6589 matches found
Re: [oss-security] CVE Request: Linux kernel ALSA core control API vulnerabilities
Hi, The mail that was send by Lars-Peter to the ALSA developers. Takashi Tiwai gave approval to forward it here. Ciao, Marcus ------------------------------------------------------------------- Subject: PATCH 0/5 Use-after-free and out-of-bounds acccess vulnerabilities in the ALSA control code...
CVE-2014-0206
Array index error in the aioreadeventsring function in fs/aio.c in the Linux kernel through 3.15.1 allows local users to obtain sensitive information from kernel memory via a large head value...
DEBIAN-CVE-2014-0206
Array index error in the aioreadeventsring function in fs/aio.c in the Linux kernel through 3.15.1 allows local users to obtain sensitive information from kernel memory via a large head value...
Design/Logic Flaw
Array index error in the aioreadeventsring function in fs/aio.c in the Linux kernel through 3.15.1 allows local users to obtain sensitive information from kernel memory via a large head value...
CVE-2014-0206
Array index error in the aioreadeventsring function in fs/aio.c in the Linux kernel through 3.15.1 allows local users to obtain sensitive information from kernel memory via a large head value...
CVE-2014-0206
Array index error in the aioreadeventsring function in fs/aio.c in the Linux kernel through 3.15.1 allows local users to obtain sensitive information from kernel memory via a large head value...
UBUNTU-CVE-2014-0206
Array index error in the aioreadeventsring function in fs/aio.c in the Linux kernel through 3.15.1 allows local users to obtain sensitive information from kernel memory via a large head value...
kernel: block: floppy: privilege escalation via FDRAWCMD floppy ioctl command
A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free using the kfree function arbitrary kernel memory. CVE-2014-173...
kernel: block: floppy: privilege escalation via FDRAWCMD floppy ioctl command
A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free using the kfree function arbitrary kernel memory. CVE-2014-173...
kernel: aio: insufficient sanitization of head in aio_read_events_ring()
Array index error in the aioreadeventsring function in fs/aio.c in the Linux kernel through 3.15.1 allows local users to obtain sensitive information from kernel memory via a large head value...
CVE-2014-1739
The mediadeviceenumentities function in drivers/media/media-device.c in the Linux kernel before 3.14.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveraging /dev/media0 read access for a MEDIAIOCENUMENTITIES ioctl...
Information disclosure
The mediadeviceenumentities function in drivers/media/media-device.c in the Linux kernel before 3.14.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveraging /dev/media0 read access for a MEDIAIOCENUMENTITIES ioctl...
CVE-2014-1739
The mediadeviceenumentities function in drivers/media/media-device.c in the Linux kernel before 3.14.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveraging /dev/media0 read access for a MEDIAIOCENUMENTITIES ioctl...
CVE-2014-1739
CVE-2014-1739 affects the Linux kernel before 3.14.6, where the function media_device_enum_entities in drivers/media/media-device.c fails to initialize a data structure. This leads to an information disclosure vulnerability: a local attacker with access to /dev/media0 can read kernel memory throu...
UBUNTU-CVE-2014-1739
The mediadeviceenumentities function in drivers/media/media-device.c in the Linux kernel before 3.14.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveraging /dev/media0 read access for a MEDIAIOCENUMENTITIES ioctl...
Important: Red Hat Security Advisory: kernel security and bug fix update
Updated kernel packages that fix three security issues and two bugs are now available for Red Hat Enterprise Linux 5.9 Extended Update Support. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which...
kernel: block: floppy: privilege escalation via FDRAWCMD floppy ioctl command
A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free using the kfree function arbitrary kernel memory. CVE-2014-173...
kernel: block: floppy: privilege escalation via FDRAWCMD floppy ioctl command
A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free using the kfree function arbitrary kernel memory. CVE-2014-173...
kernel: block: floppy: privilege escalation via FDRAWCMD floppy ioctl command
A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free using the kfree function arbitrary kernel memory. CVE-2014-173...
kernel: block: floppy: privilege escalation via FDRAWCMD floppy ioctl command
A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free using the kfree function arbitrary kernel memory. CVE-2014-173...