5901 matches found
CVE-2010-4075
The CVE-2010-4075 entry affects the Linux kernel module code: uart_get_count (drivers/serial/serial_core.c) in versions prior to 2.6.37-rc1. The vulnerability arises from not properly initializing a certain structure member, enabling local users to read potentially sensitive information from kern...
CVE-2010-4078
The sisfbioctl function in drivers/video/sis/sismain.c in the Linux kernel before 2.6.36-rc6 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FBIOGETVBLANK ioctl call...
CVE-2010-4075
The uartgetcount function in drivers/serial/serialcore.c in the Linux kernel before 2.6.37-rc1 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call...
CVE-2010-2962
drivers/gpu/drm/i915/i915gem.c in the Graphics Execution Manager GEM in the Intel i915 driver in the Direct Rendering Manager DRM subsystem in the Linux kernel before 2.6.36 does not properly validate pointers to blocks of memory, which allows local users to write to arbitrary kernel memory...
Memory corruption
drivers/media/video/v4l2-compat-ioctl32.c in the Video4Linux V4L implementation in the Linux kernel before 2.6.36 on 64-bit platforms does not validate the destination of a memory copy operation, which allows local users to write to arbitrary kernel memory locations, and consequently gain...
Design/Logic Flaw
drivers/gpu/drm/i915/i915gem.c in the Graphics Execution Manager GEM in the Intel i915 driver in the Direct Rendering Manager DRM subsystem in the Linux kernel before 2.6.36 does not properly validate pointers to blocks of memory, which allows local users to write to arbitrary kernel memory...
CVE-2010-2963
drivers/media/video/v4l2-compat-ioctl32.c in the Video4Linux V4L implementation in the Linux kernel before 2.6.36 on 64-bit platforms does not validate the destination of a memory copy operation, which allows local users to write to arbitrary kernel memory locations, and consequently gain...
CVE-2010-2962
drivers/gpu/drm/i915/i915gem.c in the Graphics Execution Manager GEM in the Intel i915 driver in the Direct Rendering Manager DRM subsystem in the Linux kernel before 2.6.36 does not properly validate pointers to blocks of memory, which allows local users to write to arbitrary kernel memory...
CVE-2010-2962
drivers/gpu/drm/i915/i915gem.c in the Graphics Execution Manager GEM in the Intel i915 driver in the Direct Rendering Manager DRM subsystem in the Linux kernel before 2.6.36 does not properly validate pointers to blocks of memory, which allows local users to write to arbitrary kernel memory...
RHEL 6 : kernel (RHSA-2010:0842)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2010:0842 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: Missi...
kernel: gdth: Prevent negative offsets in ioctl
Array index error in the gdthreadevent function in drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request...
kernel: pktcdvd ioctl dev_minor missing range check
Integer signedness error in the pktfinddevfromminor function in drivers/block/pktcdvd.c in the Linux kernel before 2.6.36-rc6 allows local users to obtain sensitive information from kernel memory or cause a denial of service invalid pointer dereference and system crash via a crafted index value i...
kernel: wireless: fix 64K kernel heap content leak via ioctl
The cfg80211wextgiwessid function in net/wireless/wext-compat.c in the Linux kernel before 2.6.36-rc3-next-20100831 does not properly initialize certain structure members, which allows local users to leverage an off-by-one error in the ioctlstandardiwpoint function in net/wireless/wext-core.c, an...
kernel: prevent heap corruption in snd_ctl_new()
Multiple integer overflows in the sndctlnew function in sound/core/control.c in the Linux kernel before 2.6.36-rc5-next-20100929 allow local users to cause a denial of service heap memory corruption or possibly have unspecified other impact via a crafted 1 SNDRVCTLIOCTLELEMADD or 2...
kernel: arbitrary kernel memory write via i915 GEM ioctl
drivers/gpu/drm/i915/i915gem.c in the Graphics Execution Manager GEM in the Intel i915 driver in the Direct Rendering Manager DRM subsystem in the Linux kernel before 2.6.36 does not properly validate pointers to blocks of memory, which allows local users to write to arbitrary kernel memory...
AVG Internet Security IOCTL请求本地拒绝服务漏洞
BUGTRAQ ID: 44596 AVG Internet Security可为用户上网提供多层保护。 AVG Internet Security所使用的avgtdix.sys内核驱动没有正确地处理IOCTL请求,本地用户可以通过发布恶意的0x830020C8 IOCTL请求触发内核内存破坏,导致系统蓝屏死机。 AVG Internet Security 9.0.851 厂商补丁: AVG --- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.grisoft.com/us/usindex.php / Exploit...
Trend Micro Titanium Maximum Security 2011 Local Exploit
1.Description: The tmtdi.sys kernel driver distributed with Trend Micro Titanium Maximum Security 2011 contains a pointer overwrite vulnerability in the handling of IOCTL 0x220404. Exploitation of this issue allows an attacker to execute arbitrary code within the kernel. An attacker would need...
Trend Micro Titanium Maximum Security 2011 - Local Kernel
Trend Micro Titanium Maximum Security 2011 - Local Kernel / 1.Description: The tmtdi.sys kernel driver distributed with Trend Micro Titanium Maximum Security 2011 contains a pointer overwrite vulnerability in the handling of IOCTL 0x220404. Exploitation of this issue allows an attacker to execute...
Trend Micro Titanium Maximum Security 2011 - Local Kernel
/ 1.Description: The tmtdi.sys kernel driver distributed with Trend Micro Titanium Maximum Security 2011 contains a pointer overwrite vulnerability in the handling of IOCTL 0x220404. Exploitation of this issue allows an attacker to execute arbitrary code within the kernel. An attacker would need...
Linux Kernel VIDIOCSMICROCODE IOCTL Local Memory Overwrite
Exploit for linux platform in category dos / poc ========================================================== Linux Kernel VIDIOCSMICROCODE IOCTL Local Memory Overwrite ========================================================== / CVE-2010-2963 Arbitrary write memory write via v4l1 compat ioctl. Kee...