EUVD-2008-5008

Malware in sbrugna...

Linux Kernel __scm_destroy()本地拒绝服务漏洞

BUGTRAQ ID: 32154 CVECAN ID: CVE-2008-5029 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的net/core/scm.c文件中的scmdestroy函数可能通过调用fput函数间接地递归调用其本身，本地攻击者可以通过UNIX域套接字发送SCMRIGHTS消息并关闭文件描述符导致拒绝服务的情况。 Linux kernel 2.6.27.4 Linux kernel 2.6.26 Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

CVE-2008-5029

The scmdestroy function in net/core/scm.c in the Linux kernel 2.6.27.4, 2.6.26, and earlier makes indirect recursive calls to itself through calls to the fput function, which allows local users to cause a denial of service panic via vectors related to sending an SCMRIGHTS message through a UNIX...

Design/Logic Flaw

The scmdestroy function in net/core/scm.c in the Linux kernel 2.6.27.4, 2.6.26, and earlier makes indirect recursive calls to itself through calls to the fput function, which allows local users to cause a denial of service panic via vectors related to sending an SCMRIGHTS message through a UNIX...