73 matches found
CVE-2012-4542
block/scsiioctl.c in the Linux kernel through 3.8 does not properly consider the SCSI device class during authorization of SCSI commands, which allows local users to bypass intended access restrictions via an SGIO ioctl call that leverages overlapping opcodes...
Important: Red Hat Security Advisory: rhev-hypervisor6 security, bug fix, and enhancement update
An updated rhev-hypervisor6 package that fixes three security issues, various bugs, and adds an enhancement is now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...
kernel, perf, python security update
CentOS Errata and Security Advisory CESA-2013:0496 Updated kernel packages that fix multiple security issues, address several hundred bugs, and add numerous enhancements are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 6. This is the fourth...
kernel: block: default SCSI command filter does not accomodate commands overlap across device classes
block/scsiioctl.c in the Linux kernel through 3.8 does not properly consider the SCSI device class during authorization of SCSI commands, which allows local users to bypass intended access restrictions via an SGIO ioctl call that leverages overlapping opcodes...
Important: Red Hat Security Advisory: Red Hat Enterprise Linux 6 kernel update
Updated kernel packages that fix multiple security issues, address several hundred bugs, and add numerous enhancements are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 6. This is the fourth regular update. The Red Hat Security Response Team has...
CVE-2011-4127
The Linux kernel before 3.2.2 does not properly restrict SGIO ioctl calls, which allows local users to bypass intended restrictions on disk read and write operations by sending a SCSI command to 1 a partition block device or 2 an LVM volume...
CVE-2011-4127
The Linux kernel before 3.2.2 does not properly restrict SGIO ioctl calls, which allows local users to bypass intended restrictions on disk read and write operations by sending a SCSI command to 1 a partition block device or 2 an LVM volume...
CVE-2011-4127
The Linux kernel before 3.2.2 does not properly restrict SGIO ioctl calls, which allows local users to bypass intended restrictions on disk read and write operations by sending a SCSI command to 1 a partition block device or 2 an LVM volume...
CVE-2011-4127
The Linux kernel before 3.2.2 does not properly restrict SGIO ioctl calls, which allows local users to bypass intended restrictions on disk read and write operations by sending a SCSI command to 1 a partition block device or 2 an LVM volume...
qemu security update
CentOS Errata and Security Advisory CESA-2012:0050 Updated qemu-kvm packages that fix one security issue, one bug, and add one enhancement are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common...
Medium: kernel
Issue Overview: The Linux kernel before 3.2.2 does not properly restrict SGIO ioctl calls, which allows local users to bypass intended restrictions on disk read and write operations by sending a SCSI command to 1 a partition block device or 2 an LVM volume. Affected Packages: kernel Issue...
kernel: possible privilege escalation via SG_IO ioctl
The Linux kernel before 3.2.2 does not properly restrict SGIO ioctl calls, which allows local users to bypass intended restrictions on disk read and write operations by sending a SCSI command to 1 a partition block device or 2 an LVM volume...
Moderate: Red Hat Security Advisory: xen security and bug fix update
Updated xen packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...