EUVD-2008-3511

Malware in sbrugna...

openSUSE Security Update : kernel (kernel-270)

This patch updates the openSUSE 11.0 kernel to the 2.6.25.18 stable release. It also includes bugfixes and security fixes : CVE-2008-4410: The vmiwriteldtentry function in arch/x86/kernel/vmi32.c in the Virtual Machine Interface VMI in the Linux kernel 2.6.26.5 invokes writeidtentry where...

Mandriva Linux Security Advisory : kernel (MDVSA-2008:223)

Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel : Buffer overflow in format descriptor parsing in the uvcparseformat function in drivers/media/video/uvc/uvcdriver.c in uvcvideo in the video4linux V4L implementation in the Linux kernel before 2.6.26.1 has unknown impact...

Mandriva Update for kernel MDVSA-2008:223 (kernel)

Check for the Version of kernel OpenVAS Vulnerability Test Mandriva Update for kernel MDVSA-2008:223 kernel Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

kernel: missing capability checks in sbni_ioctl()

The sbniioctl function in drivers/net/wan/sbni.c in the wan subsystem in the Linux kernel 2.6.26.3 does not check for the CAPNETADMIN capability before processing a 1 SIOCDEVRESINSTATS, 2 SIOCDEVSHWSTATE, 3 SIOCDEVENSLAVE, or 4 SIOCDEVEMANSIPATE ioctl request, which allows local users to bypass...

Fedora 9 : kernel-2.6.26.6-79.fc9 (2008-8929)

Update kernel from version 2.6.26.5 to 2.6.26.6: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26.6 CVE-2008-3831 An IOCTL in the i915 driver was not properly restricted to users with the proper capabilities to use it. CVE-2008-4410 The vmiwriteldtentry function in...

openSUSE 10 Security Update : kernel (kernel-5700)

The openSUSE 10.3 kernel was update to 2.6.22.19. This includes bugs and security fixes. CVE-2008-4576: Fixed a crash in SCTP INIT-ACK, on mismatch between SCTP AUTH availability. This might be exploited remotely for a denial of service crash attack. CVE-2008-3528: The ext234 filesystem code fail...

CVE-2008-3525

The sbniioctl function in drivers/net/wan/sbni.c in the wan subsystem in the Linux kernel 2.6.26.3 does not check for the CAPNETADMIN capability before processing a 1 SIOCDEVRESINSTATS, 2 SIOCDEVSHWSTATE, 3 SIOCDEVENSLAVE, or 4 SIOCDEVEMANSIPATE ioctl request, which allows local users to bypass...

CVE-2008-3525

The sbniioctl function in drivers/net/wan/sbni.c in the wan subsystem in the Linux kernel 2.6.26.3 does not check for the CAPNETADMIN capability before processing a 1 SIOCDEVRESINSTATS, 2 SIOCDEVSHWSTATE, 3 SIOCDEVENSLAVE, or 4 SIOCDEVEMANSIPATE ioctl request, which allows local users to bypass...

CVE-2008-3525

The sbniioctl function in drivers/net/wan/sbni.c in the wan subsystem in the Linux kernel 2.6.26.3 does not check for the CAPNETADMIN capability before processing a 1 SIOCDEVRESINSTATS, 2 SIOCDEVSHWSTATE, 3 SIOCDEVENSLAVE, or 4 SIOCDEVEMANSIPATE ioctl request, which allows local users to bypass...

CVE-2008-3525

Vulnerability (CVE-2008-3525) affects the Linux kernel 2.6.26.3 wan driver (sbni.c) where sbni_ioctl fails to perform CAP_NET_ADMIN checks before handling four ioctls (SIOCDEVRESINSTATS, SIOCDEVSHWSTATE, SIOCDEVENSLAVE, SIOCDEVEMANSIPATE). This permits a local user to bypass intended capability r...