Lucene search
K

5181 matches found

RedHat Linux
RedHat Linux
added 2014/09/09 5:55 p.m.3 views

kernel: futex: refcount issue in case of requeue

A flaw was found in the way the Linux kernel's futex subsystem handled reference counting when requeuing futexes during futexwait. A local, unprivileged user could use this flaw to zero out the reference counter of an inode or an mm struct that backs up the memory area of the futex, which could...

6.9CVSS5.7AI score0.00661EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2014/07/29 3:51 p.m.2 views

kernel: net: ping: refcount issue in ping_init_sock() function

A use-after-free flaw was found in the way the pinginitsock function of the Linux kernel handled the groupinfo reference counter. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system...

6.9CVSS6.3AI score0.00951EPSS
Exploits7References4
RedHat Linux
RedHat Linux
added 2014/06/09 2:35 p.m.5 views

Qemu: block: possible crash due signed types or logic error

Qemu before 1.6.2 block diver for the various disk image formats used by Bochs and for the QCOW version 2 format, are vulnerable to a possible crash caused by signed data types or a logic error while creating QCOW2 snapshots, which leads to incorrectly calling updaterefcount routine...

6.2CVSS6.8AI score0.00329EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2014/04/24 5:35 p.m.7 views

Qemu: block: possible crash due signed types or logic error

Qemu before 1.6.2 block diver for the various disk image formats used by Bochs and for the QCOW version 2 format, are vulnerable to a possible crash caused by signed data types or a logic error while creating QCOW2 snapshots, which leads to incorrectly calling updaterefcount routine...

6.2CVSS6.8AI score0.00329EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2014/04/24 5:35 p.m.6 views

Qemu: block: multiple integer overflow flaws

Multiple integer overflows in the block drivers in QEMU, possibly before 2.0.0, allow local users to cause a denial of service crash via a crafted catalog size in 1 the parallelsopen function in block/parallels.c or 2 bochsopen function in bochs.c, a large L1 table in the 3 qcow2snapshotloadtmp i...

7CVSS7.3AI score0.00402EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2014/04/24 5:35 p.m.5 views

Qemu: block: possible crash due signed types or logic error

Qemu before 1.6.2 block diver for the various disk image formats used by Bochs and for the QCOW version 2 format, are vulnerable to a possible crash caused by signed data types or a logic error while creating QCOW2 snapshots, which leads to incorrectly calling updaterefcount routine...

6.2CVSS6.8AI score0.00329EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2014/04/22 5:39 p.m.2 views

Qemu: block: possible crash due signed types or logic error

Qemu before 1.6.2 block diver for the various disk image formats used by Bochs and for the QCOW version 2 format, are vulnerable to a possible crash caused by signed data types or a logic error while creating QCOW2 snapshots, which leads to incorrectly calling updaterefcount routine...

6.2CVSS6.8AI score0.00329EPSS
Exploits1References4
seebug.org
seebug.org
added 2014/04/15 12:0 a.m.53 views

Linux Kernel 'ping_init_sock()'本地权限提升漏洞

Bugtraq ID:66779 CVE ID:CVE-2014-2851 Linux Kernel是Linux操作系统的内核。 Linux kernel在pinginitsock函数的实现上存在refcount问题,本地攻击者可利用此漏洞获取提升的权限或造成内核崩溃。 0 Linux kernel 目前厂商已经发布了升级补丁以修复漏洞,请下载使用: http://www.kernel.org/...

6.9CVSS0.00951EPSS
Exploits7
UbuntuCve
UbuntuCve
added 2014/03/26 12:0 a.m.37 views

CVE-2014-0147

Qemu before 1.6.2 block diver for the various disk image formats used by Bochs and for the QCOW version 2 format, are vulnerable to a possible crash caused by signed data types or a logic error while creating QCOW2 snapshots, which leads to incorrectly calling updaterefcount routine...

6.2CVSS6.8AI score0.00329EPSS
Exploits1References3
OSV
OSV
added 2014/03/26 12:0 a.m.5 views

UBUNTU-CVE-2014-0147

Qemu before 1.6.2 block diver for the various disk image formats used by Bochs and for the QCOW version 2 format, are vulnerable to a possible crash caused by signed data types or a logic error while creating QCOW2 snapshots, which leads to incorrectly calling updaterefcount routine...

6.2CVSS6.8AI score0.00329EPSS
Exploits1References4
OSV
OSV
added 2014/03/26 12:0 a.m.5 views

UBUNTU-CVE-2014-0143

Multiple integer overflows in the block drivers in QEMU, possibly before 2.0.0, allow local users to cause a denial of service crash via a crafted catalog size in 1 the parallelsopen function in block/parallels.c or 2 bochsopen function in bochs.c, a large L1 table in the 3 qcow2snapshotloadtmp i...

7CVSS7.3AI score0.00402EPSS
Exploits0References4
Oracle linux
Oracle linux
added 2013/12/05 12:0 a.m.48 views

kernel security and bug fix update

kernel 2.6.18-371.3.1.0.1 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function orabug 14277030 - oprofile oprofile, x86: Fix nmi-unsafe callgraph support orabug 14277030 - oprofile oprofile: use...

1.5CVSS4.4AI score0.0031EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.244 views

Oracle Linux 6 : kernel (ELSA-2012-0481)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2012-0481 advisory. - Revert: fs NFSv4: include bitmap in nfsv4 get acl data Sachin Prabhu 753231 753232 CVE-2011-4131 - kernel regset: Return -EFAULT, not -EIO, on...

7.8CVSS6.4AI score0.00775EPSS
Exploits4References4
Tenable Nessus
Tenable Nessus
added 2012/05/17 12:0 a.m.45 views

SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 2393)

This kernel update fixes the following security problems : - A bug within the UDF filesystem that caused machine hangs when truncating files on the filesystem was fixed. 186226. CVE-2006-4145 - A potential crash when receiving IPX packets was fixed. This problem is thought not to be exploitable...

7.8CVSS6AI score0.04601EPSS
Exploits5References34
Tenable Nessus
Tenable Nessus
added 2012/04/18 12:0 a.m.51 views

RHEL 6 : kernel (RHSA-2012:0481)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:0481 advisory. - kernel: sysctl: restrict write access to dmesgrestrict CVE-2011-4080 - kernel: block: CLONEIO iocontext refcounting issues CVE-2012-0879 -...

7.8CVSS6.3AI score0.00468EPSS
Exploits4References13
UbuntuCve
UbuntuCve
added 2012/02/28 12:0 a.m.40 views

CVE-2012-1090

The cifslookup function in fs/cifs/dir.c in the Linux kernel before 3.2.10 allows local users to cause a denial of service OOPS via attempted access to a special file, as demonstrated by a FIFO. "The cifs code will attempt to open files on lookup under certain circumstances. What happens though i...

5.5CVSS6.1AI score0.004EPSS
Exploits1References12
Packet Storm
Packet Storm
added 2011/11/12 12:0 a.m.29 views

MS11-083 Denial Of Service

!/bin/sh cat winnuke2011.c include include include include include include include include include include include int port; int active = 0; pthreadmutext mutexactive; void sendpacketsvoid ptr; int mainint argc, char argv pthreadt thread; int iret,lthreads; pidt pid; printf"+ MS11-083 DoS/PoC...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2011/11/08 12:0 a.m.12 views

Microsoft Windows - TCPIP Stack Reference Counter Integer Overflow (MS11-083)

Microsoft Windows - TCPIP Stack Reference Counter Integer Overflow MS11-083 // source: https://www.securityfocus.com/bid/50517/info Microsoft Windows is prone to a remote integer-overflow vulnerability that affects the TCP/IP stack. An attacker can exploit this issue to execute arbitrary code wit...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2010/07/02 12:0 a.m.37 views

NtUserCheckAccessForIntegrityLevel Use-After-Free Vulnerability

Windows Vista/Server 2008 NtUserCheckAccessForIntegrityLevel Use- after-free Vulnerability Intro: Due to hostility toward security researchers, the most recent example being of Tavis Ormandy, a number of us from the industry and some not from the industry have come together to form MSRC: the...

0.6AI score
Exploits0
seebug.org
seebug.org
added 2008/07/14 12:0 a.m.39 views

Linux Kernel sys32_ptrace()函数多个释放后使用漏洞

CVECAN ID: CVE-2008-3077 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux kernel的arch/x86/kernel/ptrace.c文件中的sys32ptrace函数可能会溢出taskstruct结构的refcount字段,本地攻击者可以在x86-64平台上利用这个漏洞触发释放后使用,导致系统崩溃。 Linux kernel 2.6.25.10 Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

4.9CVSS6.4AI score0.00398EPSS
Exploits1
Rows per page
Query Builder