Design/Logic Flaw

The pitioportread function in the Programmable Interval Timer PIT emulation in i8254.c in KVM 83 does not properly use the pitstate data structure, which allows guest OS users to cause a denial of service host OS crash or hang by attempting to read the /dev/port file...

Important: Red Hat Security Advisory: rhev-hypervisor security and bug fix update

An updated rhev-hypervisor package that fixes security issues and several bugs is now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The rhev-hypervisor package provides a Red Hat Enterprise Virtualization RHEV Hypervisor ISO disk...

CentOS 5 : kernel (CESA-2008:0275)

Updated kernel packages that fix various security issues and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux...

Sql injection

SQL injection vulnerability in the Taxonomy Timer module 5.x-1.8 and earlier and 6.x-alpha1 and earlier for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

CVE-2009-4296

SQL injection vulnerability in the Taxonomy Timer module 5.x-1.8 and earlier and 6.x-alpha1 and earlier for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

CVE-2009-4296

SQL injection vulnerability in the Taxonomy Timer module 5.x-1.8 and earlier and 6.x-alpha1 and earlier for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

CVE-2009-4296

The CVE describes an SQL injection vulnerability in Drupal’s Taxonomy Timer module, affecting 5.x-1.8 and earlier and 6.x-alpha1 and earlier. The root cause is an SQL injection that allows remote attackers to execute arbitrary SQL commands via unspecified vectors. The affected component is the Ta...

SA-CONTRIB-2009-110 - Taxonomy Timer - SQL Injection

The Taxonomy Timer module enables users to set expiration dates for Taxonomy Terms. At the time of expiration other terms can be assigned, or nodes can be unpublished. In some cases the module does not properly sanitize user input, leading to a SQL Injection vulnerability. Such an attack may lead...

kernel security and bug fix update

2.4.21-63.0.0.0.1.EL - add directio support for qla drivers herb ora 6346849 - support PT Quad card ora 5751043 - io to nfs partition hangs ora 5088963 - add entropy for bnx2 nic ora 5931647 - avoid large allocation-fragmentation in MTU zab - fix clear highpage wli 2.4.21-63.EL - fs: fix pipe nul...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 5.3 Extended Update Support. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the...

[SECURITY] Fedora 10 Update: kdetoys-4.3.1-1.fc10

kdetoys includes: amor: Amusing Misuse Of Resources put's comic figures above your windows kteatime: makes sure your tea does not get too strong ktux: Tux-in-a-Spaceship screen saver kweather: display the current weather outside...

Check Point response to Phrack article "Exploiting TCP Persist Timer Infiniteness" (CVE-2009-1926, VU#723308)

...

kernel security update

CentOS Errata and Security Advisory CESA-2009:1193 Updated kernel packages that fix several security issues and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages...

FreeBSD Security Advisory (FreeBSD-SA-09:06.ktimer.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-09:06.ktimer.asc SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

CVE-2009-1041

The ktimer feature sys/kern/kerntime.c in FreeBSD 7.0, 7.1, and 7.2 allows local users to overwrite arbitrary kernel memory via an out-of-bounds timer value...

Important: Red Hat Security Advisory: kernel-rt security and bug fix update

Updated kernel packages that fix several security issues and several bugs are now available for Red Hat Enterprise MRG 1.1. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux...

USN-715-1: Linux kernel vulnerabilities

Hugo Dias discovered that the ATM subsystem did not correctly manage socket counts. A local attacker could exploit this to cause a system hang, leading to a denial of service. CVE-2008-5079 It was discovered that the inotify subsystem contained watch removal race conditions. A local attacker coul...

USN-714-1: Linux kernel vulnerabilities

Hugo Dias discovered that the ATM subsystem did not correctly manage socket counts. A local attacker could exploit this to cause a system hang, leading to a denial of service. CVE-2008-5079 It was discovered that the libertas wireless driver did not correctly handle beacon and probe responses. A...

kernel: sctp: Fix oops when INIT-ACK indicates that peer doesn't support AUTH

sctp in Linux kernel before 2.6.25.18 allows remote attackers to cause a denial of service OOPS via an INIT-ACK that states the peer does not support AUTH, which causes the sctpprocessinit function to clean up active transports and triggers the OOPS when the T1-Init timer expires...

kernel: sctp: Fix oops when INIT-ACK indicates that peer doesn't support AUTH

sctp in Linux kernel before 2.6.25.18 allows remote attackers to cause a denial of service OOPS via an INIT-ACK that states the peer does not support AUTH, which causes the sctpprocessinit function to clean up active transports and triggers the OOPS when the T1-Init timer expires...