kernel security, bug fix, and enhancement update

2.6.32-131.17.1.el6 - Revert: net ipv6: make fragment identifications less predictable Jiri Pirko 723432 723433 CVE-2011-2699 2.6.32-131.16.1.el6 - net brmulticast: Ensure to initialize BRINPUTSKBCBskb-mroutersonly. Frantisek Hrbata 739477 738110 2.6.32-131.15.1.el6 - rebuild 2.6.32-131.14.1.el6 ...

CVE-2011-2494

kernel/taskstats.c in the Linux kernel before 3.1 allows local users to obtain sensitive I/O statistics by sending taskstats commands to a netlink socket, as demonstrated by discovering the length of another user's password...

UBUNTU-CVE-2011-2494

kernel/taskstats.c in the Linux kernel before 3.1 allows local users to obtain sensitive I/O statistics by sending taskstats commands to a netlink socket, as demonstrated by discovering the length of another user's password...

Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-1216-1)

Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. CVE-2010-4076, CVE-2010-4077 Alex Shi and Eric Dumazet discovered that the network stack...

Ubuntu: Security Advisory (USN-1205-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu Update for linux-lts-backport-maverick USN-1205-1

Ubuntu Update for Linux kernel vulnerabilities USN-1205-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN12051.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for linux-lts-backport-maverick USN-1205-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH,...

Ubuntu Update for linux USN-1201-1

Ubuntu Update for Linux kernel vulnerabilities USN-1201-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN12011.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for linux USN-1201-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This...

Ubuntu Update for linux-mvl-dove USN-1203-1

Ubuntu Update for Linux kernel vulnerabilities USN-1203-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN12031.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for linux-mvl-dove USN-1203-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.n...

Ubuntu 10.04 LTS : linux-lts-backport-maverick vulnerabilities (USN-1205-1)

It was discovered that the /proc filesystem did not correctly handle permission changes when programs executed. A local attacker could hold open files to examine details about programs running with higher privileges, potentially increasing the chances of exploiting additional vulnerabilities...

Ubuntu 10.10 : linux vulnerabilities (USN-1201-1)

It was discovered that the /proc filesystem did not correctly handle permission changes when programs executed. A local attacker could hold open files to examine details about programs running with higher privileges, potentially increasing the chances of exploiting additional vulnerabilities...

USN-1205-1: Linux kernel (Maverick backport) vulnerabilities

It was discovered that the /proc filesystem did not correctly handle permission changes when programs executed. A local attacker could hold open files to examine details about programs running with higher privileges, potentially increasing the chances of exploiting additional vulnerabilities...

USN-1203-1: Linux kernel (Marvel DOVE) vulnerabilities

Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. CVE-2010-4076, CVE-2010-4077 Alex Shi and Eric Dumazet discovered that the network stack...

USN-1201-1: Linux kernel vulnerabilities

It was discovered that the /proc filesystem did not correctly handle permission changes when programs executed. A local attacker could hold open files to examine details about programs running with higher privileges, potentially increasing the chances of exploiting additional vulnerabilities...

kernel: taskstats: duplicate entries in listener mode can lead to DoS

The adddellistener function in kernel/taskstats.c in the Linux kernel 2.6.39.1 and earlier does not prevent multiple registrations of exit handlers, which allows local users to cause a denial of service memory and CPU consumption, and bypass the OOM Killer, via a crafted application...

Ubuntu Update for linux USN-1193-1

Ubuntu Update for Linux kernel vulnerabilities USN-1193-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN11931.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for linux USN-1193-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This...

Ubuntu: Security Advisory (USN-1193-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-1193-1: Linux kernel vulnerabilities

Timo Warns discovered that the GUID partition parsing routines did not correctly validate certain structures. A local attacker with physical access could plug in a specially crafted block device to crash the system, leading to a denial of service. CVE-2011-1577 Phil Oester discovered that the...

USN-1186-1: Linux kernel vulnerabilities

Dan Rosenberg discovered that IPC structures were not correctly initialized on 64bit systems. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. CVE-2010-4073 Steve Chen discovered that setsockopt did not correctly check MSS values. A local attacker cou...

Code injection

The adddellistener function in kernel/taskstats.c in the Linux kernel 2.6.39.1 and earlier does not prevent multiple registrations of exit handlers, which allows local users to cause a denial of service memory and CPU consumption, and bypass the OOM Killer, via a crafted application...

CVE-2011-2484

CVE-2011-2484 affects the Linux kernel, specifically code paths in kernel/taskstats.c. In kernels 2.6.39.1 and earlier, add_del_listener does not prevent multiple registrations of exit handlers, enabling a local attacker to cause denial of service through memory/CPU exhaustion and potentially byp...