181 matches found
Linux Kernel 2.6.x pipe.c Local Privilege Escalation Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/36901/info Linux kernel is prone to a local privilege-escalation vulnerability that is caused by a NULL-pointer dereference. Local attackers can exploit this issue to execute arbitrary code with kernel-level privileges...
CVE-2013-4736
Multiple integer overflows in the JPEG engine drivers in the MSM camera driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, allow attackers to cause a denial of service system crash via a large number of...
CVE-2013-4736
Multiple integer overflows in the JPEG engine drivers in the MSM camera driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, allow attackers to cause a denial of service system crash via a large number of...
Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2011-2033)
The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2011-2033 advisory. - ipv6: make fragment identifications less predictable Joe Jin CVE-2011-2699 - vlan: fix panic when handling priority tagged frames Joe Jin...
Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2011-2037)
The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2011-2037 advisory. - netdrv be2net: Merge fixes for CVE-2011-3347 Joe Jin Tenable has extracted the preceding description block directly from the Oracle Linux securit...
SuSE 11.1 Security Update : net-snmp (SAT Patch Number 6517)
This update to net-snmp resolves the following issues : - Specially crafted SNMP GET requests could cause a denial of service application crash via a heap-based out-out-bounds read flaw which could be exploited remotely. CVE-2012-2141 - The snmpd agent should read shared memory information from...
Linux Kernel 2.6.x /proc Rootkit Backdoor (Unix/Darbe-A)
Linux Kernel 2.6.x /proc rootkitUnix/Darbe-A Date: ===== 2012-11-21 Introduction: ============= Unix/Darbe-A is a new kernel rootkit based /proc file system., modification is made in order to support kernel 2.6.x Detected ========...
Buffer overflow
Buffer overflow in the xfsreadlink function in fs/xfs/xfsvnodeops.c in XFS in the Linux kernel 2.6, when CONFIGXFSDEBUG is disabled, allows local users to cause a denial of service memory corruption and crash and possibly execute arbitrary code via an XFS image containing a symbolic link with a...
Code injection
The cleanupjournaltail function in the Journaling Block Device JBD functionality in the Linux kernel 2.6 allows local users to cause a denial of service assertion error and kernel oops via an ext3 or ext4 image with an "invalid log first block value."...
CVE-2011-4077
CVE-2011-4077 is a Linux kernel XFS-related vulnerability described in the provided documents as a buffer overflow in the xfs_readlink function (fs/xfs/xfs_vnodeops.c) when CONFIG_XFS_DEBUG is disabled. The issue affects Linux kernel 2.6 with XFS, allowing a local attacker to cause memory corrupt...
kernel: keys: NULL pointer deref in the user-defined key type
The userupdate function in security/keys/userdefined.c in the Linux kernel 2.6 allows local users to cause a denial of service NULL pointer dereference and kernel oops via vectors related to a user-defined key and "updating a negative key into a fully instantiated key."...
Linux系统kexec-tools mkdumprd工具信息泄露漏洞
BUGTRAQ ID: 50415 CVE ID: CVE-2011-3589 Linux是自由电脑操作系统内核。 Linux系统的mkdumprd工具在实现上存在本地信息泄露漏洞,本地攻击者可利用此漏洞获取敏感信息 Linux kernel 3.x Linux kernel 2.6.x RedHat Enterprise Linux Workstation 6 RedHat Enterprise Linux Server 6 RedHat Enterprise Linux HPC Node 6 RedHat Enterprise Linux Desktop 6 厂商补丁: Linux...
Linux系统kexec-tools "kdump/mkdumprd"信息泄露漏洞
BUGTRAQ ID: 50420 CVE ID: CVE-2011-3590 Linux是自由电脑操作系统。 Linux系统的kdump/mkdumprd工具在实现上存在本地信息泄露漏洞,本地攻击者可利用此漏洞获取敏感信息,例如根用户使用的ssh密钥。 Linux kernel 3.x Linux kernel 2.6.x RedHat Enterprise Linux Workstation 6 RedHat Enterprise Linux Server 6 RedHat Enterprise Linux HPC Node 6 RedHat Enterprise Linux...
UBUNTU-CVE-2011-2203
The hfsfindinit function in the Linux kernel 2.6 allows local users to cause a denial of service NULL pointer dereference and Oops by mounting an HFS file system with a malformed MDB extent record...
CVE-2011-1162
The tpmread function in the Linux kernel 2.6 does not properly clear memory, which might allow local users to read the results of the previous TPM command...
kernel: keys: NULL pointer deref in the user-defined key type
The userupdate function in security/keys/userdefined.c in the Linux kernel 2.6 allows local users to cause a denial of service NULL pointer dereference and kernel oops via vectors related to a user-defined key and "updating a negative key into a fully instantiated key."...
Linux GNU Debugger "debug_gdb_scripts"加载任意代码执行漏洞
BUGTRAQ ID: 50829 CVE ID: CVE-2011-4355 Linux是自由电脑操作系统内核,Linux所带的GNU Debugger gdb工具实现上存在漏洞,在定义了.debuggdbscripts后,gdb会从当前目录加载可疑文件,造成以当前用户权限执行任意代码。 Linux kernel 2.6.x 厂商补丁: Linux ----- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.kernel.org/...
CVE-2011-4330
Stack-based buffer overflow in the hfsmac2asc function in fs/hfs/trans.c in the Linux kernel 2.6 allows local users to cause a denial of service crash and possibly execute arbitrary code via an HFS image with a crafted len field...
CVE-2011-4110
The userupdate function in security/keys/userdefined.c in the Linux kernel 2.6 allows local users to cause a denial of service NULL pointer dereference and kernel oops via vectors related to a user-defined key and "updating a negative key into a fully instantiated key."...
kernel: tpm: infoleak
The tpmread function in the Linux kernel 2.6 does not properly clear memory, which might allow local users to read the results of the previous TPM command...