MiracleLinux 3 : kernel-2.6.18-308.1.AXS3 (AXSA:2012-487:03)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-487:03 advisory. The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the operating system:...

SUSE CVE-2011-2942

A certain Red Hat patch to the brdeliver function in net/bridge/brforward.c in the Linux kernel 2.6.18 on Red Hat Enterprise Linux RHEL 5 allows remote attackers to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other impact by leveraging...

Linux Kernel 2.6.18 move_pages() Information Leak

/ sieve because the Linux kernel leaks like one, get it? Bug NOT discovered by Marcus Meissner of SuSE security This bug was discovered by Ramon de Carvalho Valle in September of 2009 The bug was found via fuzzing, and on Sept 24th I was sent a POC DoS for the bug but had forgotten about it until...

CVE-2013-0231

The pcibackenablemsi function in the PCI backend driver drivers/xen/pciback/confspacecapabilitymsi.c in Xen for the Linux kernel 2.6.18 and 3.8 allows guest OS users with PCI device access to cause a denial of service via a large number of kernel log messages. NOTE: some of these details are...

CVE-2013-0231

The pcibackenablemsi function in the PCI backend driver drivers/xen/pciback/confspacecapabilitymsi.c in Xen for the Linux kernel 2.6.18 and 3.8 allows guest OS users with PCI device access to cause a denial of service via a large number of kernel log messages. NOTE: some of these details are...

CVE-2013-0231

CVE-2013-0231 is discussed in connected advisories as affecting the Xen PCI backend: the pciback_enable_msi function in drivers/xen/pciback/conf_space_capability_msi.c on Linux kernels 2.6.18 and 3.8 allows guest OS users with PCI device access to trigger a denial of service by generating a large...

Linux kernel-2.6.18-6 x86 Local Root Exploit

Exploit for linux platform in category local exploits / 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 0 0...

CVE-2010-4238

The vbdcreate function in Xen 3.1.2, when the Linux kernel 2.6.18 on Red Hat Enterprise Linux RHEL 5 is used, allows guest OS users to cause a denial of service host OS panic via an attempted access to a virtual CD-ROM device through the blkback driver. NOTE: some of these details are obtained fr...

CVE-2010-4247

The doblockioop function in 1 drivers/xen/blkback/blkback.c and 2 drivers/xen/blktap/blktap.c in Xen before 3.4.0 for the Linux kernel 2.6.18, and possibly other versions, allows guest OS users to cause a denial of service infinite loop and CPU consumption via a large production request index to...

CVE-2010-4161

The udpqueuercvskb function in net/ipv4/udp.c in a certain Red Hat build of the Linux kernel 2.6.18 in Red Hat Enterprise Linux RHEL 5 allows attackers to cause a denial of service deadlock and system hang by sending UDP traffic to a socket that has a crafted socket filter, a related issue to...

Design/Logic Flaw

arch/ia64/xen/faults.c in Xen 3.4 and 4.0 in Linux kernel 2.6.18, and possibly other kernel versions, when running on IA-64 architectures, allows local users to cause a denial of service and "turn on BE by modifying the user mask of the PSR," as demonstrated via exploitation of CVE-2006-0742...

CVE-2009-3556

A certain Red Hat configuration step for the qla2xxx driver in the Linux kernel 2.6.18 on Red Hat Enterprise Linux RHEL 5, when NPort ID Virtualization NPIV hardware is used, sets world-writable permissions for the 1 vportcreate and 2 vportdelete files under /sys/class/scsihost/, which allows loc...

CVE-2009-4272

A certain Red Hat patch for net/ipv4/route.c in the Linux kernel 2.6.18 on Red Hat Enterprise Linux RHEL 5 allows remote attackers to cause a denial of service deadlock via crafted packets that force collisions in the IPv4 routing hash table, and trigger a routing "emergency" in which a hash chai...

Linux Kernel 2.6.18 < 2.6.18-20 - Local Privilege Escalation

/ Author: DigitALL Version: 2.6.18-20 Tested on: Linux System Greetz To: Zombie KroNicKq and All 1923turk.Biz Members Code : 2.6.18 2008 Exploit's s Edited 2009 Version.I Am Tested 2.6.18-20 2009 Linux is Rooted.Coming Soon.By DigitALL EDB Note: Adding include may help it compile / define GNUSOUR...

Design/Logic Flaw

The ptracestart function in kernel/ptrace.c in the Linux kernel 2.6.18 does not properly handle simultaneous execution of the docoredump function, which allows local users to cause a denial of service deadlock via vectors involving the ptrace system call and a coredumping thread...

Linux Kernel 'SCTP'模块存在漏洞

BUGTRAQ ID: 31121 CVE ID：CVE-2008-3792 CNCVE ID：CNCVE-20083792 Linux是一款开放源代码的操作系统。 Linux内核'SCTP'模块存在多个安全问题，本地攻击者可以利用漏洞获得敏感信息或使内核崩溃。 问题代码如下： file: net/sctp/socket.c ... SCTPSTATIC int sctpgetsockoptstruct sock sk, int level, int optname, char user optval, int user optlen int retval = 0; int len;...

CVE-2008-2358

Integer overflow in the dccpfeatchange function in net/dccp/feat.c in the Datagram Congestion Control Protocol DCCP subsystem in the Linux kernel 2.6.18, and 2.6.17 through 2.6.20, allows local users to gain privileges via an invalid feature length, which leads to a heap-based buffer overflow...

CVE-2007-5498

The Xen hypervisor block backend driver for Linux kernel 2.6.18, when running on a 64-bit host with a 32-bit paravirtualized guest, allows local privileged users in the guest OS to cause a denial of service host OS crash via a request that specifies a large number of blocks...

CVE-2008-1615

Linux kernel 2.6.18, and possibly other versions, when running on AMD64 architectures, allows local users to cause a denial of service crash via certain ptrace calls...