Oracle Linux 5 : kernel (ELSA-2010-0723)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2010-0723 advisory. - misc make compatallocuserspace incorporate the accessok Don Howard 634463 634464 CVE-2010-3081 - fs xfs: fix missing untrusted inode lookup tag Dave...

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2011-2015)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2011-2015 advisory. - sctp: fix to calc the INIT/INIT-ACK chunk length correctly is set CVE-2011-1573 - dccp: fix oops on Reset after close CVE-2011-1093 - bridge:...

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2013-2520)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2013-2520 advisory. - mm/hotplug: correctly add new zone to all other nodes' zone lists Jiang Liu Orabug: 16603569 CVE-2012-5517 - ptrace: ptraceresume shouldn't wake ...

Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-1900-1)

Dmitry Monakhov reported a race condition flaw the Linux ext4 filesystem that can expose stale data. An unprivileged user could exploit this flaw to cause an information leak. CVE-2012-4508 An information leak was discovered in the Linux kernel's tkill and tgkill system calls when used from compa...

CVE-2013-2164

The mmcioctlcdromreaddata function in drivers/cdrom/cdrom.c in the Linux kernel through 3.10 allows local users to obtain sensitive information from kernel memory via a read operation on a malfunctioning CD-ROM drive...

DEBIAN-CVE-2013-2164

The mmcioctlcdromreaddata function in drivers/cdrom/cdrom.c in the Linux kernel through 3.10 allows local users to obtain sensitive information from kernel memory via a read operation on a malfunctioning CD-ROM drive...

Ubuntu Update for linux-ti-omap4 USN-1882-1

Check for the Version of linux-ti-omap4 OpenVAS Vulnerability Test $Id: gbubuntuUSN18821.nasl 7958 2017-12-01 06:47:47Z santu $ Ubuntu Update for linux-ti-omap4 USN-1882-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is...

Ubuntu: Security Advisory (USN-1883-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Cisco ASA 8.4.4.6 8.2.5.32 - Ethernet Information Leak

Cisco ASA 8.4.4.6 8.2.5.32 - Ethernet Information Leak !/usr/bin/env python CVE-2003-0001 'Etherleak' exploit ================================= Exploit for hosts which use a network device driver that pads ethernet frames with data which vary from one packet to another, likely taken from kernel...

Cisco ASA < 8.4.4.6 < 8.2.5.32 - Ethernet Information Leak

!/usr/bin/env python CVE-2003-0001 'Etherleak' exploit ================================= Exploit for hosts which use a network device driver that pads ethernet frames with data which vary from one packet to another, likely taken from kernel memory, system memory allocated to the device driver, or...

CVE-2013-2147

The HP Smart Array controller disk-array driver and Compaq SMART2 controller disk-array driver in the Linux kernel through 3.9.4 do not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory via 1 a crafted IDAGETPCIINFO command for a...

CVE-2013-2148

The filleventmetadata function in fs/notify/fanotify/fanotifyuser.c in the Linux kernel through 3.9.4 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a read operation on the fanotify descriptor...

DEBIAN-CVE-2013-2141

The dotkill function in kernel/signal.c in the Linux kernel before 3.8.9 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via a crafted application that makes a 1 tkill or 2 tgkill system call...

CVE-2013-2141

CVE-2013-2141 affects the Linux kernel; the do_tkill function in kernel/signal.c of kernels before 3.8.9 does not initialize a data structure, enabling local attackers to read sensitive kernel memory via crafted tkill/tgkill calls. Affected contexts are documented in MiracleLinux/OpenVAS advisori...

CVE-2013-2147

The HP Smart Array controller disk-array driver and Compaq SMART2 controller disk-array driver in the Linux kernel through 3.9.4 do not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory via 1 a crafted IDAGETPCIINFO command for a...

CVE-2013-2147

The HP Smart Array controller disk-array driver and Compaq SMART2 controller disk-array driver in the Linux kernel through 3.9.4 do not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory via 1 a crafted IDAGETPCIINFO command for a...

UBUNTU-CVE-2013-2148

The filleventmetadata function in fs/notify/fanotify/fanotifyuser.c in the Linux kernel through 3.9.4 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a read operation on the fanotify descriptor...

CVE-2013-2141

The dotkill function in kernel/signal.c in the Linux kernel before 3.8.9 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via a crafted application that makes a 1 tkill or 2 tgkill system call...

UBUNTU-CVE-2013-2141

The dotkill function in kernel/signal.c in the Linux kernel before 3.8.9 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via a crafted application that makes a 1 tkill or 2 tgkill system call...

Kernel: Bluetooth: possible info leak in bt_sock_recvmsg()

The btsockrecvmsg function in net/bluetooth/afbluetooth.c in the Linux kernel before 3.9-rc7 does not properly initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call...