Linux内核"/proc"竞态条件权限增大漏洞

Secunia Advisory:SA21041 Linux内核被报告一个漏洞，该漏洞可被恶意本地用户操作获得更大的是用权限。 该漏洞是由改变文件属性时存在于"/proc"中的竞态条件引起的。 成功操作允许使用根权限执行任意代码。 该漏洞已经在先前版本至版本2.6.17.5中被报告。 Linux Kernel 2.6.x 升级至版本2.6.17.5或更新。 http://kernel.org/...

Information disclosure

The proc filesystem in the kernel in IBM AIX 5.2 and 5.3 does not properly enforce directory permissions when a file executing from a directory has weaker permissions than the directory itself, which allows local users to obtain sensitive information...

Design/Logic Flaw

Linux kernel 2.6, when using vservers, allows local users to access resources of other vservers via a symlink attack in /proc...

CVE-2008-0163

Linux kernel 2.6, when using vservers, allows local users to access resources of other vservers via a symlink attack in /proc...

CVE-2008-0163

Linux kernel 2.6, when using vservers, allows local users to access resources of other vservers via a symlink attack in /proc...

Linux kernel multiple security vulnerabilities

Kernel memory access with vmsplice syscall, access between virtual machines with /proc...

Debian DSA-1494-2 : linux-2.6 - missing access checks

The vmsplice system call did not properly verify address arguments passed by user space processes, which allowed local attackers to overwrite arbitrary kernel memory, gaining root privileges CVE-2008-0010, CVE-2008-0600 . In the vserver-enabled kernels, a missing access check on certain symlinks ...

DSA-1494-1 linux-2.6 - privilege escalation

Bulletin has no description...

Linux Kernel 2.6.23 2.6.24 - vmsplice Local Privilege Escalation (1)

Linux Kernel 2.6.23 2.6.24 - vmsplice Local Privilege Escalation 1 / dianelanefuckedhard.c Linux vmsplice Local Root Exploit By qaaz Linux 2.6.23 - 2.6.24 / define GNUSOURCE include include include include include include define TARGETPATTERN " sysvm86old" define TARGETSYSCALL 113 ifndef NRvmspli...

/proc/cpuinfo DoS on some ppc machines

The chrpshowcpuinfo function chrp/setup.c in Linux kernel 2.4.21 through 2.6.18-53, when running on PowerPC, might allow local users to cause a denial of service crash via unknown vectors that cause the ofgetproperty function to fail, which triggers a NULL pointer dereference...

SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 4471)

This kernel update fixes the following security problems : - It was possible for local user to become root by exploiting a bug in the IA32 system call emulation. This affects x8664 platforms with kernel 2.4.x and 2.6.x before 2.6.22.7 only. CVE-2007-4573 - An information disclosure vulnerability ...

ALSA memory disclosure flaw

The sndmemprocread function in sound/core/memalloc.c in the Advanced Linux Sound Architecture ALSA in the Linux kernel before 2.6.22.8 does not return the correct write size, which allows local users to obtain sensitive information kernel memory contents via a small count argument, as demonstrate...

ALSA memory disclosure flaw

The sndmemprocread function in sound/core/memalloc.c in the Advanced Linux Sound Architecture ALSA in the Linux kernel before 2.6.22.8 does not return the correct write size, which allows local users to obtain sensitive information kernel memory contents via a small count argument, as demonstrate...

Linux Kernel ALSA驱动snd-page-alloc本地Proc文件信息泄露漏洞

BUGTRAQ ID: 25807 CVECAN ID: CVE-2007-4571 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux系统的ALSA声卡驱动实现上存在漏洞，本地攻击者可能利用此漏洞获取内核内存中的敏感信息。 Linux Kernel在处理多个/proc/driver/snd-page-alloc文件的读操作时存在安全漏洞，sound/core/memalloc.c文件中如下定义了读操作的系统调用sndmemprocread： 484 static int sndmemprocreadchar page, char start, offt of...

CVE-2007-4571

The sndmemprocread function in sound/core/memalloc.c in the Advanced Linux Sound Architecture ALSA in the Linux kernel before 2.6.22.8 does not return the correct write size, which allows local users to obtain sensitive information kernel memory contents via a small count argument, as demonstrate...

Code injection

The ATM module in the Linux kernel before 2.4.35.3, when CLIP support is enabled, allows local users to cause a denial of service kernel panic by reading /proc/net/atm/arp before the CLIP module has been loaded...

CVE-2007-5087

The ATM module in the Linux kernel before 2.4.35.3, when CLIP support is enabled, allows local users to cause a denial of service kernel panic by reading /proc/net/atm/arp before the CLIP module has been loaded...

Linux Kernel 2.6.x - ALSA snd-page-alloc Local Proc File Information Disclosure

Linux Kernel 2.6.x - ALSA snd-page-alloc Local Proc File Information Disclosure / source: https://www.securityfocus.com/bid/25774/info / The Linux kernel is prone to a local privilege-escalation vulnerability. Exploiting this issue may allow local attackers to gain elevated privileges, facilitati...

DEBIAN-CVE-2007-1743

suexec in Apache HTTP Server httpd 2.2.3 does not verify combinations of user and group IDs on the command line, which might allow local users to leverage other vulnerabilities to create arbitrary UID/GID owned files if /proc is mounted. NOTE: the researcher, who is reliable, claims that the vend...

CVE-2007-1743

suexec in Apache HTTP Server httpd 2.2.3 does not verify combinations of user and group IDs on the command line, which might allow local users to leverage other vulnerabilities to create arbitrary UID/GID owned files if /proc is mounted. NOTE: the researcher, who is reliable, claims that the vend...