SUSE CVE-2010-3080

Double free vulnerability in the sndseqossopen function in sound/core/seq/oss/seqossinit.c in the Linux kernel before 2.6.36-rc4 might allow local users to cause a denial of service or possibly have unspecified other impact via an unsuccessful attempt to open the /dev/sequencer device...

Linux Kernel < 2.6.36-rc6 pktcdvd Kernel Memory Disclosure

No description provided by source. / cve-2010-3437.c Linux Kernel 2.6.36-rc6 pktcdvd Kernel Memory Disclosure Jon Oberheide [email protected] http://jon.oberheide.org Information: https://bugzilla.redhat.com/showbug.cgi?id=638085 The PKTCTRLCMDSTATUS device ioctl retrieves a pointer to a...

Linux Kernel <= 2.6.36-rc8 - RDS Protocol Local Privilege Escalation

No description provided by source. //source: http://www.vsecurity.com/resources/advisory/20101019-1/ / Linux Kernel = 2.6.36-rc8 RDS privilege escalation exploit CVE-2010-3904 by Dan Rosenberg [email protected] Copyright 2010 Virtual Security Research, LLC The handling functions for sendin...

kernel: CAN info leak

The bcmconnect function in net/can/bcm.c aka the Broadcast Manager in the Controller Area Network CAN implementation in the Linux kernel 2.6.36 and earlier creates a publicly accessible file with a filename containing a kernel memory address, which allows local users to obtain potentially sensiti...

Linux Kernel SCTP INIT/INIT-ACK块长度远程拒绝服务漏洞

Bugtraq ID: 47308 Linux是一款开放源代码的操作系统。 在计算INIT/INIT-ACK块长度时，代码只计算了参数长度，而没有计算参数的零填充长度，如AUTH HMACS参数和CHUNKS参数。没有计算零填充长度参数可导致内核触发oops。 Linux kernel 2.6.38 Linux kernel 2.6.37 Linux kernel 2.6.37 Linux kernel 2.6.36 Linux kernel 2.6.35 Linux kernel 2.6.35 Linux kernel 2.6.35 Linux kernel 2.6.34 Linux...

kernel: missing tty ops write function presence check in hci_uart_tty_open()

The hciuartttyopen function in the HCI UART driver drivers/bluetooth/hcildisc.c in the Linux kernel 2.6.36, and possibly other versions, does not verify whether the tty has a write operation, which allows local users to cause a denial of service NULL pointer dereference via vectors related to the...

kernel: heap contents leak for CAP_NET_ADMIN via ethtool ioctl

net/core/ethtool.c in the Linux kernel before 2.6.36 does not initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel heap memory by leveraging the CAPNETADMIN capability for an ethtool ioctl call...

CVE-2010-4242

The hciuartttyopen function in the HCI UART driver drivers/bluetooth/hcildisc.c in the Linux kernel 2.6.36, and possibly other versions, does not verify whether the tty has a write operation, which allows local users to cause a denial of service NULL pointer dereference via vectors related to the...

CVE-2010-3858

The setupargpages function in fs/exec.c in the Linux kernel before 2.6.36, when CONFIGSTACKGROWSDOWN is used, does not properly restrict the stack memory consumption of the 1 arguments and 2 environment for a 32-bit application on a 64-bit platform, which allows local users to cause a denial of...

Linux Kernel 2.6.36-rc4-git2 (x86-64) - ia32syscall Emulation Privilege Escalation

Linux Kernel 2.6.36-rc4-git2 x86-64 - ia32syscall Emulation Privilege Escalation / exploit for x8664 linux kernel ia32syscall emulation again rediscovered by ben hawkes with help from robert swiecki and tavis ormandy original vulnerability discovered by Wojciech Purczynski original exploit by...