6578 matches found
Ubuntu Update for linux USN-1167-1
Ubuntu Update for Linux kernel vulnerabilities USN-1167-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN11671.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for linux USN-1167-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This...
Ubuntu 10.04 LTS : linux vulnerabilities (USN-1168-1)
Timo Warns discovered that the LDM disk partition handling code did not correctly handle certain values. By inserting a specially crafted disk device, a local attacker could exploit this to gain root privileges. CVE-2011-1017 Neil Horman discovered that NFSv4 did not correctly handle certain orde...
Ubuntu Update for linux-ec2 USN-1161-1
Ubuntu Update for Linux kernel vulnerabilities USN-1161-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN11611.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for linux-ec2 USN-1161-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net Th...
USN-1167-1: Linux kernel vulnerabilities
Aristide Fattori and Roberto Paleari reported a flaw in the Linux kernel's handling of IPv4 icmp packets. A remote user could exploit this to cause a denial of service. CVE-2011-1927 Goldwyn Rodrigues discovered that the OCFS2 filesystem did not correctly clear memory when writing certain file...
USN-1161-1: Linux kernel vulnerabilities (EC2)
Vasiliy Kulikov discovered that kvm did not correctly clear memory. A local attacker could exploit this to read portions of the kernel stack, leading to a loss of privacy. CVE-2010-3881 Timo Warns discovered that the LDM disk partition handling code did not correctly handle certain values. By...
PT-2011-3020 · Microsoft · Windows Server 2003 +5
Name of the Vulnerable Software and Affected Versions: Windows XP versions SP2 and SP3 Windows Server 2003 version SP2 Windows Vista versions SP1 and SP2 Windows Server 2008 versions Gold, SP2, R2, and R2 SP1 Windows 7 versions Gold and SP1 Description: The issue is related to an integer overflow...
USN-1164-1: Linux kernel vulnerabilities (i.MX51)
Thomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. A local attacker could exploit this to crash the system or possibly execute arbitrary code as the root user. CVE-2010-3865 Dan Rosenberg discovered that the Linux kernel X.25 implementation incorrectly...
Ubuntu 10.10 : linux vulnerabilities (USN-1160-1)
Dan Rosenberg discovered that IRDA did not correctly check the size of buffers. On non-x86 systems, a local attacker could exploit this to read kernel heap memory, leading to a loss of privacy. CVE-2010-4529 Dan Rosenburg discovered that the CAN subsystem leaked kernel addresses into the /proc...
Design/Logic Flaw
net/ipv6/netfilter/ip6tables.c in the IPv6 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by...
Design/Logic Flaw
net/ipv4/netfilter/arptables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by...
kernel: ipv6: netfilter: ip6_tables: fix infoleak to userspace
net/ipv6/netfilter/ip6tables.c in the IPv6 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by...
kernel: ipv4: netfilter: ip_tables: fix infoleak to userspace
net/ipv4/netfilter/iptables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by...
kernel: ipv6: netfilter: ip6_tables: fix infoleak to userspace
net/ipv6/netfilter/ip6tables.c in the IPv6 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by...
kernel: ipv4: netfilter: ip_tables: fix infoleak to userspace
net/ipv4/netfilter/iptables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by...
PT-2011-2917 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.39 Description: The issue allows local users to obtain potentially sensitive information from kernel memory. This is achieved by leveraging the CAP NET ADMIN capability to issue a crafted request, and then...
kernel: IB/uverbs: Handle large number of entries in poll CQ
The ibuverbspollcq function in drivers/infiniband/core/uverbscmd.c in the Linux kernel before 2.6.37 does not initialize a certain response buffer, which allows local users to obtain potentially sensitive information from kernel memory via vectors that cause this buffer to be only partially fille...
kernel: ipv4: netfilter: arp_tables: fix infoleak to userspace
net/ipv4/netfilter/arptables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by...
PT-2012-1507 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.39 Description: The issue allows local users to obtain potentially sensitive information from kernel stack memory. This is possible because the do replace function in net/bridge/netfilter/ebtables.c does not...
kernel: nfs4: Ensure that ACL pages sent over NFS were not allocated from the slab
The nfs4procsetacl function in fs/nfs/nfs4proc.c in the Linux kernel before 2.6.38 stores NFSv4 ACL data in memory that is allocated by kmalloc but not properly freed, which allows local users to cause a denial of service panic via a crafted attempt to set an ACL...
FreeBSD sendfile() information leak
If file size it changed content of kernel memory can be disclosured...