3 matches found
Linux Kernel locks_remove_flock()本地竞争条件漏洞
BUGTRAQ ID: 33237 CVECAN ID: CVE-2008-4307 Linux Kernel是开放源码操作系统Linux所使用的内核。 RHEL4/5内核处理POSIX锁定时fcntl调用可能与关闭相同文件描述符出现竞争,本地攻击者可以利用这个漏洞导致拒绝服务或获得权限提升。 fcntl以如下方式获得POSIX锁定: sysfcntl fget dofcntl fcntlsetlk fput if!count fput locksremoveflock fcntlsetlk调用可能阻塞很长时间,允许同一进程中的其他线程关闭文件描述符: sysclose filpclos...
CVE-2005-3807
Memory leak in the VFS file lease handling in locks.c in Linux kernels 2.6.10 to 2.6.15 allows local users to cause a denial of service memory exhaustion via certain Samba activities that cause an fasync entry to be re-allocated by the fcntlsetlease function after the fasync queue has already bee...
CVE-2005-3807
Memory leak in the VFS file lease handling in locks.c in Linux kernels 2.6.10 to 2.6.15 allows local users to cause a denial of service memory exhaustion via certain Samba activities that cause an fasync entry to be re-allocated by the fcntlsetlease function after the fasync queue has already bee...