6570 matches found
CVE-2005-0091
Unknown vulnerability in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch, when using the hugemem kernel, allows local users to read and write to arbitrary kernel memory and gain privileges via certain syscalls...
security flaw
Unknown vulnerability in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch, when using the hugemem kernel, allows local users to read and write to arbitrary kernel memory and gain privileges via certain syscalls...
security flaw
Race condition in the setsid function in Linux before 2.6.8.1 allows local users to cause a denial of service crash and possibly access portions of kernel memory, related to TTY changes, locking, and semaphores...
security flaw
Multiple integer signedness errors in the sgscsiioctl function in scsiioctl.c for Linux 2.6.x allow local users to read or modify kernel memory via negative integers in arguments to the scsi ioctl, which bypass a maximum length check before calling the copyfromuser and copytouser functions...
CVE-2005-0178
CVE-2005-0178 describes a race condition in the setsid() handling of the Linux kernel before 2.6.8.1. Local users could crash the kernel and potentially access portions of kernel memory related to TTY changes, locking, and semaphores. Affected software: Linux kernel versions prior to 2.6.8.1 (per...
CVE-2005-0178
Race condition in the setsid function in Linux before 2.6.8.1 allows local users to cause a denial of service crash and possibly access portions of kernel memory, related to TTY changes, locking, and semaphores...
CVE-2004-0919
The syscons CONSSCRSHOT ioctl in FreeBSD 5.x allows local users to read arbitrary kernel memory via 1 negative coordinates or 2 large coordinates...
CVE-2004-0919
CVE-2004-0919 affects FreeBSD 5.x where the syscons CONS_SCRSHOT ioctl fails to validate input arguments. The advisory reports boundary/validation errors that may allow a local attacker with console access to read arbitrary kernel memory, potentially exposing sensitive data such as kernel/termina...
CVE-2003-1062
CVE-2003-1062 affects Solaris SYSINFO(2) on SPARC 2.6–9 and x86 2.6,7,8. A local attacker can read kernel memory by exploiting a 0 variable count argument in sysinfo(2), where copyout uses a -1 argument (described as an integer underflow/overflow). The provided sources do not specify a patch vers...
CVE-2003-1062
Unknown vulnerability in the sysinfo system call for Solaris for SPARC 2.6 through 9, and Solaris for x86 2.6, 7, and 8, allows local users to read kernel memory...
CVE-2005-0180
Multiple integer signedness errors in the sgscsiioctl function in scsiioctl.c for Linux 2.6.x allow local users to read or modify kernel memory via negative integers in arguments to the scsi ioctl, which bypass a maximum length check before calling the copyfromuser and copytouser functions...
CVE-2005-0180
CVE-2005-0180 involves multiple signedness errors in sg_scsi_ioctl (scsi_ioctl.c) of Linux 2.6.x. The flaw lets a local user read or modify kernel memory by passing negative integers to the ioctl, bypassing a maximum-length check before copy_from_user/copy_to_user. Connected advisories (e.g., Man...
Multiple VMware ESX Server problems
Web interface format string bugs and protection bypass, kernel memory access...
CVE-2004-1066
The cmdline pseudofiles in 1 procfs on FreeBSD 4.8 through 5.3, and 2 linprocfs on FreeBSD 5.x through 5.3, do not properly validate a process argument vector, which allows local users to cause a denial of service panic or read portions of kernel memory. NOTE: this candidate might be SPLIT into 2...
CVE-2004-1066
The cmdline pseudofiles in 1 procfs on FreeBSD 4.8 through 5.3, and 2 linprocfs on FreeBSD 5.x through 5.3, do not properly validate a process argument vector, which allows local users to cause a denial of service panic or read portions of kernel memory. NOTE: this candidate might be SPLIT into 2...
CVE-2004-1151
Multiple buffer overflows in the 1 sys32nisyscall and 2 sys32vm86warning functions in sysia32.c for Linux 2.6.x may allow local attackers to modify kernel memory and gain privileges...
Fedora Core 2 : kernel-2.6.9-1.11_FC2 (2004-581)
A large change over previous kernels has been made. The 4G:4G memory split patch has been dropped, and Fedora kernels now revert back to the upstream 3G:1G kernel/userspace split. A number of security fixes are present in this update. CVE-2004-1016: Paul Starzetz discovered a buffer overflow...
CVE-2004-0919
The syscons CONSSCRSHOT ioctl in FreeBSD 5.x allows local users to read arbitrary kernel memory via 1 negative coordinates or 2 large coordinates...
CVE-2004-0919
The syscons CONSSCRSHOT ioctl in FreeBSD 5.x allows local users to read arbitrary kernel memory via 1 negative coordinates or 2 large coordinates...
CVE-2004-2339
Microsoft Windows 2000, XP, and possibly 2003 allows local users with the SeDebugPrivilege privilege to execute arbitrary code as kernel and read or write kernel memory via the NtSystemDebugControl function, which does not verify its pointer arguments. Note: this issue has been disputed, since...