PT-2010-5158 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to 2.6.36 Description: The issue is related to improper input validation in the Reliable Datagram Sockets RDS protocol implementation. Specifically, the rds page copy user function in net/rds/page.c does not proper...

CVE-2010-3904

The rdspagecopyuser function in net/rds/page.c in the Reliable Datagram Sockets RDS protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from user space, which allows local users to gain privileges via crafted use of the sendmsg and recvmsg syste...

kernel: fix soft lockups/OOM issues with unix socket garbage collector

Linux kernel 2.6.28 allows local users to cause a denial of service "soft lockup" and process loss via a large number of sendmsg function calls, which does not block during AFUNIX garbage collection and triggers an OOM condition, a different vulnerability than CVE-2008-5029...

Ubuntu 8.10 : linux vulnerabilities (USN-715-1)

Hugo Dias discovered that the ATM subsystem did not correctly manage socket counts. A local attacker could exploit this to cause a system hang, leading to a denial of service. CVE-2008-5079 It was discovered that the inotify subsystem contained watch removal race conditions. A local attacker coul...

kernel: fix soft lockups/OOM issues with unix socket garbage collector

Linux kernel 2.6.28 allows local users to cause a denial of service "soft lockup" and process loss via a large number of sendmsg function calls, which does not block during AFUNIX garbage collection and triggers an OOM condition, a different vulnerability than CVE-2008-5029...

RedHat Security Advisory RHSA-2009:0053

The remote host is missing kernel updates announced in advisory RHSA-2009:0053. These updated packages address the following security issues: a flaw was found in the Asynchronous Transfer Mode ATM subsystem. A local, unprivileged user could use the flaw to listen on the same socket more than once...

Important: Red Hat Security Advisory: kernel-rt security and bug fix update

Updated kernel packages that fix several security issues and several bugs are now available for Red Hat Enterprise MRG 1.1. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux...

kernel: fix soft lockups/OOM issues with unix socket garbage collector

Linux kernel 2.6.28 allows local users to cause a denial of service "soft lockup" and process loss via a large number of sendmsg function calls, which does not block during AFUNIX garbage collection and triggers an OOM condition, a different vulnerability than CVE-2008-5029...

USN-715-1: Linux kernel vulnerabilities

Hugo Dias discovered that the ATM subsystem did not correctly manage socket counts. A local attacker could exploit this to cause a system hang, leading to a denial of service. CVE-2008-5079 It was discovered that the inotify subsystem contained watch removal race conditions. A local attacker coul...

USN-714-1: Linux kernel vulnerabilities

Hugo Dias discovered that the ATM subsystem did not correctly manage socket counts. A local attacker could exploit this to cause a system hang, leading to a denial of service. CVE-2008-5079 It was discovered that the libertas wireless driver did not correctly handle beacon and probe responses. A...

kernel: fix soft lockups/OOM issues with unix socket garbage collector

Linux kernel 2.6.28 allows local users to cause a denial of service "soft lockup" and process loss via a large number of sendmsg function calls, which does not block during AFUNIX garbage collection and triggers an OOM condition, a different vulnerability than CVE-2008-5029...

CVE-2008-5300

Linux kernel 2.6.28 allows local users to cause a denial of service "soft lockup" and process loss via a large number of sendmsg function calls, which does not block during AFUNIX garbage collection and triggers an OOM condition, a different vulnerability than CVE-2008-5029...

CVE-2008-5300

Linux kernel 2.6.28 allows local users to cause a denial of service "soft lockup" and process loss via a large number of sendmsg function calls, which does not block during AFUNIX garbage collection and triggers an OOM condition, a different vulnerability than CVE-2008-5029...

Linux Kernel "sendmsg()" Garbage Collector拒绝服务漏洞

A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS Denial of Service. The vulnerability is caused due "sendmsg" not correctly blocking while the UNIX garbage collector is running. This can be exploited to e.g. cause soft lockups ...

Linux Kernel < 2.4.36.9/2.6.27.5 Unix Sockets Local Kernel Panic Exploit

No description provided by source. include sys/socket.h include sys/un.h include unistd.h include assert.h include err.h include stdlib.h static int ownchildint us int pid; int s2; struct msghdr mh; char crap1024; struct iovec iov; struct cmsghdr c; int fd; int rc; pid = fork; if pid == -1 err1,...

Linux Kernel __scm_destroy()本地拒绝服务漏洞

BUGTRAQ ID: 32154 CVECAN ID: CVE-2008-5029 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的net/core/scm.c文件中的scmdestroy函数可能通过调用fput函数间接地递归调用其本身，本地攻击者可以通过UNIX域套接字发送SCMRIGHTS消息并关闭文件描述符导致拒绝服务的情况。 Linux kernel 2.6.27.4 Linux kernel 2.6.26 Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

Linux Kernel 2.4.36.92.6.27.5 - Unix Sockets Local Kernel Panic (Denial of Service)

Linux Kernel 2.4.36.92.6.27.5 - Unix Sockets Local Kernel Panic Denial of Service include include include include include include static int ownchildint us int pid; int s2; struct msghdr mh; char crap1024; struct iovec iov; struct cmsghdr c; int fd; int rc; pid = fork; if pid == -1 err1, "fork"; ...

aWebNews v 1.1=>RFI

To ConTacT mE @ www.Asb-May.net/bb ScRiPt:-http://scripts.ringsworld.com/news-publishing/awebnews.zip GrEaTz To:-ToOofa-HaCk.eGy All AsB-MaY DisCoverY ExPloIts GrOup Discovered By:- ThE dE@Th AsB-MaY DiScOvEr ExPlIoTs Gr0uP comment.php:- sendmsg:- include...

CVE-2006-6654

The sendmsg function in NetBSD-current before 20061023, NetBSD 3.0 and 3.0.1 before 20061024, and NetBSD 2.x before 20061029, when run on a 64-bit architecture, allows attackers to cause a denial of service kernel panic via an invalid msgcontrollen parameter to the sendit function...

CVE-2006-6654

The CVE covers a vulnerability in NetBSD where the sendmsg path on 64-bit architectures can panic the kernel due to an invalid msg_controllen passed to sendit. Affected are NetBSD-current prior to 20061023, NetBSD 3.0 and 3.0.1 prior to 20061024, and NetBSD 2.x prior to 20061029. The issue is a d...