USN-1105-1: Linux kernel vulnerabilities

Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. CVE-2010-4075 Dan Rosenberg discovered that the socket filters did not correctly...

Ubuntu 9.10 : linux, linux-ec2 vulnerabilities (USN-1089-1)

Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. CVE-2010-4075, CVE-2010-4076, CVE-2010-4077 Dan Rosenberg discovered that the socket...

Linux <= 2.6.37-rc1 serial_core TIOCGICOUNT Leak Exploit

Exploit for linux platform in category dos / poc / Linux include include include include include include int mainint argc, char argv int fd, ret = 0, i; struct serialicounterstruct buffer; printf" Linux = 2.6.37-rc1 serialcore TIOCGICOUNT leak exploit\n"; ifargc 2 printf" You need to supply a...

Linux Kenel 2.6.37-rc1 - serial_core TIOCGICOUNT Leak

Linux Kenel 2.6.37-rc1 - serialcore TIOCGICOUNT Leak / Linux include include include include include include int mainint argc, char argv int fd, ret = 0, i; struct serialicounterstruct buffer; printf" Linux = 2.6.37-rc1 serialcore TIOCGICOUNT leak exploit\n"; ifargc 2 printf" You need to supply a...

Linux Kenel 2.6.37-rc1 - serial_core TIOCGICOUNT Leak

/ Linux include include include include include include int mainint argc, char argv int fd, ret = 0, i; struct serialicounterstruct buffer; printf" Linux = 2.6.37-rc1 serialcore TIOCGICOUNT leak exploit\n"; ifargc 2 printf" You need to supply a device name e.g. /dev/ttyS0\n"; exit-1; ;...

kernel: panic when submitting certain 0-length I/O requests

The blkrqmapuseriov function in block/blk-map.c in the Linux kernel before 2.6.37-rc7 allows local users to cause a denial of service panic via a zero-length I/O request in a device ioctl to a SCSI device, related to an unaligned map. NOTE: this vulnerability exists because of an incomplete fix f...

kernel: heap contents leak for CAP_NET_ADMIN via ethtool ioctl

net/core/ethtool.c in the Linux kernel before 2.6.36 does not initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel heap memory by leveraging the CAPNETADMIN capability for an ethtool ioctl call...

kernel: bio: integer overflow page count when mapping/copying user data

Multiple integer overflows in fs/bio.c in the Linux kernel before 2.6.36.2 allow local users to cause a denial of service system crash via a crafted device ioctl to a SCSI device...

kernel: panic when submitting certain 0-length I/O requests

The blkrqmapuseriov function in block/blk-map.c in the Linux kernel before 2.6.36.2 allows local users to cause a denial of service panic via a zero-length I/O request in a device ioctl to a SCSI device...

kernel: av7110 negative array offset

The dvbcaioctl function in drivers/media/dvb/ttpci/av7110ca.c in the Linux kernel before 2.6.38-rc2 does not check the sign of a certain integer field, which allows local users to cause a denial of service memory corruption or possibly have unspecified other impact via a negative value...

Ubuntu Update for linux-lts-backport-maverick vulnerabilities USN-1083-1

Ubuntu Update for Linux kernel vulnerabilities USN-1083-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN10831.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for linux-lts-backport-maverick vulnerabilities USN-1083-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks...

CVE-2011-0711

The xfsfsgeometry function in fs/xfs/xfsfsops.c in the Linux kernel before 2.6.38-rc6-git3 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FSGEOMETRYV1 ioctl call...

Session fixation

The xfsfsgeometry function in fs/xfs/xfsfsops.c in the Linux kernel before 2.6.38-rc6-git3 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FSGEOMETRYV1 ioctl call...

kernel: heap contents leak for CAP_NET_ADMIN via ethtool ioctl

net/core/ethtool.c in the Linux kernel before 2.6.36 does not initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel heap memory by leveraging the CAPNETADMIN capability for an ethtool ioctl call...

PT-2011-1074 · Suse +2 · Kernel-Kdumppae +3

Name of the Vulnerable Software and Affected Versions: Linux kernel version 2.6.38 and earlier kernel-kdumppae affected versions not specified Description: The issue is related to a lack of validation of length and offset values before performing memory copy operations in the Linux kernel. This...

PT-2011-1073 · Suse +2 · Kernel-Kdumppae +3

Name of the Vulnerable Software and Affected Versions: Linux kernel version 2.6.38 and earlier kernel-kdumppae affected versions not specified Description: The issue is related to an integer overflow in the Linux kernel, which might allow local users to gain privileges or cause a denial of servic...

USN-1074-1: Linux kernel vulnerabilities

Al Viro discovered a race condition in the TTY driver. A local attacker could exploit this to crash the system, leading to a denial of service. CVE-2009-4895 Dan Rosenberg discovered that the MOVEEXT ext4 ioctl did not correctly check file permissions. A local attacker could overwrite append-only...

kernel: heap contents leak for CAP_NET_ADMIN via ethtool ioctl

net/core/ethtool.c in the Linux kernel before 2.6.36 does not initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel heap memory by leveraging the CAPNETADMIN capability for an ethtool ioctl call...

kernel: av7110 negative array offset

The dvbcaioctl function in drivers/media/dvb/ttpci/av7110ca.c in the Linux kernel before 2.6.38-rc2 does not check the sign of a certain integer field, which allows local users to cause a denial of service memory corruption or possibly have unspecified other impact via a negative value...

PT-2011-1619 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.36 Description: The issue allows local users to obtain potentially sensitive information from kernel heap memory. This is possible by leveraging the CAP NET ADMIN capability for an ethtool ioctl call, due to...