IPComp - encapsulation Kernel Memory Corruption

IPComp - encapsulation Kernel Memory Corruption // source: http://lists.grok.org.uk/pipermail/full-disclosure/2011-April/080031.html BSD derived RFC3173 IPComp encapsulation will expand arbitrarily nested payload -------------------------------------------------------------------------------...

IPComp encapsulation nested payload vulnerability

Overview Some IPComp implementations may contain a kernel memory corruption vulnerability in their handling of nested encapsulation of IPComp payloads. Description RFC 3173 defines the IP Payload Compression Protocol IPComp as:IP payload compression is a protocol to reduce the size of IP datagram...

IPComp - encapsulation Kernel Memory Corruption

// source: http://lists.grok.org.uk/pipermail/full-disclosure/2011-April/080031.html BSD derived RFC3173 IPComp encapsulation will expand arbitrarily nested payload ------------------------------------------------------------------------------- Gruezi, this document describes CVE-2011-1547. RFC31...

kernel: CAN info leak

The bcmconnect function in net/can/bcm.c aka the Broadcast Manager in the Controller Area Network CAN implementation in the Linux kernel 2.6.36 and earlier creates a publicly accessible file with a filename containing a kernel memory address, which allows local users to obtain potentially sensiti...

Ubuntu 9.10 : linux, linux-ec2 vulnerabilities (USN-1073-1)

Gleb Napatov discovered that KVM did not correctly check certain privileged operations. A local attacker with access to a guest kernel could exploit this to crash the host system, leading to a denial of service. CVE-2010-0435 Dan Jacobson discovered that ThinkPad video output was not correctly...

Ubuntu 8.04 LTS : linux vulnerabilities (USN-1072-1)

Gleb Napatov discovered that KVM did not correctly check certain privileged operations. A local attacker with access to a guest kernel could exploit this to crash the host system, leading to a denial of service. CVE-2010-0435 Dave Chinner discovered that the XFS filesystem did not correctly order...

USN-1074-2: Linux kernel vulnerabilities

Dan Rosenberg discovered that the RDS network protocol did not correctly check certain parameters. A local attacker could exploit this gain root privileges. CVE-2010-3904 Nelson Elhage discovered several problems with the Acorn Econet protocol driver. A local user could cause a denial of service...

Ubuntu Update for linux vulnerabilities USN-1072-1

Ubuntu Update for Linux kernel vulnerabilities USN-1072-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN10721.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for linux vulnerabilities USN-1072-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH,...

USN-1071-1: Linux kernel vulnerabilities

Tavis Ormandy discovered that the Linux kernel did not properly implement exception fixup. A local attacker could exploit this to crash the kernel, leading to a denial of service. CVE-2010-3086 Dan Rosenberg discovered that the Linux kernel TIPC implementation contained multiple integer signednes...

Ubuntu: Security Advisory (USN-1057-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-1057-1: Linux kernel vulnerabilities

Dave Chinner discovered that the XFS filesystem did not correctly order inode lookups when exported by NFS. A remote attacker could exploit this to read or write disk blocks that had changed file assignment or had become unlinked, leading to a loss of privacy. CVE-2010-2943 Dan Rosenberg discover...

[SECURITY] [DSA 2153-1] linux-2.6 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2153-1 [email protected] http://www.debian.org/security/ dann frazier January 30, 2011 http://www.debian.org/security/faq -...

SuSE 11.1 Security Update : Linux kernel (SAT Patch Numbers 3068 / 3069 / 3070)

This SUSE Linux Enterprise 11 Service Pack 1 kernel contains various security fixes and lots of other bugfixes. Notable larger bugfixes and changes : - 603464: Fix system freezewhen doing a network crashdump with a netxennic driver - 610828: Avoid kernel failure on connects/disconnects to a novel...

kernel: drivers/sound/pci/rme9652/hdsp.c: reading uninitialized stack memory

The sndhdsphwdepioctl function in sound/pci/rme9652/hdsp.c in the Linux kernel before 2.6.36-rc6 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via an SNDRVHDSPIOCTLGETCONFIGINFO ioctl call...

kernel: ipc/compat*.c: reading uninitialized stack memory

The ipc subsystem in the Linux kernel before 2.6.37-rc1 does not initialize certain structures, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the 1 compatsyssemctl, 2 compatsysmsgctl, and 3 compatsysshmctl functions in...

kernel: mm: mem allocated invisible to oom_kill() when not attached to any threads

fs/exec.c in the Linux kernel before 2.6.37 does not enable the OOM Killer to assess use of stack memory by arrays representing the 1 arguments and 2 environment, which allows local users to cause a denial of service memory consumption via a crafted exec system call, aka an "OOM dodging issue," a...

kernel: xfs: XFS_IOC_FSGETXATTR ioctl memory leak

The xfsiocfsgetxattr function in fs/xfs/linux-2.6/xfsioctl.c in the Linux kernel before 2.6.36-rc4 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an ioctl call...

kernel: drivers/serial/serial_core.c: reading uninitialized stack memory

The uartgetcount function in drivers/serial/serialcore.c in the Linux kernel before 2.6.37-rc1 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call...

Silicon Graphics Inc (SGI) - IRIX - Local Kernel Memory Disclosure/Denial of Service

===============================ADVISORY=============================== Advisory: Silicon Graphics Inc SGI - IRIX - Local Kernel Memory Disclosure/Denial of Service Advisory ID: DSEC-2010-0001 Author: Neil Kettle, Digit Security Ltd Affected Software: Silicon Graphics SGI IRIX Vendor URL:...

SuSE Update for kernel SUSE-SA:2010:039

Check for the Version of kernel OpenVAS Vulnerability Test SuSE Update for kernel SUSE-SA:2010:039 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...