CVE-2014-1737

The rawcmdcopyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device...

UBUNTU-CVE-2014-1738

The rawcmdcopyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows local users to obtain sensitive information from kernel heap memory by leveraging write access to...

Unbreakable Enterprise kernel security update

3.8.13-26.2.4.el6uek - aacraid: missing capable check in compat ioctl Dan Carpenter Orabug: 18721961 CVE-2013-6383 - vhost: fix total length when packets are too short Michael S. Tsirkin Orabug: 18721976 CVE-2014-0077...

PT-2014-1007 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 3.14.3 Description: The issue is related to the raw cmd copyin function in drivers/block/floppy.c, which does not properly handle error conditions during processing of an FDRAWCMD ioctl call. This allows local...

Unbreakable Enterprise kernel security update

kernel-uek 2.6.32-400.34.5uek - aacraid: missing capable check in compat ioctl Dan Carpenter Orabug: 18723276 CVE-2013-6383...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix two security issues and one bug are now available for Red Hat Enterprise Linux 5.9 Extended Update Support. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which gi...

Kernel: AACRAID Driver compat IOCTL missing capability check

The aaccompatioctl function in drivers/scsi/aacraid/linit.c in the Linux kernel before 3.11.8 does not require the CAPSYSRAWIO capability, which allows local users to bypass intended access restrictions via a crafted ioctl call...

Kernel: AACRAID Driver compat IOCTL missing capability check

The aaccompatioctl function in drivers/scsi/aacraid/linit.c in the Linux kernel before 3.11.8 does not require the CAPSYSRAWIO capability, which allows local users to bypass intended access restrictions via a crafted ioctl call...

PCNetSoftware RAC Server DoS

DoS via IOCTL call...

Buffer overflow

vmx86.sys in VMware Workstation 10.0.1 build 1379776 and VMware Player 6.0.1 build 1379776 on Windows might allow local users to cause a denial of service read access violation and system crash via a crafted buffer in an IOCTL call. NOTE: the researcher reports "Vendor rated issue as...

CVE-2014-2384

The CVE affects VMware Workstation 10.0.1 (build 1379776) and VMware Player 6.0.1 (build 1379776) on Windows, where vmx86.sys (32/64-bit kernel driver) mishandles an IOCTL input buffer, causing a read access violation and potential denial of service (host crash). The root cause is an invalid/unch...

Kernel: AACRAID Driver compat IOCTL missing capability check

The aaccompatioctl function in drivers/scsi/aacraid/linit.c in the Linux kernel before 3.11.8 does not require the CAPSYSRAWIO capability, which allows local users to bypass intended access restrictions via a crafted ioctl call...

Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-2129-1)

An information leak was discovered in the Linux kernel when inotify is used to monitor the /dev/ptmx device. A local user could exploit this flaw to discover keystroke timing and potentially discover sensitive information like password length. CVE-2013-0160 Vasily Kulikov reported a flaw in the...

Mandriva Linux Security Advisory : kernel (MDVSA-2014:038)

Multiple vulnerabilities has been found and corrected in the Linux kernel : The compatsysrecvmmsg function in net/compat.c in the Linux kernel before 3.13.2, when CONFIGX86X32 is enabled, allows local users to gain privileges via a recvmmsg system call with a crafted timeout pointer parameter...

CVE-2011-2909

The dodevinfoioctl function in drivers/staging/comedi/comedifops.c in the Linux kernel before 3.1 allows local users to obtain sensitive information from kernel memory via a copy of a short string...

Oracle Linux 6 : kernel (ELSA-2014-0159)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-0159 advisory. - exec ptrace: fix getdumpable incorrect tests Petr Oros 1039486 1039487 CVE-2013-2929 - net ipv6: fix leaking uninitialized port number of offender...

CVE-2013-4736

Multiple integer overflows in the JPEG engine drivers in the MSM camera driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, allow attackers to cause a denial of service system crash via a large number of...

Integer overflow

Multiple integer overflows in the JPEG engine drivers in the MSM camera driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, allow attackers to cause a denial of service system crash via a large number of...

UBUNTU-CVE-2013-4736

Multiple integer overflows in the JPEG engine drivers in the MSM camera driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, allow attackers to cause a denial of service system crash via a large number of...

CVE-2013-4736

Multiple integer overflows in the JPEG engine drivers in the MSM camera driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, allow attackers to cause a denial of service system crash via a large number of...