CVE-2011-2210

The osfgetsysinfo function in arch/alpha/kernel/osfsys.c in the Linux kernel before 2.6.39.4 on the Alpha platform does not properly restrict the data size for GSIGETHWRPB operations, which allows local users to obtain sensitive information from kernel memory via a crafted call...

Integer overflow

Integer signedness error in the osfsysinfo function in arch/alpha/kernel/osfsys.c in the Linux kernel before 2.6.39.4 on the Alpha platform allows local users to obtain sensitive information from kernel memory via a crafted call...

CVE-2011-2208

Integer signedness error in the osfgetdomainname function in arch/alpha/kernel/osfsys.c in the Linux kernel before 2.6.39.4 on the Alpha platform allows local users to obtain sensitive information from kernel memory via a crafted call...

CVE-2011-2209

Integer signedness error in the osfsysinfo function in arch/alpha/kernel/osfsys.c in the Linux kernel before 2.6.39.4 on the Alpha platform allows local users to obtain sensitive information from kernel memory via a crafted call...

PT-2012-1547 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.39.4 Description: The issue is related to the osf getsysinfo function in the Linux kernel, which does not properly restrict the data size for GSI GET HWRPB operations. This allows local users to obtain...

SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 4472)

This kernel update fixes the following security problems : - It was possible for local user to become root by exploiting a bug in the IA32 system call emulation. This affects x8664 platforms with kernel 2.4.x and 2.6.x before 2.6.22.7 only. CVE-2007-4573 - An information disclosure vulnerability ...

Medium: systemtap

Issue Overview: An invalid pointer read flaw was found in the way SystemTap handled malformed debugging information in DWARF format. When SystemTap unprivileged mode was enabled, an unprivileged user in the stapusr group could use this flaw to crash the system or, potentially, read arbitrary kern...

PT-2012-1085 · Red Hat +2 · Systemtap +3

Name of the Vulnerable Software and Affected Versions: SystemTap versions 1.6, 1.7 and probably other versions SystemTap versions prior to 2.0 Description: The issue allows local users to obtain sensitive information from kernel memory or cause a denial of service via vectors related to crafted...

kernel: security and bugfix update. (important)

The openSUSE 11.4 kernel was updated to fix bugs and security issues. Following security issues have been fixed: CVE-2011-4604: If root does read on a specific socket, it's possible to corrupt kernel memory over network, with an ICMP packet, if the B.A.T.M.A.N. mesh protocol is used. CVE-2011-269...

kernel: proc: /proc/<pid>/mem mem_write insufficient permission checking

The memwrite function in the Linux kernel before 3.2.2, when ASLR is disabled, does not properly check permissions when writing to /proc//mem, which allows local users to gain privileges by modifying process memory, as demonstrated by Mempodipper...

SuSE 11.1 Security Update : Linux kernel (SAT Patch Numbers 5031 / 5055)

The SUSE Linux Enterprise 11 Service Pack 1 kernel was updated to 2.6.32.45 and fixes various bugs and security issues. The following security issues have been fixed : - Timo Warns reported an issue in the Linux implementation for GUID partitions. Users with physical access could gain access to...

Juniper Junos Next-Gen MVPN Senario Malformed Message Handling Remote DoS (PSN-2011-10-391)

According to its self-reported version number, the remote Juniper router has a denial of service vulnerability. In a Next Generation MVPN scenario, a kernel memory buffer could get corrupted when the router receives a bootstrap or auto-RP message larger than 204 bytes, causing the kernel to crash...

Google Android 2.3.5 - PowerVR SGX Driver Information Disclosure

// source: https://www.securityfocus.com/bid/57900/info The PowerVR SGX driver in Android is prone to an information-disclosure vulnerability. Successful exploits allows an attacker to gain access to sensitive information. Information obtained may aid in further attacks. Android 2.3.5 and prior...

Ubuntu 10.04 LTS : linux-lts-backport-maverick vulnerabilities (USN-1242-1)

It was discovered that the security fix for CVE-2010-4250 introduced a regression. A remote attacker could exploit this to crash the system, leading to a denial of service. CVE-2011-1479 Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit...

kernel: tpm infoleaks

The tpmopen function in drivers/char/tpm/tpm.c in the Linux kernel before 2.6.39 does not initialize a certain buffer, which allows local users to obtain potentially sensitive information from kernel memory via unspecified vectors...

USN-1212-1 : linux-ti-omap4 vulnerabilities

Goldwyn Rodrigues discovered that the OCFS2 filesystem did not correctly clear memory when writing certain file holes. A local attacker could exploit this to read uninitialized data from the disk, leading to a loss of privacy. CVE-2011-0463 Timo Warns discovered that the LDM disk partition handli...

Ubuntu Update for linux-ti-omap4 USN-1202-1

Ubuntu Update for Linux kernel vulnerabilities USN-1202-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN12021.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for linux-ti-omap4 USN-1202-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.n...

kernel: tpm infoleaks

The tpmopen function in drivers/char/tpm/tpm.c in the Linux kernel before 2.6.39 does not initialize a certain buffer, which allows local users to obtain potentially sensitive information from kernel memory via unspecified vectors...

kernel: /sys/kernel/debug/acpi/custom_method can bypass module restrictions

drivers/acpi/debugfs.c in the Linux kernel before 3.0 allows local users to modify arbitrary kernel memory locations by leveraging root privileges to write to the /sys/kernel/debug/acpi/custommethod file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-4347...

CentOS Update for kernel CESA-2009:0001-01 centos2 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...