12 matches found
CVE-2024-42318
A vulnerability was found in the Linux kernel's axichanhandleerr function, which caused a kernel panic due to NULL pointer dereferencing. This issue has been fixed. The update protects the vd variable to prevent such crashes. The axichanblockxfercomplete function was used as a reference for this...
CVE-2024-42318 landlock: Don't lose track of restrictions on cred_transfer
In the Linux kernel, the following vulnerability has been resolved: landlock: Don't lose track of restrictions on credtransfer When a process' cred struct is replaced, this almost always invokes the credprepare LSM hook; but in one special case when KEYCTLSESSIONTOPARENT updates the parent's...
CVE-2024-42318 landlock: Don't lose track of restrictions on cred_transfer
In the Linux kernel, the following vulnerability has been resolved: landlock: Don't lose track of restrictions on credtransfer When a process' cred struct is replaced, this almost always invokes the credprepare LSM hook; but in one special case when KEYCTLSESSIONTOPARENT updates the parent's...
CVE-2024-42318
In the Linux kernel, the following vulnerability has been resolved: landlock: Don't lose track of restrictions on credtransfer When a process' cred struct is replaced, this almost always invokes the credprepare LSM hook; but in one special case when KEYCTLSESSIONTOPARENT updates the parent's...
CVE-2024-42318 landlock: Don't lose track of restrictions on cred_transfer
In the Linux kernel, the following vulnerability has been resolved: landlock: Don't lose track of restrictions on credtransfer When a process' cred struct is replaced, this almost always invokes the credprepare LSM hook; but in one special case when KEYCTLSESSIONTOPARENT updates the parent's...
SUSE CVE-2010-2960
The keyctlsessiontoparent function in security/keys/keyctl.c in the Linux kernel 2.6.35.4 and earlier expects that a certain parent session keyring exists, which allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other impact via...
CVE-2011-2184
The keyreplacesessionkeyring function in security/keys/processkeys.c in the Linux kernel before 2.6.39.1 does not initialize a certain structure member, which allows local users to cause a denial of service NULL pointer dereference and OOPS or possibly have unspecified other impact via a...
Null pointer dereference
The keyreplacesessionkeyring function in security/keys/processkeys.c in the Linux kernel before 2.6.39.1 does not initialize a certain structure member, which allows local users to cause a denial of service NULL pointer dereference and OOPS or possibly have unspecified other impact via a...
CVE-2010-2960
The keyctlsessiontoparent function in security/keys/keyctl.c in the Linux kernel 2.6.35.4 and earlier expects that a certain parent session keyring exists, which allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other impact via...
Null pointer dereference
The keyctlsessiontoparent function in security/keys/keyctl.c in the Linux kernel 2.6.35.4 and earlier expects that a certain parent session keyring exists, which allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other impact via...
CVE-2010-2960
CVE-2010-2960 affects Linux kernel 2.6.35.4 and earlier: the keyctl_session_to_parent function assumes a parent session keyring exists, allowing local users to cause a NULL pointer dereference and system crash (denial of service) via a KEYCTL_SESSION_TO_PARENT argument. Root cause pertains to ses...
Linux kernel 2.6.x keyctl_session_to_parent()函数空指针引用漏洞
BUGTRAQ ID: 42932 CVE ID: CVE-2010-2960 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的security/keys/keyctl.c文件中的keyctlsessiontoparent函数存在空指针应用错误,本地用户可以以KEYCTLSESSIONTOPARENT调用keyctl来触发这个漏洞,导致拒绝服务的情况。 Linux kernel 2.6.x 厂商补丁: Linux ----- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:...