kernel: xfs swapext ioctl minor security issue

The xfsswapext function in fs/xfs/xfsdfrag.c in the Linux kernel before 2.6.35 does not properly check the file descriptors passed to the SWAPEXT ioctl, which allows local users to leverage write access and obtain read access by swapping one file into another file...

QQ Computer Manager DoS

Crash on IOCTL processing...

Avast! Internet Security 5.0 - aswFW.sys Kernel Driver IOCTL Memory Pool Corruption

Avast! Internet Security 5.0 - aswFW.sys Kernel Driver IOCTL Memory Pool Corruption +-------------------------------------------------------------------------------------+ | Avast! Internet Security 5.0 'aswFW.sys' kernel driver IOCTL Memory Pool Corruption |...

Avast! Internet Security 5.0 Denial Of Service

+-------------------------------------------------------------------------------------+ | Avast! Internet Security 5.0 'aswFW.sys' kernel driver IOCTL Memory Pool Corruption | +-------------------------------------------------------------------------------------+ Tested Platform: Avast! Internet...

Avast! Internet Security 5.0 aswFW.sys kernel driver IOCTL Memory Pool Corruption

No description provided by source. +-------------------------------------------------------------------------------------+ | Avast! Internet Security 5.0 'aswFW.sys' kernel driver IOCTL Memory Pool Corruption | +-------------------------------------------------------------------------------------...

Avast! 5.0 aswFW.sys kernel driver IOCTL Memory Pool Corruption

Exploit for windows platform in category dos / poc ================================================================================= Avast! Internet Security 5.0 aswFW.sys kernel driver IOCTL Memory Pool Corruption =================================================================================...

kernel: GFS2: The setflags ioctl() doesn't check file ownership

The dogfs2setflags function in fs/gfs2/file.c in the Linux kernel before 2.6.34-git10 does not verify the ownership of a file, which allows local users to bypass intended access restrictions via a SETFLAGS ioctl request...

Linux Kernel XFS实现xfs_swapext()函数本地信息泄露漏洞

BUGTRAQ ID: 40920 CVE ID: CVE-2010-2226 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的fs/xfs/xfsdfrag.c文件中的xfsswapext函数没有正确地验证访问权限，本地用户可以通过提交特制的 IOCTL请求将属于其他用户的只读文件的内容交换到自己可读的文件中，导致泄漏敏感信息。 Linux kernel 2.6.x 厂商补丁： Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

Microsoft Windows OpenType Compact Font Format driver memory corruption

Memory corruption on IOCTL processing...

CVE-2010-1636

The CVE-2010-1636 issue affects the Linux kernel’s btrfs_ioctl_clone path (fs/btrfs/ioctl.c) where cloned file descriptors are not guaranteed to be opened for reading, allowing local users to read from a write-only descriptor. Affected: 2.6.29–2.6.32 (and possibly other versions). Impact: potenti...

CVE-2010-1636

The btrfsioctlclone function in fs/btrfs/ioctl.c in the btrfs functionality in the Linux kernel 2.6.29 through 2.6.32, and possibly other versions, does not ensure that a cloned file descriptor has been opened for reading, which allows local users to read sensitive information from a write-only...

PT-2010-3298 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions 2.6.29 through 2.6.32 Description: The issue arises from the btrfs ioctl clone function in fs/btrfs/ioctl.c, which does not verify if a cloned file descriptor is opened for reading. This oversight allows local users to...

CVE-2010-1641

The dogfs2setflags function in fs/gfs2/file.c in the Linux kernel before 2.6.34-git10 does not verify the ownership of a file, which allows local users to bypass intended access restrictions via a SETFLAGS ioctl request...

Design/Logic Flaw

The dogfs2setflags function in fs/gfs2/file.c in the Linux kernel before 2.6.34-git10 does not verify the ownership of a file, which allows local users to bypass intended access restrictions via a SETFLAGS ioctl request...

CVE-2010-1641

CVE-2010-1641 affects the Linux kernel’s gfs2 file operations. MiracleLinux AXSA-2010-377:12 notes the affected kernel (2.6.18-194.3.AXS3) and flags that do_gfs2_set_flags does not verify file ownership, allowing local bypass via a SETFLAGS ioctl. The vulnerability corresponds to Linux kernels be...

CVE-2010-1641

The dogfs2setflags function in fs/gfs2/file.c in the Linux kernel before 2.6.34-git10 does not verify the ownership of a file, which allows local users to bypass intended access restrictions via a SETFLAGS ioctl request...

Kingsoft WebShield privilege escalation

Kernel memory overwrite on IOCTL processing...

CVE-2010-2031

KAVSafe.sys 2010.4.14.609 and earlier, as used in Kingsoft Webshield 3.5.1.2 and earlier, allows local users to overwrite arbitrary kernel memory via a crafted request to IOCTL 0x830020d4 on the KAVSafe device...

CVE-2010-2031

CVE-2010-2031 affects KAVSafe.sys 2010.4.14.609 and earlier (used with Kingsoft Webshield 3.5.1.2 and earlier). It allows local users to overwrite arbitrary kernel memory via a crafted IOCTL 0x830020d4 request to the KAVSafe device. The NVD entry documents a local-exploit scenario with a CVSSv2 b...

Linux Kernel 2.6.x - Btrfs Cloned File Security Bypass

Linux Kernel 2.6.x - Btrfs Cloned File Security Bypass / source: https://www.securityfocus.com/bid/40241/info The Linux Kernel is prone to a security-bypass vulnerability that affects the Btrfs filesystem implementation. An attacker can exploit this issue to clone a file only open for writing. Th...