156 matches found
USN-1204-1: Linux kernel (i.MX51) vulnerabilities
Dan Rosenberg discovered that the Linux kernel TIPC implementation contained multiple integer signedness errors. A local attacker could exploit this to gain root privileges. CVE-2010-3859 Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local...
Ubuntu Update for linux USN-1167-1
Ubuntu Update for Linux kernel vulnerabilities USN-1167-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN11671.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for linux USN-1167-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This...
Mandriva Linux Security Advisory : php (MDVSA-2011:052)
Multiple vulnerabilities has been identified and fixed in php : The zipnamelocate function in zipnamelocate.c in the Zip extension in PHP before 5.3.6 does not properly handle a ZIPARCHIVE::FLUNCHANGED argument, which might allow context-dependent attackers to cause a denial of service applicatio...
Ubuntu 9.10 : linux, linux-ec2 vulnerabilities (USN-1073-1)
Gleb Napatov discovered that KVM did not correctly check certain privileged operations. A local attacker with access to a guest kernel could exploit this to crash the host system, leading to a denial of service. CVE-2010-0435 Dan Jacobson discovered that ThinkPad video output was not correctly...
Ubuntu: Security Advisory (USN-1054-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 10.04 LTS / 10.10 : linux, linux-ec2 vulnerabilities (USN-1054-1)
Gleb Napatov discovered that KVM did not correctly check certain privileged operations. A local attacker with access to a guest kernel could exploit this to crash the host system, leading to a denial of service. CVE-2010-0435 Dan Rosenberg discovered that the Linux kernel TIPC implementation...
kernel: tipc: heap overflow in tipc_msg_build()
Multiple integer signedness errors in the TIPC implementation in the Linux kernel before 2.6.36.2 allow local users to gain privileges via a crafted sendmsg call that triggers a heap-based buffer overflow, related to the tipcmsgbuild function in net/tipc/msg.c and the verifyiovec function in...
kernel: tipc: heap overflow in tipc_msg_build()
Multiple integer signedness errors in the TIPC implementation in the Linux kernel before 2.6.36.2 allow local users to gain privileges via a crafted sendmsg call that triggers a heap-based buffer overflow, related to the tipcmsgbuild function in net/tipc/msg.c and the verifyiovec function in...
CVE-2010-3859
Multiple integer signedness errors in the TIPC implementation in the Linux kernel before 2.6.36.2 allow local users to gain privileges via a crafted sendmsg call that triggers a heap-based buffer overflow, related to the tipcmsgbuild function in net/tipc/msg.c and the verifyiovec function in...
CVE-2010-3859
CVE-2010-3859 stems from multiple signedness errors in the Linux kernel’s TIPC implementation, allowing local privilege escalation via a crafted sendmsg that triggers a heap-based buffer overflow in tipc_msg_build and related iovec handling (verify_iovec). Public sources confirm affected historic...
CVE-2010-3859
Multiple integer signedness errors in the TIPC implementation in the Linux kernel before 2.6.36.2 allow local users to gain privileges via a crafted sendmsg call that triggers a heap-based buffer overflow, related to the tipcmsgbuild function in net/tipc/msg.c and the verifyiovec function in...
CVE-2010-2530
Multiple integer signedness errors in smbsubr.c in the netsmb module in the kernel in NetBSD 5.0.2 and earlier, FreeBSD, and Apple Mac OS X allow local users to cause a denial of service panic via a negative size value in a /dev/nsmb ioctl operation, as demonstrated by a 1 SMBIOCLOOKUP or 2...
CVE-2010-3310
Multiple integer signedness errors in net/rose/afrose.c in the Linux kernel before 2.6.36-rc5-next-20100923 allow local users to cause a denial of service heap memory corruption or possibly have unspecified other impact via a rosegetname function call, related to the rosebind and roseconnect...
Integer overflow
Multiple integer signedness errors in net/rose/afrose.c in the Linux kernel before 2.6.36-rc5-next-20100923 allow local users to cause a denial of service heap memory corruption or possibly have unspecified other impact via a rosegetname function call, related to the rosebind and roseconnect...
Integer overflow
Multiple integer signedness errors in smbsubr.c in the netsmb module in the kernel in NetBSD 5.0.2 and earlier, FreeBSD, and Apple Mac OS X allow local users to cause a denial of service panic via a negative size value in a /dev/nsmb ioctl operation, as demonstrated by a 1 SMBIOCLOOKUP or 2...
CVE-2010-2530
CVE-2010-2530 is described across multiple sources as multiple integer signedness errors in netsmb’s smb_subr.c (kernel, netsmb module). Affects NetBSD 5.0.2 and earlier, FreeBSD, and Apple macOS. The issue allows local attackers to cause a denial of service (panic) by providing a negative size v...
CVE-2010-3310
Multiple integer signedness errors in net/rose/afrose.c in the Linux kernel before 2.6.36-rc5-next-20100923 allow local users to cause a denial of service heap memory corruption or possibly have unspecified other impact via a rosegetname function call, related to the rosebind and roseconnect...
CVE-2010-2530
Multiple integer signedness errors in smbsubr.c in the netsmb module in the kernel in NetBSD 5.0.2 and earlier, FreeBSD, and Apple Mac OS X allow local users to cause a denial of service panic via a negative size value in a /dev/nsmb ioctl operation, as demonstrated by a 1 SMBIOCLOOKUP or 2...
CVE-2010-3310
Multiple integer signedness errors in net/rose/afrose.c in the Linux kernel before 2.6.36-rc5-next-20100923 allow local users to cause a denial of service heap memory corruption or possibly have unspecified other impact via a rosegetname function call, related to the rosebind and roseconnect...
CVE-2010-0646
Multiple integer signedness errors in factory.cc in Google V8 before r3560, as used in Google Chrome before 4.0.249.89, allow remote attackers to execute arbitrary code in the Chrome sandbox via crafted use of JavaScript arrays...