AMD Bulldozer Linux ASLR weakness: Reducing entropy by 87.5%

A security issue in Linux ASLR implementation which affects some AMD processors has been found. The issue affects to all Linux process even if they are not using shared libraries statically compiled. The problem appears because some mmapped objects VDSO, libraries, etc. are poorly randomized in a...

CVE-2014-2613

Unspecified vulnerability in HP Release Control 9.x before 9.13 p3 and 9.2x before RC 9.21.0003 p1 on Windows and 9.2x before RC 9.21.0002 p1 on Linux allows remote authenticated users to gain privileges via unknown vectors...

iDefense Security Advisory 02.01.10: RealNetworks RealPlayer CMediumBlockAllocator Integer Overflow Vulnerability

iDefense Security Advisory 02.01.10 http://labs.idefense.com/intelligence/vulnerabilities/ Feb 01, 2010 I. BACKGROUND RealPlayer is an application for playing various media formats, developed by RealNetworks Inc. Since late 2003, Real Player has been based on the open-source Helix Player. More...

CVE-2008-4966

linux-patch-openswan 2.4.12 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/snap and b /tmp/nightly temporary files, related to the 1 maysnap and 2 maytest scripts...

Code injection

linux-patch-openswan 2.4.12 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/snap and b /tmp/nightly temporary files, related to the 1 maysnap and 2 maytest scripts...

SUS 2.0.2 local root vulnerability

LSS Security Advisories http://security.lss.hr --- Title : SUS 2.0.2 local root vulnerability Advisory ID : LSS2004-09-01 Date : September 14th, 2004 Advisory URL: : http://security.lss.hr/index.php?page=details&ID=LSS-2004-09-01 Impact : Any user can obtain root privileges Risk level : High...

patch_for_ipc_vuln.txt

Subject: Re: KKIS19990914.004b: ShareDream - shared memory - ipc vulnerability To: [email protected] Attached is a trivial Linux-2.2.12 patch wich adds add a procfs entry for tuning the limit of shared memory allocable. /proc/sys/kernel/shmmax Max number of shared memory pages Attached is...

AMD K6 Processor - Denial of Service

source: https://www.securityfocus.com/bid/105/info A bug in Advance Micro Devices K6 processor allows non-privileged code to crash the machine. Under Linux 2.1.x a bug stops this vulnerability. $ cat a.s .text .align 4096 / r1 / .globl start start: movl start, %edi / S1 / cmpb 0x80000000%edi,%dl ...