kernel: gfs2 buffer overflow

gfs2 in the Linux kernel 2.6.18, and possibly other versions, does not properly handle when the gfs2quota struct occupies two separate pages, which allows local users to cause a denial of service kernel panic via certain manipulations that cause an out-of-bounds write, as demonstrated by writing...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

kernel: nfsv4: kernel panic in nfs4_proc_lock()

The nfs4proclock function in fs/nfs/nfs4proc.c in the NFSv4 client in the Linux kernel before 2.6.31-rc4 allows remote NFS servers to cause a denial of service NULL pointer dereference and panic by sending a certain response containing incorrect file attributes, which trigger attempted use of an...

kernel: ipv6: skb is unexpectedly freed

Use-after-free vulnerability in net/ipv4/tcpinput.c in the Linux kernel 2.6 before 2.6.20, when IPV6RECVPKTINFO is set on a listening socket, allows remote attackers to cause a denial of service kernel panic via a SYN packet while the socket is in a listening TCPLISTEN state, which is not properl...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix one security issue and two bugs are now available for Red Hat Enterprise Linux 5.3 Extended Update Support. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which...

Out-of-bounds

gfs2 in the Linux kernel 2.6.18, and possibly other versions, does not properly handle when the gfs2quota struct occupies two separate pages, which allows local users to cause a denial of service kernel panic via certain manipulations that cause an out-of-bounds write, as demonstrated by writing...

kernel: ipv6: skb is unexpectedly freed

Use-after-free vulnerability in net/ipv4/tcpinput.c in the Linux kernel 2.6 before 2.6.20, when IPV6RECVPKTINFO is set on a listening socket, allows remote attackers to cause a denial of service kernel panic via a SYN packet while the socket is in a listening TCPLISTEN state, which is not properl...

rPSA-2010-0037-1 kernel

rPath Security Advisory: 2010-0037-1 Published: 2010-05-07 Products: rPath Appliance Platform Linux Service 1 rPath Appliance Platform Linux Service 2 rPath Linux 2 Rating: Minor Exposure Level Classification: Remote Denial of Service Updated Versions: kernel=conary.rpath.com@rpl:2/2.6.29.6-0.9-1...

kernel: ipv6: skb is unexpectedly freed

Use-after-free vulnerability in net/ipv4/tcpinput.c in the Linux kernel 2.6 before 2.6.20, when IPV6RECVPKTINFO is set on a listening socket, allows remote attackers to cause a denial of service kernel panic via a SYN packet while the socket is in a listening TCPLISTEN state, which is not properl...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5.4 Extended Update Support. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores...

Local kernel 2.6.2x kernel panic via pthread

Exploit for linux platform in category local exploits ============================================ Local kernel 2.6.2x kernel panic via pthread ============================================ Exploit Title: Pthread Local Kernel 2.6.2x Kernel Panic Exploit Date: 20 April 2010 Author: mywisdom...

gfs-kmod security, bug fix and enhancement update

0.1.34-12 - Fixes a problem where improper locking commands can crash the system. - Resolves: rhbz571298 0.1.34-11 - Fixes 'Resource tempory unavailable' for EWOULDBLOCK message with flocks on gfs file - Resolves: rhbz515717 0.1.34-10 - Fixes 'Resource tempory unavailable' for EWOULDBLOCK message...

CVE-2010-1188

Use-after-free vulnerability in net/ipv4/tcpinput.c in the Linux kernel 2.6 before 2.6.20, when IPV6RECVPKTINFO is set on a listening socket, allows remote attackers to cause a denial of service kernel panic via a SYN packet while the socket is in a listening TCPLISTEN state, which is not properl...

CVE-2010-1188

CVE-2010-1188 details (mode C): A use-after-free in net/ipv4/tcp_input.c of the Linux kernel 2.6 prior to 2.6.20. When IPV6_RECVPKTINFO is set on a listening TCP socket, a SYN packet to a LISTEN socket can trigger the skb being freed improperly, allowing a remote attacker to cause a denial of ser...

CVE-2010-1188

Use-after-free vulnerability in net/ipv4/tcpinput.c in the Linux kernel 2.6 before 2.6.20, when IPV6RECVPKTINFO is set on a listening socket, allows remote attackers to cause a denial of service kernel panic via a SYN packet while the socket is in a listening TCPLISTEN state, which is not properl...

Moderate: Red Hat Security Advisory: GFS security and bug fix update

Updated GFS packages that fix one security issue are now available for Red Hat Enterprise Linux 3.9, kernel release 2.4.21-63.EL. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...

Linux Kernel SCTP FWD-TSN Handling Buffer Overflow (CVE-2009-0065)

Linux is a popular open-source operating system in which the kernel and other programs related to the operating systems are developed by a group of volunteers. The Linux network protocol stack provides support for Stream Control Transmission Protocol SCTP in addition to more popular transport...

CVE-2010-0148

Cisco Security Agent 5.2 on Linux is affected by a DoS vulnerability (CVE-2010-0148) that can trigger a kernel panic by sending a series of TCP packets. The issue is part of multiple vulnerabilities disclosed in Cisco Security Agent Management Center advisories; the DoS affects Cisco Security Age...

CVE-2010-0561

Integer signedness error in NetBSD 4.0, 5.0, and NetBSD-current before 2010-01-21 allows local users to cause a denial of service kernel panic via a negative mixer index number being passed to 1 the azaliaquerydevinfo function in the azalia audio driver src/sys/dev/pci/azalia.c or 2 the...

Integer overflow

Integer signedness error in NetBSD 4.0, 5.0, and NetBSD-current before 2010-01-21 allows local users to cause a denial of service kernel panic via a negative mixer index number being passed to 1 the azaliaquerydevinfo function in the azalia audio driver src/sys/dev/pci/azalia.c or 2 the...