Windows NT - User Mode to Ring 0 Escalation Vulnerability

No description provided by source. Microsoft Windows NT GP Trap Handler Allows Users to Switch Kernel Stack ------------------------------------------------------------------------- CVE-2010-0232 In order to support BIOS service routines in legacy 16bit applications, the Windows NT Kernel support...

openSUSE Security Update : kernel (openSUSE-SU-2011:0004-1)

The openSUSE 11.3 kernel was updated to fix various bugs and security issues. Following security issues have been fixed: CVE-2010-4347: A local user could inject ACPI code into the kernel via the world-writable 'customdebug' file, allowing local privilege escalation. CVE-2010-4258: A local attack...

SuSE 11.3 Security Update : Linux kernel (SAT Patch Numbers 9102 / 9104 / 9105)

The SUSE Linux Enterprise 11 Service Pack 3 kernel has been updated to fix various bugs and security issues. ---------------------------------------------------------------------- - WARNING: If you are running KVM with PCI pass-through on a system with one of the following Intel chipsets: 5500...

SuSE 11.3 Security Update : Linux Kernel (SAT Patch Numbers 9047 / 9050 / 9051)

The SUSE Linux Enterprise 11 Service Pack 3 kernel was updated to fix various bugs and security issues. ---------------------------------------------------------------------- - WARNING: If you are running KVM with PCI pass-through on a system with one of the following Intel chipsets: 5500 revisio...

Scientific Linux Security Update : kernel on SL5.x i386/x86_64 (20140312)

A buffer overflow flaw was found in the way the qethsnmpcommand function in the Linux kernel's QETH network device driver implementation handled SNMP IOCTL requests with an out-of-bounds length. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their...

Ubuntu: Security Advisory (USN-2138-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 5 / 6 : unbreakable enterprise kernel (ELSA-2014-3009)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-3009 advisory. - inet: fix addrlen/msg-msgnamelen assignment in recverror and rxpmtu functions Hannes Frederic Sowa 18247289 CVE-2013-7263 CVE-2013-7265 - inet:...

RHEL 6 : kernel (RHSA-2014:0159)

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

Kernel: net: leakage of uninitialized memory to user-space via recv syscalls

The Linux kernel before 3.12.4 updates certain length values before ensuring that associated data structures have been initialized, which allows local users to obtain sensitive information from kernel stack memory via a 1 recvfrom, 2 recvmmsg, or 3 recvmsg system call, related to net/ipv4/ping.c,...

CVE-2013-4739

The MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, allows attackers to obtain sensitive information from kernel stack memory via 1 a crafted MSMMCRIOCTLEVTGET ioctl call, related to...

UBUNTU-CVE-2013-4739

The MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, allows attackers to obtain sensitive information from kernel stack memory via 1 a crafted MSMMCRIOCTLEVTGET ioctl call, related to...

Design/Logic Flaw

The MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, allows attackers to obtain sensitive information from kernel stack memory via 1 a crafted MSMMCRIOCTLEVTGET ioctl call, related to...

Linux Kernel (Ubuntu 11.10/12.04) - binfmt_script Stack Data Disclosure

Source: http://www.halfdog.net/Security/2012/LinuxKernelBinfmtScriptStackDataDisclosure/ Introduction Problem description: Linux kernel binfmtscript handling in combination with CONFIGMODULES can lead to disclosure of kernel stack data during execve via copy of data from dangling pointer to stack...

CVE-2013-7281

The dgramrecvmsg function in net/ieee802154/dgram.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a 1 recvfrom, 2...

DEBIAN-CVE-2013-7264

The l2tpiprecvmsg function in net/l2tp/l2tpip.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a 1 recvfrom, 2 recvmmsg, ...

CVE-2013-7265

The pnrecvmsg function in net/phonet/datagram.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a 1 recvfrom, 2 recvmmsg, ...

Information disclosure

The pnrecvmsg function in net/phonet/datagram.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a 1 recvfrom, 2 recvmmsg, ...

CVE-2013-7265

The pnrecvmsg function in net/phonet/datagram.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a 1 recvfrom, 2 recvmmsg, ...

CVE-2013-7264

The l2tpiprecvmsg function in net/l2tp/l2tpip.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a 1 recvfrom, 2 recvmmsg, ...

Design/Logic Flaw

The genlockdevioctl function in genlock.c in the Genlock driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, does not properly initialize a certain data structure, which allows local users to obtain sensitive...