EUVD-2012-3466

Malware in sbrugna...

Denial Of Service (DoS)

kernel-rt is vulnerable to denial of service. A local user is able to crash the system via vectors involving munmap and close system call due to multiple race conditions in the function madviseremove in mm/madvise.c...

Debian DSA-3364-1 : linux - security update

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation or denial of service. - CVE-2015-8215 It was discovered that NetworkManager would set IPv6 MTUs based on the values received in IPv6 RAs Router Advertisements, without sufficiently validating...

DSA-3364-1 linux - security update

Bulletin has no description...

Debian Security Advisory DSA 3364-1 (linux - security update)

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation or denial of service. CVE-2015-0272 It was discovered that NetworkManager would set IPv6 MTUs based on the values received in IPv6 RAs Router Advertisements, without sufficiently validating...

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2012-2043)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2012-2043 advisory. - hugepages: fix use after free bug in 'quota' handling Orabug: 15845276 CVE-2012-2133 - udf: Fortify loading of sparing table Orabug: 15845302...

Oracle Linux 6 : kernel (ELSA-2012-1426)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2012-1426 advisory. - mm hugetlb: do not use vmahugecacheoffset for vmapriotreeforeach Frederic Weisbecker 843034 843035 CVE-2012-2133 - mm hugepages: fix use after free b...

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2012-2044)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2012-2044 advisory. - hugepages: fix use after free bug in 'quota' handling 15842385 CVE-2012-2133 - mm: Hold a file reference in madviseremove 15842884 CVE-2012-3511 ...

Unbreakable Enterprise kernel security update

2.6.32-300.39.1 - hugepages: fix use after free bug in 'quota' handling 15842385 CVE-2012-2133 - mm: Hold a file reference in madviseremove 15842884 CVE-2012-3511 - udf: Fortify loading of sparing table 15843730 CVE-2012-3400 - udf: Avoid run away loop when partition table length is corrupt...

Unbreakable Enterprise kernel security update

2.6.39-300.17.2 - hugepages: fix use after free bug in 'quota' handling Orabug: 15845276 CVE-2012-2133 - udf: Fortify loading of sparing table Orabug: 15845302 CVE-2012-3400 - udf: Avoid run away loop when partition table length is corrupt Orabug: 15845302 CVE-2012-3400 - mm: Hold a file referenc...

Race condition

Multiple race conditions in the madviseremove function in mm/madvise.c in the Linux kernel before 3.4.5 allow local users to cause a denial of service use-after-free and system crash via vectors involving a 1 munmap or 2 close system call...

CVE-2012-3511

Multiple race conditions in the madviseremove function in mm/madvise.c in the Linux kernel before 3.4.5 allow local users to cause a denial of service use-after-free and system crash via vectors involving a 1 munmap or 2 close system call...

CVE-2012-3511

The CVE-2012-3511 entry maps to the Linux kernel issue in mm/madvise.c: madvise_remove contains race conditions that can be exploited locally to trigger use-after-free and kernel crash, resulting in denial of service via munmap or close. Affected lineage includes kernels before 3.4.5; patches add...

Linux Kernel 'madvise_remove()'函数本地拒绝服务漏洞

BUGTRAQ ID: 55151 CVE ID: CVE-2012-3511 Linux Kernel其基础为linux平台，linux为C语言编写的内核，基于此内核又衍生出了具体的Red hat linux 、open suse linux等具体的操作系统，一套基于Linux内核的完整操作系统叫作Linux操作系统，或是GNU/Linux。 Linux Kernel在 "madviseremove" 函数的实现上存在释放后重用漏洞，可被恶意本地用户利用造成引用已经释放的内存。 0 Linux kernel 3.4.x Linux kernel 3.2.x Linux kernel...

CVE-2006-1524

madviseremove in Linux kernel 2.6.16 up to 2.6.16.6 does not follow file and mmap restrictions, which allows local users to bypass IPC permissions and replace portions of readonly tmpfs files with zeroes, aka the MADVREMOVE vulnerability. NOTE: this description was originally written in a way tha...

Code injection

madviseremove in Linux kernel 2.6.16 up to 2.6.16.6 does not follow file and mmap restrictions, which allows local users to bypass IPC permissions and replace portions of readonly tmpfs files with zeroes, aka the MADVREMOVE vulnerability. NOTE: this description was originally written in a way tha...

CVE-2006-1524

madviseremove in Linux kernel 2.6.16 up to 2.6.16.6 does not follow file and mmap restrictions, which allows local users to bypass IPC permissions and replace portions of readonly tmpfs files with zeroes, aka the MADVREMOVE vulnerability. NOTE: this description was originally written in a way tha...

CVE-2006-1524

The MADV_REMOVE issue (CVE-2006-1524) affects Linux kernel 2.6.16 up to 2.6.16.6, where madvise_remove does not enforce file/mmap restrictions, enabling a local user to bypass IPC permissions and overwrite portions of readonly tmpfs files with zeros. The problem is tied to the mprotect-related fl...