1320 matches found
kvm: arch/x86/kvm/x86.c: reading uninitialized stack memory
arch/x86/kvm/x86.c in the Linux kernel before 2.6.36.2 does not initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory via read operations on the /dev/kvm device...
kernel: bt sco_conninfo infoleak
The scosockgetsockoptold function in net/bluetooth/sco.c in the Linux kernel before 2.6.39 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via the SCOCONNINFO option...
RHEL 6 : Red Hat Enterprise Linux 6.1 kernel (RHSA-2011:0542)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2011:0542 advisory. - kvm: arch/x86/kvm/x86.c: reading uninitialized stack memory CVE-2010-3881 - kernel: unlimited socket backlog DoS CVE-2010-4251,...
kvm: arch/x86/kvm/x86.c: reading uninitialized stack memory
arch/x86/kvm/x86.c in the Linux kernel before 2.6.36.2 does not initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory via read operations on the /dev/kvm device...
Mandriva Linux Security Advisory : apr (MDVSA-2011:084)
It was discovered that the aprfnmatch function used an unconstrained recursion when processing patterns with the '' wildcard. An attacker could use this flaw to cause an application using this function, which also accepted untrusted input as a pattern for matching such as an httpd server using th...
apr security update
CentOS Errata and Security Advisory CESA-2011:0507 Updated apr packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS...
Moderate: Red Hat Security Advisory: apr security update
Updated apr packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...
kernel: xfs: prevent leaking uninitialized stack memory in FSGEOMETRY_V1
The xfsfsgeometry function in fs/xfs/xfsfsops.c in the Linux kernel before 2.6.38-rc6-git3 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FSGEOMETRYV1 ioctl call...
kernel: xfs: prevent leaking uninitialized stack memory in FSGEOMETRY_V1
The xfsfsgeometry function in fs/xfs/xfsfsops.c in the Linux kernel before 2.6.38-rc6-git3 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FSGEOMETRYV1 ioctl call...
kernel security and bug fix update
2.6.32-71.24.1.el6 - fs Revert 'fs inotify: stop kernel memory leak on file creation failure' Eric Paris 656831 656832 CVE-2010-4250 2.6.32-71.23.1.el6 - x86 Revert 'x86 mtrr: Assume SYSCFGTom2ForceMemTypeWB exists on all future AMD CPUs' Frank Arnold 683813 652208 2.6.32-71.22.1.el6 - rebuild...
CVE-2011-1082
fs/eventpoll.c in the Linux kernel before 2.6.38 places epoll file descriptors within other epoll data structures without properly checking for 1 closed loops or 2 deep chains, which allows local users to cause a denial of service deadlock or stack memory consumption via a crafted application tha...
Code injection
fs/eventpoll.c in the Linux kernel before 2.6.38 places epoll file descriptors within other epoll data structures without properly checking for 1 closed loops or 2 deep chains, which allows local users to cause a denial of service deadlock or stack memory consumption via a crafted application tha...
Ubuntu Update for linux vulnerabilities USN-1090-1
Ubuntu Update for Linux kernel vulnerabilities USN-1090-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN10901.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for linux vulnerabilities USN-1090-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH,...
CVE-2011-0711
The xfsfsgeometry function in fs/xfs/xfsfsops.c in the Linux kernel before 2.6.38-rc6-git3 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FSGEOMETRYV1 ioctl call...
CVE-2011-0719
Samba 3.x before 3.3.15, 3.4.x before 3.4.12, and 3.5.x before 3.5.7 does not perform range checks for file descriptors before use of the FDSET macro, which allows remote attackers to cause a denial of service stack memory corruption, and infinite loop or daemon crash by opening a large number of...
Memory corruption
Samba 3.x before 3.3.15, 3.4.x before 3.4.12, and 3.5.x before 3.5.7 does not perform range checks for file descriptors before use of the FDSET macro, which allows remote attackers to cause a denial of service stack memory corruption, and infinite loop or daemon crash by opening a large number of...
CVE-2011-0719
CVE-2011-0719 affects Samba 3.x before 3.3.15, 3.4.x before 3.4.12, and 3.5.x before 3.5.7. The flaw is missing range checks for file descriptors before use of FD_SET, enabling remote attackers to trigger a denial of service through opening many files, causing stack memory corruption, an infinite...
CVE-2011-0719
Samba 3.x before 3.3.15, 3.4.x before 3.4.12, and 3.5.x before 3.5.7 does not perform range checks for file descriptors before use of the FDSET macro, which allows remote attackers to cause a denial of service stack memory corruption, and infinite loop or daemon crash by opening a large number of...
CVE-2011-0719
Samba 3.x before 3.3.15, 3.4.x before 3.4.12, and 3.5.x before 3.5.7 does not perform range checks for file descriptors before use of the FDSET macro, which allows remote attackers to cause a denial of service stack memory corruption, and infinite loop or daemon crash by opening a large number of...
Ubuntu Update for linux vulnerabilities USN-1072-1
Ubuntu Update for Linux kernel vulnerabilities USN-1072-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN10721.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for linux vulnerabilities USN-1072-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH,...