openSUSE Security Update : kernel (openSUSE-SU-2011:0004-1)

The openSUSE 11.3 kernel was updated to fix various bugs and security issues. Following security issues have been fixed: CVE-2010-4347: A local user could inject ACPI code into the kernel via the world-writable 'customdebug' file, allowing local privilege escalation. CVE-2010-4258: A local attack...

Debian DSA-2582-1 : xen - several vulnerabilities

Multiple denial of service vulnerabilities have been discovered in the Xen Hypervisor. One of the issue CVE-2012-5513 could even lead to privilege escalation from guest to host. Some of the recently published Xen Security Advisories XSA 25and 28 are not fixed by this update and should be fixed in...

HVMOP_get_mem_access crash / HVMOP_set_mem_access information leak

ISSUE DESCRIPTION The HVMOPsetmemaccess operation handler uses an input as an array index before range checking it. IMPACT A malicious guest administrator can cause Xen to crash. If the out of array bounds access does not crash, the arbitrary value read will be used if the caller reads back the...

openSUSE Security Update : kernel (openSUSE-SU-2010:1047-1)

This security update of the openSUSE 11.1 kernel updates the kernel to 2.6.27.56 and fixes various security issues and other bugs. Following security issues were fixed by this update: CVE-2010-2963: A problem in the compat ioctl handling in video4linux allowed local attackers with a video device...

openSUSE 10 Security Update : kernel (kernel-5751)

This kernel update fixes various bugs and also several security issues : CVE-2008-4576: Fixed a crash in SCTP INIT-ACK, on mismatch between SCTP AUTH availability. This might be exploited remotely for a denial of service crash attack. CVE-2008-3833: The genericfilesplicewrite function in...

openSUSE 10 Security Update : kernel (kernel-5700)

The openSUSE 10.3 kernel was update to 2.6.22.19. This includes bugs and security fixes. CVE-2008-4576: Fixed a crash in SCTP INIT-ACK, on mismatch between SCTP AUTH availability. This might be exploited remotely for a denial of service crash attack. CVE-2008-3528: The ext234 filesystem code fail...

DSA-1137-1 tiff - several vulnerabilities

Bulletin has no description...

security flaw

Multiple "range checking flaws" in the ISO9660 filesystem handler in Linux 2.6.11 and earlier may allow attackers to cause a denial of service or corrupt memory via a crafted filesystem...

CVE-2005-0815

Multiple "range checking flaws" in the ISO9660 filesystem handler in Linux 2.6.11 and earlier may allow attackers to cause a denial of service or corrupt memory via a crafted filesystem...

security flaw

Multiple "range checking flaws" in the ISO9660 filesystem handler in Linux 2.6.11 and earlier may allow attackers to cause a denial of service or corrupt memory via a crafted filesystem...

Important: Red Hat Security Advisory: kernel security update

Updated kernel packages that fix several security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. Updated 9 August 2005 The advisory text has been updated to show that this update fixed...

iso9660handler.txt

Good morning, There appears to be a fair number of kernel-level range checking flaws in ISO9660 filesystem handler and Rock Ridge / Juliet extensions in Linux up to and including 2.6.11. These bugs range from DoS conditions to potentially exploitable memory corruption - all this whenever a...

CVE-2005-0815

CVE-2005-0815 affects the Linux kernel iso9660 filesystem handler in versions up to 2.6.11 (and earlier). The issue is described as multiple range-checking flaws in the ISO-9660 file system code, which could be triggered by mounting a crafted/corrupted ISO image on CD-ROM. Impact stated in connec...

CVE-2005-0815

Multiple "range checking flaws" in the ISO9660 filesystem handler in Linux 2.6.11 and earlier may allow attackers to cause a denial of service or corrupt memory via a crafted filesystem...

FreeBSD Security Advisory FreeBSD-SA-03:09.signal

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-03:09.signal Security Advisory The FreeBSD Project Topic: Insufficient range checking of signal numbers Category: core Module: sys Announced: 2003-08-10 Affects:...