PT-2011-4187 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.1-rc3 Description: The issue is related to the befs follow link function in fs/befs/linuxvfs.c, which does not validate the length attribute of long symlinks. This allows local users to cause a denial of servi...

Linux Kernel OOPS "qdisc_dev()"引用远程拒绝服务漏洞

BUGTRAQ ID: 48641 CVE ID: CVE-2011-2525 Linux Kernel是Linux操作系统的内核。 Linux Kernel在qdiscdev引用的实现上存在远程拒绝服务漏洞，本地攻击者可利用此漏洞造成内核崩溃。 不应为内建qdisc调用tcfillqdisc或使其引用空指针以获取设备ifindex。 Linux kernel 2.6.x 厂商补丁： Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.kernel.org/...

UBUNTU-CVE-2011-2518

The tomoyomountacl function in security/tomoyo/mount.c in the Linux kernel before 2.6.39.2 calls the kernpath function with arguments taken directly from a mount system call, which allows local users to cause a denial of service OOPS or possibly have unspecified other impact via a NULL value for...

CVE-2011-2493

The ext4fillsuper function in fs/ext4/super.c in the Linux kernel before 2.6.39 does not properly initialize a certain error-report data structure, which allows local users to cause a denial of service OOPS by attempting to mount a crafted ext4 filesystem...

kernel: corrupted GUID partition tables can cause kernel oops

Heap-based buffer overflow in the isgptvalid function in fs/partitions/efi.c in the Linux kernel 2.6.38 and earlier allows physically proximate attackers to cause a denial of service OOPS or possibly have unspecified other impact via a crafted size of the EFI GUID partition-table header on...

[PRE-SA-2011-04] Heap overflow in EFI partition handling code of the Linux kernel

PRE-CERT Security Advisory ========================== Advisory: PRE-SA-2011-04 Released on: 10 May 2011 Last updated on: 10 May 2011 Affected product: Linux Kernel 2.4 and 2.6 Impact: information disclosure, denial-of-service Origin: storage devices Credit: Timo Warns PRESENSE Technologies GmbH C...

Linux Kernel EFI分区拒绝服务漏洞

Bugtraq ID: 47343 Linux是一款开放源代码的操作系统。 不管是否启用了自动安装，Linux内核会自动评测存储设备的分区表。评测EFI GUID分区表存在一个缓冲区溢出，可导致内核触发oops而崩溃。 Linux kernel 2.6.38 Linux kernel 2.6.37 Linux kernel 2.6.37 Linux kernel 2.6.36 Linux kernel 2.6.35 Linux kernel 2.6.35 Linux kernel 2.6.35 Linux kernel 2.6.34 Linux kernel 2.6.34 Linux...

Design/Logic Flaw

The ldmparsevmdb function in fs/partitions/ldm.c in the Linux kernel before 2.6.38-rc6-git6 does not validate the VBLK size value in the VMDB structure in an LDM partition table, which allows local users to cause a denial of service divide-by-zero error and OOPS via a crafted partition table...

CVE-2011-1012

CVE-2011-1012 affects the Linux kernel, in particular the LDM partition handling. The flaw lies in ldm_parse_vmdb in fs/partitions/ldm.c, which does not validate the VBLK size in the VMDB structure of an LDM partition table. A crafted partition table can trigger a divide-by-zero and cause a kerne...

CVE-2011-1012

The ldmparsevmdb function in fs/partitions/ldm.c in the Linux kernel before 2.6.38-rc6-git6 does not validate the VBLK size value in the VMDB structure in an LDM partition table, which allows local users to cause a denial of service divide-by-zero error and OOPS via a crafted partition table...

[SECURITY] [DSA 2153-1] linux-2.6 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2153-1 [email protected] http://www.debian.org/security/ dann frazier January 30, 2011 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2153-1] linux-2.6 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2153-1 [email protected] http://www.debian.org/security/ dann frazier January 30, 2011 http://www.debian.org/security/faq -...

DSA-2153-1 linux-2.6 - several issues

Bulletin has no description...

Fedora 14 : java-1.6.0-openjdk-1.6.0.0-50.1.9.4.fc14 (2011-0521)

Wed Jan 5 2011 Jiri Vanek - 1:1.6.0.0-50.1.9.4 - Updated to IcedTea 1.9.4 - Wed Dec 1 2010 Deepak Bhole - 1:1.6.0.0-49.1.9.3 - Updated to IcedTea 1.9.3 - Re-enable Compressed Oops by default as upstream bug 7002666 is fixed - Tue Nov 30 2010 Deepak Bhole - 1:1.6.0.0-49.1.9.2 - Update to IcedTea...

kernel security and bug fix update

2.6.9-89.35.1.0.1.EL - XEN fix cpu hotplug crash Joe Jin orabug 7521308 - XEN Bring up vcpus before khelper init Joe Jin orabug 7521308 - XEN flush the tlb cache immediately Dave McCracken, Scott Shi orabug 9138767 - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug...

CVE-2010-3849

CVE-2010-3849 affects the Linux kernel’s econet_sendmsg path (net/econet/af_econet.c) prior to 2.6.36.2, when an Econet address is configured. A local user can trigger a denial of service by issuing a sendmsg with a NULL remote address, causing a NULL pointer dereference and OOPS. The correspondi...

CVE-2010-4342

Vulnerability (CVE-2010-4342) in the Linux kernel affects the AUN path when Econet is enabled. The flaw is in the aun_incoming function (net/econet/af_econet.c) and allows remote attackers to trigger a NULL pointer dereference and kernel OOPS, causing a denial of service via UDP-based Acorn Unive...

CVE-2010-4342

The aunincoming function in net/econet/afeconet.c in the Linux kernel before 2.6.37-rc6, when Econet is enabled, allows remote attackers to cause a denial of service NULL pointer dereference and OOPS by sending an Acorn Universal Networking AUN packet over UDP...

Linux Kernel 2.6.37 (RedHat Ubuntu 10.04) - Full-Nelson.c Local Privilege Escalation

Linux Kernel 2.6.37 RedHat Ubuntu 10.04 - Full-Nelson.c Local Privilege Escalation / Linux Kernel = 2.6.37 local privilege escalation by Dan Rosenberg @djrbliss on twitter Usage: gcc full-nelson.c -o full-nelson ./full-nelson This exploit leverages three vulnerabilities to get root, all of which...

CVE-2010-4165

CVE-2010-4165 affects the Linux kernel prior to 2.6.37-rc2. The do_tcp_setsockopt function does not properly constrain TCP_MAXSEG (MSS) values, allowing a local user to trigger a denial of service via a setsockopt with a small value, leading to a divide-by-zero or signed-integer misuse. Evidence ...