FreeBSD-SA-12:08.linux

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-12:08.linux Security Advisory The FreeBSD Project Topic: Linux compatibility layer input validation error Category: core Module: kernel Announced: 2012-11-22...

PT-2012-4086 · Microsoft · Windows Server 2003 +5

Name of the Vulnerable Software and Affected Versions: Microsoft Windows XP versions SP2 through SP3 Microsoft Windows Server 2003 version SP2 Microsoft Windows Vista version SP2 Microsoft Windows Server 2008 versions SP2 through R2 SP1 Microsoft Windows 7 versions Gold through SP1 Description: T...

UBUNTU-CVE-2012-4530

The loadscript function in fs/binfmtscript.c in the Linux kernel before 3.7.2 does not properly handle recursion, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...

DEBIAN-CVE-2012-3510

Use-after-free vulnerability in the xacctaddtsk function in kernel/tsacct.c in the Linux kernel before 2.6.19 allows local users to obtain potentially sensitive information from kernel memory or cause a denial of service system crash via a taskstats TASKSTATSCMDATTRPID command...

CVE-2012-3510

Use-after-free vulnerability in the xacctaddtsk function in kernel/tsacct.c in the Linux kernel before 2.6.19 allows local users to obtain potentially sensitive information from kernel memory or cause a denial of service system crash via a taskstats TASKSTATSCMDATTRPID command...

kernel: recv{from,msg}() on an rds socket can leak kernel memory

The rdsrecvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a 1 recvfrom or 2 recvmsg system call on an RDS socket...

RHEL 6 : kernel (RHSA-2012:1304)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:1304 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: An...

CVE-2012-3729

The Berkeley Packet Filter BPF interpreter implementation in the kernel in Apple iOS before 6 accesses uninitialized memory locations, which allows local users to obtain sensitive information about the layout of kernel memory via a crafted program that uses a BPF interface...

Design/Logic Flaw

The Berkeley Packet Filter BPF interpreter implementation in the kernel in Apple iOS before 6 accesses uninitialized memory locations, which allows local users to obtain sensitive information about the layout of kernel memory via a crafted program that uses a BPF interface...

CVE-2012-3729

CVE-2012-3729 is a kernel vulnerability in Apple iOS (pre-6) related to the Berkeley Packet Filter (BPF) interpreter. The issue is an uninitialized memory access in the kernel’s BPF path, which could allow a local attacker to read kernel memory layout information via a crafted BPF program. The vu...

Ubuntu: Security Advisory (USN-1515-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2011-1160

The tpmopen function in drivers/char/tpm/tpm.c in the Linux kernel before 2.6.39 does not initialize a certain buffer, which allows local users to obtain potentially sensitive information from kernel memory via unspecified vectors...

CVE-2011-1021

drivers/acpi/debugfs.c in the Linux kernel before 3.0 allows local users to modify arbitrary kernel memory locations by leveraging root privileges to write to the /sys/kernel/debug/acpi/custommethod file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-4347...

CVE-2011-1021

drivers/acpi/debugfs.c in the Linux kernel before 3.0 allows local users to modify arbitrary kernel memory locations by leveraging root privileges to write to the /sys/kernel/debug/acpi/custommethod file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-4347...

UBUNTU-CVE-2011-1021

drivers/acpi/debugfs.c in the Linux kernel before 3.0 allows local users to modify arbitrary kernel memory locations by leveraging root privileges to write to the /sys/kernel/debug/acpi/custommethod file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-4347...

Design/Logic Flaw

drivers/acpi/debugfs.c in the Linux kernel before 3.0 allows local users to modify arbitrary kernel memory locations by leveraging root privileges to write to the /sys/kernel/debug/acpi/custommethod file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-4347...

CVE-2011-1160

Technical details for CVE-2011-1160 are not publicly available in the supplied connected documents. The initial description identifies a kernel memory info leak in tpm_open (Linux kernel

CVE-2011-1021

drivers/acpi/debugfs.c in the Linux kernel before 3.0 allows local users to modify arbitrary kernel memory locations by leveraging root privileges to write to the /sys/kernel/debug/acpi/custommethod file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-4347...

PT-2012-1502 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.0 Description: The issue allows local users with root privileges to modify arbitrary kernel memory locations by writing to the /sys/kernel/debug/acpi/custom method file. This is due to an incomplete fix for a...

CVE-2011-2208

Integer signedness error in the osfgetdomainname function in arch/alpha/kernel/osfsys.c in the Linux kernel before 2.6.39.4 on the Alpha platform allows local users to obtain sensitive information from kernel memory via a crafted call...