USN-1388-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN13881.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for linux-ec2 USN-1388-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net Th...