1904 matches found
CVE-2007-5908
Rejected reason: Buffer overflow in the 1 sysfsshowavailableclocksources and 2 sysfsshowcurrentclocksources functions in Linux kernel 2.6.23 and earlier might allow local users to cause a denial of service or execute arbitrary code via crafted clock source names. NOTE: follow-on analysis by Linux...
Null pointer to an inode in a dentry can cause an oops in sysfs_readdir
The sysfsreaddir function in the Linux kernel 2.6, as used in Red Hat Enterprise Linux RHEL 4.5 and other distributions, allows users to cause a denial of service kernel OOPS by dereferencing a null pointer to an inode in a dentry...
Mandrake Linux Security Advisory : kernel (MDKSA-2006:123)
A number of vulnerabilities were discovered and corrected in the Linux 2.6 kernel : The kernel did not clear sockaddrin.sinzero before returning IPv4 socket names for the getsockopt function, which could allow a local user to obtain portions of potentially sensitive memory if getsockopt is called...
Ubuntu 5.04 / 5.10 : linux-source-2.6.10, linux-source-2.6.12 vulnerabilities (USN-281-1)
The sysmbind function did not properly verify the validity of the 'maxnod' argument. A local user could exploit this to trigger a buffer overflow, which caused a kernel crash. CVE-2006-0557 The SELinux module did not correctly handle the tracer SID when a process was already being traced. A local...
Fedora Core 4 : kernel-2.6.16-1.2096_FC4 (2006-423)
This update includes a number of security issues that have been fixed upstream over the last week or so. i386/x86-64: Fix x87 information leak between processes CVE-2006-1056 iprouteinput panic fix CVE-2006-1525 fix MADVREMOVE vulnerability CVE-2006-1524 shmat: stop mprotect from giving write...
Fedora Core 5 : kernel-2.6.16-1.2096_FC5 (2006-421)
This update includes a number of security issues that have been fixed upstream over the last week or so. i386/x86-64: Fix x87 information leak between processes CVE-2006-1056 iprouteinput panic fix CVE-2006-1525 fix MADVREMOVE vulnerability CVE-2006-1524 shmat: stop mprotect from giving write...
CVE-2006-1055
The fillwritebuffer function in sysfs/file.c in Linux kernel 2.6.12 up to versions before 2.6.17-rc1 does not zero terminate a buffer when a length of PAGESIZE or more is requested, which might allow local users to cause a denial of service crash by causing an out-of-bounds read...
CVE-2006-1055
CVE-2006-1055: The Linux kernel
Ubuntu 4.10 / 5.04 : linux-source-2.6.8.1, linux-source-2.6.10 vulnerabilities (USN-131-1)
Colin Percival discovered an information disclosure in the 'Hyper Threading Technology' architecture in processors which are capable of simultaneous multithreading in particular Intel Pentium 4, Intel Mobile Pentium 4, and Intel Xeon processors. This allows a malicious thread to monitor the...
RHEL 4 : udev (RHSA-2005:864)
Updated udev packages that fix a security issue are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The udev package contains an implementation of devfs in userspace using sysfs and /sbin/hotplug. Richard Cunningham discovered a...
[SECURITY] [DSA 922-1] New Linux 2.6.8 packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 922-1 [email protected] http://www.debian.org/security/ Martin Schulze December 14th, 2005 http://www.debian.org/security/faq -...
DSA-922-1 kernel-source-2.6.8 - several
Bulletin has no description...
CVE-2005-3179
drm.c in Linux kernel 2.6.10 to 2.6.13 creates a debug file in sysfs with world-readable and world-writable permissions, which allows local users to enable DRM debugging and obtain sensitive information...
CVE-2005-3179
drm.c in Linux kernel 2.6.10 to 2.6.13 creates a debug file in sysfs with world-readable and world-writable permissions, which allows local users to enable DRM debugging and obtain sensitive information...
CVE-2005-3179
CVE-2005-3179 affects the Linux kernel, specifically the drm.c path in kernel versions 2.6.10 through 2.6.13. The vulnerability arises because a debug file is created in sysfs with world‑readable and world‑writable permissions. This allows a local user to enable DRM debugging and potentially obta...
CVE-2004-2302
Race condition in the sysfsreadfile and sysfswritefile functions in Linux kernel before 2.6.10 allows local users to read kernel memory and cause a denial of service crash via large offsets in sysfs files...
CVE-2004-2302
CVE-2004-2302 is a race condition in the Linux kernel’s sysfs_read_file and sysfs_write_file, present in 2.6.10 and earlier. It can let local users read kernel memory and cause a denial of service (crash) by exploiting large offsets in sysfs files. Public advisories (e.g., Debian DSA-922-1) docum...
CVE-2005-1369
The 1 it87 and 2 via686a drivers in I2C for Linux 2.6.x before 2.6.11.8, and 2.6.12 before 2.6.12-rc2, create the sysfs "alarms" file with write permissions, which allows local users to cause a denial of service CPU consumption by attempting to write to the file, which does not have an associated...
CVE-2005-0867
Integer overflow in Linux kernel 2.6 allows local users to overwrite kernel memory by writing to a sysfs file...
CVE-2005-1369
The 1 it87 and 2 via686a drivers in I2C for Linux 2.6.x before 2.6.11.8, and 2.6.12 before 2.6.12-rc2, create the sysfs "alarms" file with write permissions, which allows local users to cause a denial of service CPU consumption by attempting to write to the file, which does not have an associated...