Denial Of Service (DoS)

The kernel is vulnerable to denial of service DoS. A flaw in the Linux kernel's packet writing driver could be triggered via the PKTCTRLCMDSTATUS IOCTL request, possibly allowing a local, unprivileged user with access to "/dev/pktcdvd/control" to cause an information leak. Note: By default, only...

Linux Kernel < 2.6.36-rc6 pktcdvd Kernel Memory Disclosure

No description provided by source. / cve-2010-3437.c Linux Kernel 2.6.36-rc6 pktcdvd Kernel Memory Disclosure Jon Oberheide [email protected] http://jon.oberheide.org Information: https://bugzilla.redhat.com/showbug.cgi?id=638085 The PKTCTRLCMDSTATUS device ioctl retrieves a pointer to a...

CVE-2010-3437

Integer signedness error in the pktfinddevfromminor function in drivers/block/pktcdvd.c in the Linux kernel before 2.6.36-rc6 allows local users to obtain sensitive information from kernel memory or cause a denial of service invalid pointer dereference and system crash via a crafted index value i...

CVE-2010-3437

Integer signedness error in the pktfinddevfromminor function in drivers/block/pktcdvd.c in the Linux kernel before 2.6.36-rc6 allows local users to obtain sensitive information from kernel memory or cause a denial of service invalid pointer dereference and system crash via a crafted index value i...

Linux kernel 2.6.x PKT_CTRL_CMD_STATUS无效指针引用拒绝服务漏洞

BUGTRAQ ID: 43551 CVE ID: CVE-2010-3437 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的PKTCTRLCMDSTATUS设备ioctl从全局pktdevs数组接收指向pktcdvddevice的指针。到这个数组的索引是由用户提供的有符整形，因此如果提供了负数索引就会导致边界检查失败。 本地攻击者可以利用这个漏洞读取任意内核内存，或由于无效的指针引用而导致崩溃。如果要利用这个漏洞，用户必须拥有打开/dev/pktcdvd/control的权限。 Linux kernel 2.6.x 厂商补丁： Linux...