kernel: /sys/kernel/debug/acpi/custom_method can bypass module restrictions

drivers/acpi/debugfs.c in the Linux kernel before 3.0 allows local users to modify arbitrary kernel memory locations by leveraging root privileges to write to the /sys/kernel/debug/acpi/custommethod file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-4347...

kernel: tpm infoleaks

The tpmopen function in drivers/char/tpm/tpm.c in the Linux kernel before 2.6.39 does not initialize a certain buffer, which allows local users to obtain potentially sensitive information from kernel memory via unspecified vectors...

CentOS Update for kernel CESA-2009:0001-01 centos2 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Ubuntu Update for linux-ec2 USN-1161-1

Ubuntu Update for Linux kernel vulnerabilities USN-1161-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN11611.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for linux-ec2 USN-1161-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net Th...

Ubuntu Update for linux USN-1167-1

Ubuntu Update for Linux kernel vulnerabilities USN-1167-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN11671.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for linux USN-1167-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This...

Ubuntu 10.04 LTS : linux vulnerabilities (USN-1168-1)

Timo Warns discovered that the LDM disk partition handling code did not correctly handle certain values. By inserting a specially crafted disk device, a local attacker could exploit this to gain root privileges. CVE-2011-1017 Neil Horman discovered that NFSv4 did not correctly handle certain orde...

USN-1167-1: Linux kernel vulnerabilities

Aristide Fattori and Roberto Paleari reported a flaw in the Linux kernel's handling of IPv4 icmp packets. A remote user could exploit this to cause a denial of service. CVE-2011-1927 Goldwyn Rodrigues discovered that the OCFS2 filesystem did not correctly clear memory when writing certain file...

USN-1161-1: Linux kernel vulnerabilities (EC2)

Vasiliy Kulikov discovered that kvm did not correctly clear memory. A local attacker could exploit this to read portions of the kernel stack, leading to a loss of privacy. CVE-2010-3881 Timo Warns discovered that the LDM disk partition handling code did not correctly handle certain values. By...

PT-2011-3020 · Microsoft · Windows Server 2003 +5

Name of the Vulnerable Software and Affected Versions: Windows XP versions SP2 and SP3 Windows Server 2003 version SP2 Windows Vista versions SP1 and SP2 Windows Server 2008 versions Gold, SP2, R2, and R2 SP1 Windows 7 versions Gold and SP1 Description: The issue is related to an integer overflow...

USN-1164-1: Linux kernel vulnerabilities (i.MX51)

Thomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. A local attacker could exploit this to crash the system or possibly execute arbitrary code as the root user. CVE-2010-3865 Dan Rosenberg discovered that the Linux kernel X.25 implementation incorrectly...

Ubuntu 10.10 : linux vulnerabilities (USN-1160-1)

Dan Rosenberg discovered that IRDA did not correctly check the size of buffers. On non-x86 systems, a local attacker could exploit this to read kernel heap memory, leading to a loss of privacy. CVE-2010-4529 Dan Rosenburg discovered that the CAN subsystem leaked kernel addresses into the /proc...

Design/Logic Flaw

net/ipv4/netfilter/arptables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by...

Design/Logic Flaw

net/ipv6/netfilter/ip6tables.c in the IPv6 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by...

kernel: ipv4: netfilter: ip_tables: fix infoleak to userspace

net/ipv4/netfilter/iptables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by...

kernel: ipv6: netfilter: ip6_tables: fix infoleak to userspace

net/ipv6/netfilter/ip6tables.c in the IPv6 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by...

kernel: ipv6: netfilter: ip6_tables: fix infoleak to userspace

net/ipv6/netfilter/ip6tables.c in the IPv6 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by...

kernel: ipv4: netfilter: ip_tables: fix infoleak to userspace

net/ipv4/netfilter/iptables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by...

PT-2011-2917 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.39 Description: The issue allows local users to obtain potentially sensitive information from kernel memory. This is achieved by leveraging the CAP NET ADMIN capability to issue a crafted request, and then...

kernel: IB/uverbs: Handle large number of entries in poll CQ

The ibuverbspollcq function in drivers/infiniband/core/uverbscmd.c in the Linux kernel before 2.6.37 does not initialize a certain response buffer, which allows local users to obtain potentially sensitive information from kernel memory via vectors that cause this buffer to be only partially fille...

kernel: ipv4: netfilter: arp_tables: fix infoleak to userspace

net/ipv4/netfilter/arptables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by...